Intel NSA Security issue - Backdoor to access your PC using Intel

From the Softpedia article, which says it all: "Sadly, [nutcase] Jim Stone doesn't actually provide any evidence for this..."

Further, from the nutjob himself showing that he has absolutely zero clue to how vPro or Anti-Theft 3.0 works (there is documentation for all this and it's not what that moron claims):

Real world use for Core vPro processors will involve the following:

Accessing any PC anywhere, no matter what operating system is installed, even if it is physically disconnected from the internet. You see, Core vPro processors work in conjunction with Intel’s new Anti Theft 3.0, which put 3g connectivity into every Intel CPU after the Sandy Bridge version of the I3/5/7 processors. Users do not get to know about that 3g connection, but it IS there.
Click to expand...

Seriously, you'd basically have to be a literal idiot to believe that guy. Any takers, besides Alex Jones, feeling up to the challenge?

edit: lol, crazytown! http://www.jimstonefreelance.com/

AND NOW THE NEXT LITTLE TIDBIT - SUDO IS THE ENEMY.

If you have Linux and you are using SUDO, if it is part of the distro, you are walking around with your pants down and that cute little wind driven optical encoder won't do you a bit of good. SUDO is an intentional back door that allows Linux to be raped like Windows. If you want secure Linux, DITCH SUDO AND LEARN THE O.S. FOR REAL.

Sudo was written in the 1990's to find out if a program could be written that compromised the security of Unix. It worked great, and Linux programmers for the longest time WARNED AGAINST IT. Enter Bill Gates in the 2000's, who got involved with Linux and "helped develop it". All he did was integrate Sudo as a "security enhancement" that made using Linux "easy".
Click to expand...

The ENTIRE site is full of the same nonsensical idiocy, with a complete divorce from reality. Congrats, OP. You really found a story here!
 
Last edited:
That man's site is almost as good as the timecube guy. Better make a coil of wire to capture those nuclear blasts!
 
Saw this article. Wondering if there is any more on this.

Also of course Alex Jones sounds like a lunatic, that's his shtick. And while he drives a lot of people away with that attitude.... it will only take time before people realize this guy is telling the truth.
 
Lets remember how many things were "nutjob conspiracy theories paranoid fantasies" that were revealed to be true by the Snowden and Manning disclosures. Nobody would have believed that their tax dollars were going to Bachi-boy fucking parties for Afghan warlords and friends in the private military companies, or that the NSA had such complete and reckless surveillance capability, used commonly on Americans; justifications of"national security" is a hoax. Hell, remember that just a couple weeks ago we saw it again with Lavabit - a company that shut down because of being (the implication, thereof) slapped with a secret, gag-ordered directive to hand over user information and/or become complicit in spying on the populace.

For what it is worth, articles such as http://www.tgdaily.com/hardware-opi...ight-now-in-our-pcs-compliments-of-intels-vpr and http://www.pcmag.com/article2/0,2817,2369110,00.asp , even Wikipedia - https://en.wikipedia.org/wiki/Intel_vPro - as well as others show things to worry about with respect to Intel processors and especially vPro. Regardless of the exact methodology, if there are secondary chips that are independent and not governed by or visible to the actions of the main chip etc... that can allow surreptitious use - for good, or for evil. Now, the fact that a certain part of the spec is essentially "black boxed" for "security" lends more suspicion, of course.

There seems to be enough evidence, through even Intel's own disclosures and other technically viable assessments that vPro is capable of acting independently and covertly in many situations, and that by itself is worrisome, given what we already know about our society and what lengths government and corporate interests are willing to go to for power and profit.
 
Last edited:
Xaeos said:
There seems to be enough evidence, through even Intel's own disclosures and other technically viable assessments that
Click to expand...
No, nothing that nutjob wrote, or that his idiot acolytes believe, has any basis in reality.

