Stop you guys are scary the children! It’s enough that the NSA is leaking data and blaming it on Virus scanning software companies. Now you guys have the all seeing eye putting backdoor code in every processor in all things on the interwebs. How are we supposed to sleep at night?? ;-)
From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Monday, November 20, 2017 11:34 AM To: ntsysadm <[email protected]> Subject: Re: [NTSysADM] OS in the CPU Notice: This email is from an outside source. Please do not open any attachments, click on any hyperlinks, or respond without first confirming the authenticity of the email. There are always more problems: https://www.thezdi.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor https://www.youtube.com/watch?v=uRemWLNBSZg On Mon, Nov 20, 2017 at 8:05 AM, Andrew S. Baker <[email protected]<mailto:[email protected]>> wrote: But wait! There's more... https://www.youtube.com/watch?v=KrksBdWcZgQ (I see your "solution" and raise you two more problems) Regards, ASB On Sun, Nov 19, 2017 at 12:28 PM, Kurt Buff <[email protected]<mailto:[email protected]>> wrote: The OS in question (minix), isn't in the main CPU - it's in the CPU of the management engine, which is completely separate, and doesn't, or at least shouldn't, affect system performance. https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Hardware That actually makes it worse, since as long as the machine is connect to power, even though putatively "off", the management engine is available. That is, if it's been configured. This is an enterprise feature, so the ME is usually not active in consumer-grade computers. But, if it's present and turned on, then it's pretty risky: https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/ But there's some hope, of a sort - Google is on the case: http://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html Kurt On Sun, Nov 19, 2017 at 6:34 AM, Andrew S. Baker <[email protected]<mailto:[email protected]>> wrote: No wonder our machines don't seem as fast as we think they *could* be... They're busy running more stuff than we thought: http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/ The security implications are also pretty staggering... Regards, ASB This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
