Intel chip vulnerability lets hackers easily hijack fleets of PCs

Discussion in 'PC Hardware' started by MrG, May 9, 2017.

  1. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,446
    703
    120
    im sure the Russians exploited this vulnerability years ago;)
     
  2. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    4,872
    5,765
    150
    ^^
    I believe that a lot of black hat's also make some bad things from more countries ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,311
    1,944
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    4,872
    5,765
    150
    Hi Joe C, good find dude very insteresting article then I'm not wrong :rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. GOD666

    GOD666 MDL Expert

    Aug 1, 2015
    1,972
    2,050
    60
    America is behind and will remain behind because our mentality and legal system are incompatible with the digital age.

    For example, I forget the company, but it was in the news a few years ago, when someone discovered a backdoor on a website. All this person really did was click on a link found through a search engine and as soon as they realized it was not meant to be public, they did the right thing and reported it. This is by no means, hacking. Yet that poor soul was not only fined but also prosecuted for mistakenly discovering the backdoor. The difference between America and overseas is overseas, the company would not have lawyered up, they would have not only thanked him for finding their mistake but also wrote him a check and possibly offered him a job.

    The reason for this is in America we see hacking as some sort of evil which must be published at all cost with no exceptions. Overseas, hacking is a career. Not only can you get a job as a professional hacker, you can also obtain a college degree in hacking. Further, they reward you for discovering and reporting flaws, as opposed to America, where they punish you for exposing them.
     
  6. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,311
    1,944
    120
    #67 Joe C, Jun 2, 2017
    Last edited: Jun 2, 2017
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    769
    1,082
    30
    #68 John Sutherland, Jun 2, 2017
    Last edited: Jun 3, 2017
    Hello @ Joe C - When I see the quote that appears at the very beginning of that movie, it's obvious what is currently happening in America's schools and colleges. The teaching of American history has been turned completely on it's head and has been done so deliberately. I know it's off topic but I felt I should mention it regardless.

    "Who controls the past controls the future. Who controls the present controls the past."
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. WindowsGeek

    WindowsGeek MDL Addicted

    Jun 30, 2015
    698
    148
    30
    Dell send firmware update to their computers in vulnerability list , about time:)

    upload_2017-6-2_15-11-56.png
     
  9. Hadron-Curious

    Hadron-Curious MDL Guru

    Jul 4, 2014
    3,577
    536
    120
    #70 Hadron-Curious, Jun 2, 2017
    Last edited: Jun 5, 2017
    I am not surprised Dell systems being some of those affected. The quick response proves that it cares about it users. That is what I call good company with a good intention. I am really moved by this Dell single action to protect its customers.
     
  10. RJARRRPCGP

    RJARRRPCGP MDL Senior Member

    Feb 24, 2010
    299
    35
    10
    #71 RJARRRPCGP, Jun 4, 2017
    Last edited: Jun 4, 2017
    AsusP6TDeluxe.jpg
    What now? For my Asus P6T Deluxe, it replies with the same response as a socket 775, saying "Unknown".
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,446
    703
    120
    that is strange...go to asus and check if your running the latest firmware...also check asus forums and see if theirs reports of this vulnerability for your system.
     
  12. John Sutherland

    John Sutherland MDL Addicted

    Oct 15, 2014
    769
    1,082
    30
    Hello @ RJARRRPCGP - I went to the Asus support website and downloaded the owner's manual for their P6T Deluxe mobo. I read it from cover to cover and found no mention of Intel AMT/ME being used on that particular mobo, which explains why you see "unknown" as the result. As I stated previously, AMT/ME resides on a separate chipset on the motherboard itself. AMT/ME does interact with the main CPU but is not physically a part of it. Given your result and the lack of any mention in your owner's manual of how to activate or use AMT/ME, I would say you're safe and have nothing to worry about.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Hadron-Curious

    Hadron-Curious MDL Guru

    Jul 4, 2014
    3,577
    536
    120
    Isn't it the same firewall you bypass when remotely doing reinstallation of your operating system? It is clear most people with the ability to exploit such vulnerability would as well be capable of bypassing the firewall in some cases. Meanwhile, I am glad you have applied the firmware fix to feel safe despite 'safe' in itself as eulogized often is not 100% guaranteed on the internet. Hackers would always have a way around things.

    For those of you interested in knowing some of the vulnerable processors we now have 'INTEL-SA-00079' on the list.
     
  14. foxyrick

    foxyrick MDL Junior Member

    Aug 25, 2011
    96
    44
    0
    No, everything's internal. When I was using OpenBSD for my firewall box, I set up port knocking (security by obscurity - frowned on by some) to open a service port if I needed external access. These days I don't bother with that and use certificates on my portable kit for authentication.

    My current router is one of those mentioned/exploited in the recent 'leaks' of supposed NSA stuff. It's fixed now, too.

    You're right, nothing is 'safe'. All we can do is at least not make it easy for them and fill in the holes as they appear.