Announcement

Collapse
No announcement yet.

Possible Problems Found in CPU Firmware

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Possible Problems Found in CPU Firmware

    Interesting read in this article. Keep your eyes on this and see if it becomes a problem in the near future.

    http://www.zdnet.com/article/minix-i...tag=RSSbaffb68

    I quote from the article:

    Maybe you're not paranoid. Maybe they are out to get you. Ronald Minnich, a Google software engineer, who discovered a hidden MINIX operating system inside "kind of a billion machines" using Intel processors, might agree with this.
    There is more detail in the article. plus links to supporting documents and other articles.

    The author points to where the problems may lie and which CPUs may be vulnerable.

    At this point there are no KNOWN exploits, but that doesn't mean there are none. Now that this has become visible, public knowledge, I would expect that attempts will be made to use this security weakness to design exploits...
    Kubuntu 24.04 64bit under Kernel 6.10.2, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
    Tags: None
    • Top
    • Bottom
    #2
    We've had the Intel Management Engine scare already. Is this the same thing? At that time, there was a tool that checked your system for IME vulnerability and I used it and it found nothing. Sorry, I've forgotten any details.

    Regards, John Little
    Regards, John Little
    • Top
    • Bottom

    Comment

      #3
      old news,,,,,,,,,, look @hear https://www.kubuntuforums.net/showth...ent+Technology

      read the hole thread .

      VINNY
      i7 4core HT 8MB L3 2.9GHz
      16GB RAM
      Nvidia GTX 860M 4GB RAM 1152 cuda cores
      • Top
      • Bottom

      Comment

        #4
        Originally posted by vinnywright View Post
        read the hole thread .
        Thank you, Vinny. (I need to start writing things down, or something...)

        I'm not convinced that port scans are effective. If "they" wanted to hide a port, there's ways, such as complicated port knocks, to open it just when needed.

        Wizard1000 feels safe in a "private" network behind a router, but along comes Krack. Anyway, the router doesn't stop the hidden code calling out.

        Regards, John Little
        Regards, John Little
        • Top
        • Bottom

        Comment

          #5
          Vinny,

          Thanks for the links. nmap is not available to me with this distribution install (Linux Mint xfce), so I haven't tested my system.

          "old news" doesn't necessarily mean insignificant. I'm watching this because it does allow low level access to a system.
          Kubuntu 24.04 64bit under Kernel 6.10.2, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
          • Top
          • Bottom

          Comment

            #6
            Originally posted by jlittle View Post
            Thank you, Vinny. (I need to start writing things down, or something...)

            I'm not convinced that port scans are effective. If "they" wanted to hide a port, there's ways, such as complicated port knocks, to open it just when needed.

            Wizard1000 feels safe in a "private" network behind a router, but along comes Krack. Anyway, the router doesn't stop the hidden code calling out.

            Regards, John Little
            their is allso the https://github.com/intel/INTEL-SA-00...tigation-Tools it's a linux tool to see if it is turned on in your CPU ,,,,the "backdore" has to be enabeld in the CPU AKA was turned on by your PC vendor,,,,,or you in the BIOS

            Originally posted by TWPonKubuntu View Post
            Vinny,

            Thanks for the links. nmap is not available to me with this distribution install (Linux Mint xfce), so I haven't tested my system.

            "old news" doesn't necessarily mean insignificant. I'm watching this because it does allow low level access to a system.
            you 2 did not read the hole thread did ya ,,,or follow the links.

            you can install nmap ,,,mint is an Ubuntu derivative and uses the Ubuntu repos...dose it not?

            VINNY
            i7 4core HT 8MB L3 2.9GHz
            16GB RAM
            Nvidia GTX 860M 4GB RAM 1152 cuda cores
            • Top
            • Bottom

            Comment

              #7
              Vinny, Please accept my apology, I did not do exactly as you advised and missed the significance of what was in the links. I'll try to do better in the future... but please don't expect perfection, I can't handle the stress.
              Kubuntu 24.04 64bit under Kernel 6.10.2, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
              • Top
              • Bottom

              Comment

                #8
                Originally posted by TWPonKubuntu View Post
                Vinny, Please accept my apology, I did not do exactly as you advised and missed the significance of what was in the links. I'll try to do better in the future... but please don't expect perfection, I can't handle the stress.
                No please ,,,,I apologize ,, I did not mean to cause you any stress ,,,,just make sure you caught all the information !

                VINNY
                i7 4core HT 8MB L3 2.9GHz
                16GB RAM
                Nvidia GTX 860M 4GB RAM 1152 cuda cores
                • Top
                • Bottom

                Comment

                  #9
                  Vinny:
                  Kubuntu 24.04 64bit under Kernel 6.10.2, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
                  • Top
                  • Bottom

                  Comment

                    #10
                    A continuation of this saga:

                    Title: System76 Will Begin Disabling Intel ME In Their Linux Laptops

                    https://www.phoronix.com/scan.php?pa...able-ME-Laptop

                    This is a good thing.
                    Kubuntu 24.04 64bit under Kernel 6.10.2, Hp Pavilion, 6MB ram. All Bow To The Great Google... cough, hack, gasp.
                    • Top
                    • Bottom

                    Comment

                      #11
                      Indeed!
                      I looked into doing the me_clean or coreboot but both required putting my Acer at risk of bricking.
                      Having the mfgr do it is the best possible way, and I trust System76.

                      My son's System76 (bono something) is running strong after four years. Still fast as lightening with a beautiful screen running KDE Neon on Btrfs.
                      "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                      – John F. Kennedy, February 26, 1962.
                      • Top
                      • Bottom

                      Comment

                      Previous template Next
                      Working...
                      X