If you feel that there is a 3G transmitter/receiver in the CPUs, show the smallest shred of proof to support it. :rolleyes: Damn retarded Alex Jones fans.

cyberjihad said:
Saw this article. Wondering if there is any more on this.
Click to expand...
I linked to the source. There was never anything to it. The guy is not "in the know", not a "whistleblower", not an engineer or anything but an insane nutjob who posts voluminous loads of nonsensical garbage. He forms a knowledge black hole echo chamber with AJ's retarded sites. http://www.jimstonefreelance.com/
 
On an Intel chip,there's nothing but a die and a row of tiny transistors under the "lid" or IHS;the IHS is solid metal.I would take a pic,but i just put some Gelid GC Extreme under there and it's expensive :eek:
 
pxc said:
No, nothing that nutjob wrote, or that his idiot acolytes believe, has any basis in reality.

If you feel that there is a 3G transmitter/receiver in the CPUs, show the smallest shred of proof to support it. :rolleyes: Damn retarded Alex Jones fans.

I linked to the source. There was never anything to it. The guy is not "in the know", not a "whistleblower", not an engineer or anything but an insane nutjob who posts voluminous loads of nonsensical garbage. He forms a knowledge black hole echo chamber with AJ's retarded sites. http://www.jimstonefreelance.com/
Click to expand...

Did I say that it was a 3G transmitter, or that I agree with the fellow? No. However, vulnerabilities that lead to remote privilege escalation and silent control of the machine, by compromising parts of the vPro hardware and software stack that are ostensibly for "security", has been discussed regarding vPro (and AMT and Anti Theft etc...) for ages. A little bit of googling gets you stuff like http://semiaccurate.com/2012/05/15/intel-small-business-advantage-is-a-security-nightmare/ . I don't know a thing about Jim Stone, but simply yelling that the guy is an idiot isn't a great way to make your case. He may very well be a nutjob, but he's far from the only one who has expressed misgivings that documented (and undocumented) hardware features in recent generation processors could be used for least-detectable digital surveillance, be it by individual hackers or government entities.
 
Xaeos said:
A little bit of googling gets you stuff like http://semiaccurate.com/2012/05/15/intel-small-business-advantage-is-a-security-nightmare/ .
Click to expand...
Charlie FUD. Wow, Intel publicly disclosed a vulnerability and Charlie is reporting it like it's monumental news then non sequiturs it into a whole article? Gosh, we expect more from him. :rolleyes: (for the people who smartly avoid stupid Charlie articles, the "footnote" Charlie is talking about is the official security bulletin site that Intel uses for all security bulletins. As mentioned in the SB, it was fixed via a microcode update back in 2011. Charlie's 2012 article is predicated on using that to show the whole stack is insecure, without a single shred of evidence to back up that claim. He is an idiot, like most of his fans.)

No one is arguing that there aren't exploitable holes in many products, or that spying occurs because of that. I'm calling idiots idiots because they make up nonsense or follow idiots who make up nonsense. Hopefully it's clear to you now.

edit: obviously people who are defending this "knowledge" have not bothered to read the source of this info, For your convenience, I will cut and paste the entire post *without changing a single word*:

I told you so

The internet is now abuzz with something I have said ALL ALONG - that there is absolutely NO publicly available encryption the NSA cannot hack via a back door, PGP is completely useless, and encryption is irrelevant.
And I have been called a shill, an operative, an NSA SECRET AGENT STILL FUNCTIONING AS A BLACK OP because I told people to not even bother with encryption and I don't bother with it myself.

Now that it's out in the open that the NSA has the back doors into ALL encryption allowed in the public, can the back stabbers please remove the knife and put me on a pedestal? Damn you!

So, HOW DID I KNOW the NSA would hack all non military encryption and that none would work against them? The answer is simple.

The NSA and Federal Government HAVE ALWAYS HAD A POLICY OF KILLING OR THREATENING ANYONE WHO CAME UP WITH A WAY TO SECURE DATA, TO PREVENT THEM FROM EVER ALLOWING THE PUBLIC TO HAVE SECURE ENCRYPTION. And that is ALL you need to know to know that NOTHING out there is secure. How high a security clearance do you need to have to know that? CERTAINLY HIGHER THAN SNOWDEN.
And ALL THIS TIME I HAVE TOLD PEOPLE HOW TO DO IT, though admittedly my method is expensive and will likely only be used by governments and companies with a budget. If you want secure encryption, set up a wind mill with a 5,000 count optical encoder and use the encoder wheel position to set your algorithm while the wind moves it and make it at least a sixteen digit base 256 algorithm. Don't rely on intentionally compromised PGP or some other stupid pet trick, and now that SOMEONE ELSE FINALLY SAID IT, will the back stabbers out there in the "alternative" media believe me the NEXT TIME I SAY SOMETHING NO ONE ELSE HAS SAID? Your "security experts" and "insiders" feeding you "reliable info" were FULL OF CRAP.

