Robert Steele: Details on NSA Backdoor in INTEL Chips

Discussion in 'Serious Discussion' started by emk810, Mar 29, 2017.

  1. emk810

    emk810 MDL Member

    May 12, 2016
    144
    281
    10
    "I have consulted with my senior NSA colleagues and they validate this information."

    [​IMG]
     
  2. Michaela Joy

    Michaela Joy MDL Crazy Lady

    Jul 26, 2012
    3,437
    3,576
    120
    Can you post sources? That would give us an audit trail, so that we can determine how credible the source is.

    Welcome to MDL, btw. :welcome2:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,702
    3,704
    180

    :D :D lmao
     
  4. emk810

    emk810 MDL Member

    May 12, 2016
    144
    281
    10
    I'm not an expert and don't know anything about this topic. I'm hoping to get more info here.

    I can't post links: "To be able to post links or images your post count must be 20 or greater. You currently have 1 posts."

    I found the pic from Robert Steeles Blog called phibetaiota (.net)

    More info

    Secret of Intel Management Engine by Igor Skochinsky (slideshare)

    Neutralizing Intel’s Management Engine (hackaday(.com))
     
  5. emk810

    emk810 MDL Member

    May 12, 2016
    144
    281
    10
    Those are Robert Steeles words :)
     
  6. tonto11

    tonto11 MDL Addicted

    Jun 18, 2012
    530
    220
    30
    #6 tonto11, Mar 29, 2017
    Last edited: Mar 29, 2017
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,702
    3,704
    180
    :D That makes more sense then, you'll discover here on MDL just how many new members come here claiming such things
     
  8. Myrrh

    Myrrh MDL Expert

    Nov 26, 2008
    1,387
    491
    60
    Confirms my earlier suspicion. To have any privacy, one must become Amish, live off the land, and not speak to or interact with any outsiders.

    I suppose with a good firewall and other tools, you could monitor and/or block any such "backdoor" traffic once you become aware of what it is. The firewall probably has backdoors as well.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. JBenal

    JBenal MDL Senior Member

    Nov 2, 2009
    431
    156
    10
    #9 JBenal, Mar 29, 2017
    Last edited: Mar 29, 2017
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. gorski

    gorski MDL Guru

    Oct 21, 2009
    2,796
    720
    90
    Shock, horror!

    You mean, like M$, Yahoo, Google and all the rest of them...???:rolleyes::p
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    941
    869
    30
    Original Post/source/discussion:
    https://boards.4chan.org/pol/thread/117886401/intel-me


    I will explain a bit more on this until I finished several tests. Since there are a lot of open questions (look at the discussions on the original post). Especially if it can bypass your NAT firewall.
     
  12. Tito

    Tito Super Mod / Adviser
    Staff Member

    Nov 30, 2009
    17,213
    14,772
    340
    http://www.win-raid.com/t596f39-Int...s-Firmware-amp-System-Tools-170.html#msg33251

     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. JFKI

    JFKI MDL Expert

    Oct 25, 2015
    1,098
    369
    60
    <-- opens server and pulls the "SUPERMICRO SIM1U+ REMOTE MANAGEMENT CARD WITH AOC-USB2RJ45 CABLE" until more info is available.

    [​IMG]
     
  14. CHEF-KOCH

    CHEF-KOCH MDL Addicted

    Jan 7, 2008
    941
    869
    30
    I want to collect the facts here:

    • NSA never officially admit such thing (well no surprise) there are only 'opinions' and demands.
    • Just sourcing NSA colleagues does very little for credibility. The person itself is known to be trusted since he is father of open source. So if there are question then more about the details (which aren't really shown).
    • Example.
    • Saying that NSA can abuse it would require a partnership with Intel to directly implement several things to make this undetectable. It requires time and huge money, I doubt that Intel would allow that, especially if it would come out it would ruin entire trust in Intel and again money reasons.
    • It can't bypass the Firewall NAT (even if that was true). it's still physically connected through the same internet cable and the router (current gen) detect the status + it can log traffic and and and. It's not even theoretically possible to bypass it, because the TCP/Ip stack is reliable on the OSI model (which uses mostly 4 suites in current protocol sessions). Phys, Data, Network (Ethernet) and Transport ... The other 3 are normally not necessary, if we talking about bypassing the NAT since every e.g. Session (Layer 5) would immediately pickup-by your logging mechanism.
    • CPU exploits, are possible and would be the 'better' alternative since it would be harder to detect. The mentioned SandyBridge hole which is mentioned in some of the sources are wrong, it's vulnerable but it's not related to ME - ,it's basically a architectural privilege escalation.
    • The AMT/ME concern mentioned on Wikipedia are common, which also applies to every hardware which runs out of the OS. It's related on the how the public key infrastructure was build, but without any source code it's difficult to test and verify if it's a backdoor since no keys were leaked to test this directly. If you use a admin password you at least prevent access to the management console.
    • The 'when they are compromised' discussions are useless anyway, this applies to software same like with hardware.
    • When the secret Boot mechanism is embedded in the chipset is started up, it normally should first check the SHA256 checksum of the public key (matches the one from the factory) - which then verifies the RSA signature of the firmware payload by e.g. recalculating it and comparing it to the store signature. In theory there is no way to hack the signature checking mechanism because it's done by code stored in a ROM buried in silicon, even trough we have the public key and the signature. What does it mean? You need to exploit the bootloader directly. The Intel ME (Huffan) algorithm is given here btw.
    • Does any wild exploit is available? Not from my knowledge.
    • Is AMD also affected by this? Yes they have a slightly different version of ME, they call it Platform Security Processor (PSP).
    • Is it a good recommendation to disable ME via me cleaner or other tools? No, it can result in bad side-effects, you get stability problems, GbE doesn't work and possible other features are f**ed up. Only try if you know the risks or for testing reasons since there is never a guarantee. In my own test I even was forced to use ME driver otherwise I had troubles with some devices and their communication.

