Thoughts on the latest Intel ME vulnerabilities: based on public information, we have no real idea how serious this is yet. It could be fairly harmless, it could be a giant deal.
Show this thread
-
AMT also allows secure boot to be disabled for one-shot boots, so AMT compromise is probably also a complete secure boot compromise
Show this thread
Worth noting - this gives *remote* users the opportunity to execute code as AMT if they authenticate. https://www.intel.com/content/www/us/en/architecture-and-technology/intel-amt-vulnerability-announcement.html … allows you to authenticate with an empty authentication token. If you haven't patched that already, do so.
-
-
The ME compromise presumably gives you everything the AMT compromise gives you, plus more. If you compromise the ME kernel you compromise everything on the ME. That includes AMT, but it also includes PTT.
Show this thread -
PTT is Intel's "Run a TPM in software on the ME" feature. If you're using PTT and someone compromises your ME, the TPM is no longer trustworthy. That probably means your Bitlocker keys are compromised, but it also means all your remote attestation credentials are toast.
Show this thread -
Worst case there is that an attacker is able to obtain the EK credentials from PTT. Unless there's a way to generate a new EK (and a new EK certificate), you can no longer ever trust remote attestation from that system.
Show this thread -
Of course, once someone's in the ME they're able to do anything the ME can do. Even if your system doesn't have AMT, they can do everything that AMT can do - including scraping the screen, injecting input events, disabling secure boot and so on.
Show this thread -
But the big thing that influences whether this is very bad but manageable or whether it's "This hardware can never be trusted again" is whether it's persistent or not. ME firmware is signed. Even with ME access, it shouldn't be possible to replace the ME firmware.
Show this thread -
However, if the exploit is in unsigned data that's interpreted by the ME, an attacker could potentially modify that data and rexploit it on every ME boot. At that point they can disable Boot Guard and have full control of system firmware as well.
Show this thread -
If that happens? Only remediation path is to re-flash SPI by hand, because every internal root of trust is now under the control of the attacker. Probably cheaper for most companies to buy new hardware instead.
Show this thread -
So yeah on reflection I don't see many outcomes where this is fairly harmless so uh happy thanksgiving
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.