I was not only cleared MUCH higher than Snowden in the NSA, I was DAMN GOOD.

So THERE.

AND NOW THE NEXT LITTLE TIDBIT - SUDO IS THE ENEMY.

If you have Linux and you are using SUDO, if it is part of the distro, you are walking around with your pants down and that cute little wind driven optical encoder won't do you a bit of good. SUDO is an intentional back door that allows Linux to be raped like Windows. If you want secure Linux, DITCH SUDO AND LEARN THE O.S. FOR REAL.
Sudo was written in the 1990's to find out if a program could be written that compromised the security of Unix. It worked great, and Linux programmers for the longest time WARNED AGAINST IT. Enter Bill Gates in the 2000's, who got involved with Linux and "helped develop it". All he did was integrate Sudo as a "security enhancement" that made using Linux "easy".

And what do you know about Jews and "security enhancements" this late in the game? If you think Sudo is a security enhancement, you are a total newbie who was not around when Linux was REAL.

I have a hint for ALL Linux users - Kill Sudo, enable Root, set up a couple users that are not root, log in as root only when you need to, and get it right the first time so you don't have to dink around later with your pants down. Most distros nowadays get it right the first time, simply choose a distro that has what you want, install it and remove Sudo. If you don't enable root before doing this, the operating system might as well be running from ROM. That would be a secure OS. If you want your Longsoon Yeelong laptop, that would be a great way to simulate having one. THEN worry about that optical encoder, prior to killing sudo it won't matter if you have good encryption, and if you are running Mac or anything Windows you had better be using it only to write cup cake recipes.

And Oh, don't forget about the Intel CoreVpro or Sandy Bridge processors, NOWADAYS, EVERYTHING INTEL IS DESIGNED FROM THE CHIP UP TO RAPE YOU, HAVING SECURE LINUX WILL MEAN NADA WHEN YOUR PROCESSOR ABSOLUTELY WILL STAB YOU IN THE BACK. INTEL IS NSA INTEL. AVOID THEIR PROCESSORS LIKE THE PLAGUE.
Click to expand...

I will make it clear: anyone who believes that is a complete idiot. There is no point sugar coating that.


edit2: just to beat this dead horse to more death, Intel Anti-Theft (aka SMS poison pill, to give an idea of how it works) requires...

Product and Performance Information

1. No system can provide absolute security under all conditions. Requires an enabled chipset, BIOS, firmware, and software with data encryption, and service activation with a capable service provider. Consult your system manufacturer and service provider for availability and functionality. Service may not be available in all countries. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof. For more information, visit www.intel.com/content/www/us/en/arc...anti-theft/anti-theft-general-technology.html.
Click to expand...
To make it more clear, it's not 3G built into the CPU, it's a platform feature which requires a separate 3G service that the system users purchases, and it's not something that allows system management or remote access. I remember when this came up almost 3 years ago and was fully debunked back then. Geezus people.
 
Last edited:
I don't disagree that whomever Jim Stone is, that post is ludicrous. None of my issues for instance are predicated on his "evidence" - as far as I'm concerned, his lack thereof makes this a non story. However, that doesn't mean that there aren't matters of concern regarding vPro, Intel and hardware features as they relate to user privacy. There has been plenty of Defcon, Blackhat etc..presentations that cast doubt on the risks vs benefits of these features, how they may be exploited and more.