    Rest is FUD without any proof. :sneaky:


    Source/Research:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744 (original addressed to Linux only .. later classified as Win, BSD and potentially OS X too)
    https://chiefio.wordpress.com/2017/02/03/for-deep-security-use-arm-avoid-intel-amd-processors/
    https://security.stackexchange.com/questions/40257/backdoors-in-hardware-ie-intel-amd-cpu-possible
    https://www.reddit.com/r/linux/comm...ed_facet=ODIN’S+EYEhttp://me.bios.io/ME:About


    'Original' re-opened question/topics:
    http://www.techrepublic.com/article...oards.4chan.org/pol/thread/117886401/intel-me
    https://www.youtube.com/watch?v=Ck8bIjAUJgE (deleted - uploader account banned)
    https://www.blackhat.com/docs/us-15...llowing-Universal-Privilege-Escalation-wp.pdf
     
  15. emk810

    emk810 MDL Member

    May 12, 2016
    144
    281
    10
    https://forums.mydigitallife.net/th...ts-hackers-easily-hijack-fleets-of-pcs.74234/
     
  16. gorski

    gorski MDL Guru

    Oct 21, 2009
    2,796
    720
    90
    Wow! Even if the PC is powered off?

    So, only cable outta network works, then...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. Smokva

    Smokva MDL Novice

    May 13, 2017
    27
    16
    0
    I stumbled upon this issue as I was trying to figure out what the heck Intel ME is on my BIOS and if I can avoid reinstalling it during my computer refresh. And one of the most "interesting" links I found was https://social.technet.microsoft.co...ine-interface-what-is-it?forum=w7itprogeneral.

    Since the original question matched mine exactly, I found it hilariously disturbing that the answer that was 'chosen' - by a moderator no less! - was censored and the person who wrote it evidently banned within 2 weeks of giving the answer. (Things that make you go 'hmmmmm')

    The invasion of privacy is not really surprising.
    We've been slowly but surely manipulated in this direction over the past 20 years.
    What I find most insulting AND disturbing is the fact that 'they' don't even waste their time pretending otherwise or providing a somewhat believable lie. That just seems rude. :)

    As for the Intel ME, as far as I can see, there is no way to avoid reinstalling it. :(
    (I hate having my choices taken away.)
     
  18. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    10,938
    10,476
    340
    #19 Yen, Jul 11, 2017
    Last edited: Jul 11, 2017
    To make an opinion about the censored answer without to know the answer makes actually no sense.
    Furthermore I don't think that Intel would let something like a backdoor or privacy invading 'device' appear as device to be installed with an appropriate driver.

    Anyway I think Intel is capable of hiding microprocessor layout which includes backdoors and the like in cooperation with the NSA.
    Contrary to this I wonder why nobody has discovered suspicious traffic yet. There is no communication without traffic encrypted or not.
    Even if they could have managed that traffic isn't delectable at the 'Intel interfaces' it must be possible somewhere.

    Btw: Let's name 'they'..I associate the US govt to them...Intel and M$ have a long time alliance already and I bet the NSA is a friend as well...(EternalBlue and keeping silence)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. emk810

    emk810 MDL Member

    May 12, 2016
    144
    281
    10
    #20 emk810, Nov 6, 2017
    Last edited: Nov 7, 2017
    (OP)
    https://www.networkworld.com/articl...-popular-os-in-the-world-thanks-to-intel.html

    edit: