Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @_markel___
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_markel___
-
Prikvačeni tweet
Ready to uncover Intel ME background? Use our PoC to activate JTAG and dump ME ROMhttps://github.com/ptresearch/IntelTXE-PoC …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Accidentally pushed my CSME 12.x rbe module IDA project metadata to Lumina sever. So..., enjoypic.twitter.com/3MhSJuQ7GP
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
My patch to disable PCI device DMA in early boot to avoid gaps in IOMMU coverage just got merged to mainline, so here's a writeup of it: https://mjg59.dreamwidth.org/54433.html
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
Not found becaus I wasn’t able to personally review the whole thing
Lots of teams
But on FM, yes it would work, the tech is there today
The tooling is messy and version1 quality (or worse), but the tech is thereHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I don't think FM work for such complex systems as Intel CSME. Starting from Intel-SA-00086 there were found many bugs in CSME firmware. I think in 2012 you were working just on CSME 11.x. Why those trivial buffer overflow bugs were not found?https://twitter.com/intoverflow/status/1220909635672002560 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
========================= The Life and Incredible Adventures of One QEMU Bug (Which I Finally Fixed) ========================= A thread [1/n]
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
It's what Xiaoyu Ruan (in his Platform Embedded Security Technology Revealed) says about EPID key burned in security fusespic.twitter.com/ymQb5cmVmr
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
We've found a bug in CSME on-die ROM!
Intel says it's already targeted by CVE-2019-0090 (https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html …). Security Fuses can be extracted!
Mehlow and Cannon Point chipsets are affected. Stay tuned!Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
According to latest Intel OpenIPC hw debug toolkit not only upcoming mobile Tiger Lake (and subsequent Alder Lake) processors will support CET but also more near 10th Gen mainstream desktop Comet Lake (see Shadow Stack Pointer new arch register)pic.twitter.com/NhpDRmwfDg
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
Untrusted Roots: exploiting vulnerabilities in Intel ACMs by
@flothrone https://www.offensivecon.org/speakers/2020/alexander-ermolov.html …Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Intel attempted to hide the bug behind the less critical PMC vulnerability (INTEL-SA-00131). We will describe the INTEL-SA-00131 also.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Intel Cannon Point chipset (300 series) as well as Apollo Lake and Gemini Lake SoCs have very dangerous Delayed Authentication Mode (DAM) vulnerability allowing arbitrary code execution and the root key prediction. Detailed write-up is coming. Stay tuned.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This DSLogic Plus 16-channels logic analyzer is very suitable for Intel VISA external analysis (via GPIOs acting as PTI port). It has additional lines for external clock and trigger signals so it's best for tracing of up-to two VISA lanes https://www.dreamsourcelab.com/product/dslogic-plus/ …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Intel IceLake and newest SoCs iGPU (Gen11) detailed architecture description https://software.intel.com/sites/default/files/managed/db/88/The-Architecture-of-Intel-Processor-Graphics-Gen11_R1new.pdf …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
It seems that AMD also suffers from a lack of firmware downgrade prevention for their PSP subsystem. They fixed the public key overwrite bug but that actually does nothing: it does prevent to execute arbitrary code on their PSPhttps://twitter.com/_cwerling/status/1211051039916470274 …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
Slightly late, but here's the slides to my
#36C3 talk: https://pbx.sh/intelme_talk.pdf … . Contains some useful bonus slides and links, somewhere in the next few days I will add more references to prior work on this subject.Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je Tweet
A lot of great information from
@peterbjornxpic.twitter.com/7DlrJRDFMN
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Mark Ermolov proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Mark Ermolov proslijedio/la je Tweet
The AMD Secure Processor is a CPU in your CPU you do not control. It’s a Trusted Execution Environment to protect VMs from host access or copyrighted work from distribution. At
#36c3 I will present our PSP hacking and how we regained control over it. https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10942.html …Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.