I simply believe that, between the "features" and vulnerabilities of vPro et al, I'm not comfortable with having these "secure" hardware elements active in the vast majority of (especially consumer) processors. I feel much the same about vPro/AMT etc... as I would if (bad car analogy incoming) every single car built since 1995 had a "lojack-like" tracer that could harvest all sorts of information and/or even worse actually remotely cause changes in the vehicle - wouldn't this be worrisome, especially in today's society where everyone from a vengeful ex may pay someone to hack in and disable my tire pressure monitors or foul up the brakes, or if some gov't or law enforcement agency decided they didn't like my political leanings and would tap into my vehicle to see who's houses I've driven to in the last month? These entities knowing that they can basically tap into most PCs (especially those of individuals deemed questionable because they use encryption or other means to increase privacy) through the presence of this hardware, and quietly extract, alter, or control doesn't ease one's mind, and it is as wrong to dismiss the illicit uses for these technologies, just as it is to overlook the possibility of beneficial ones The technical vulnerability compared with the social and legal handwaves makes privacy breaches increasingly worrisome, especially with a track record like we've seen thus far.

Crazy happens, but I've seen enough attempts to destroy the credibility of valid issues by vested interests shaping the perception of said issue around the crazy/uninformed voices and suggesting that the issue itself is moot because some supporter/adherent is crazy. That's all I caution; Jim Stone may have no clue what he's talking about, but his ignorance doesn't blight the entire concern regarding possible vulnerabilities in vPro et al,.. If we seem to agree that there are vulnerabilities that exist (in general, not just vPro etc...) and that certain agents can and do use them for surveillance, as well as the idea that ignorant drivel diverts energy and clarity from important issues, then we're in agreement.
 
Last edited:
Xaeos said:
but his ignorance doesn't blight the entire concern regarding possible vulnerabilities in vPro et al,
Click to expand...
lol, pretzel rationalization.

There's a difference between FUD, particularly when it's born of complete ignorance, and analysis. I'll leave it as an exercise to the reader to distinguish between the two and why one leads to knowledge and rational evaluation of threat potential, and the other is just stupid.
 
pxc said:
edit2: just to beat this dead horse to more death, Intel Anti-Theft (aka SMS poison pill, to give an idea of how it works) requires...

To make it more clear, it's not 3G built into the CPU, it's a platform feature which requires a separate 3G service that the system users purchases, and it's not something that allows system management or remote access. I remember when this came up almost 3 years ago and was fully debunked back then. Geezus people.
Click to expand...

awesome, finally something that can't be hacked.
 
schmuckley said:
i'm not buying it..there's no room for transmitters n stuff..
Click to expand...

The first thing I was thinking is that you need far more than 3G radio hardware to actually do something with it. You'd need a data plan on every carrier in every country around the globe for every single Intel vPro processor made.

Who is paying the carriers for that? Who is keeping all of these things provisioned? How many thousands of IT billing weenies would see "black ops" roaming charges flying all over the globe back to the mothership and have to keep quiet?

I dunno... A lot of scary things have been shared, but I'm not sure about this one.

EDIT: I see pxc already nailed this one.
 
Last edited:
pxc said:
Seriously, you'd basically have to be a literal idiot to believe that guy. Any takers, besides Alex Jones, feeling up to the challenge?
Click to expand...

No, you'd only have to be ignorant concerning the hardware technology. Which the vast, vast majority are, including me. And that's if you are in fact correct about the hardware. Some internet asshole calling people fools and idiots - mouthing off without actually providing evidence that Intel has NOT intentionally put in backdoors. Why should anyone listen to you exactly? As opposed to those who take the default stance that governments and corporate entities will use every opportunity to make it possible for them to spy and control?

People aren't idiots for assuming that tales of governmental invasions of privacy are true. These days they'd be idiots for not assuming that's true in every instance that gets reported. My working assumption these days - after all we have seen and all that has been proven true about government crimes and corporate acquiescence and culpability - is that shit like this is probably true. Or has some element of truth. Enough that, unless I hear from someone who I respect, who can properly explain why the hardware cannot be used to fuck me, means I'll be staying away from Intel processors.

To that, I can only assume Intel will come out with a full and thorough rebuttal and sue for libel. Right?
 
beto said:
No, you'd only have to be ignorant concerning the hardware technology.
Click to expand...
Which certainly describes the wacko source for that information. To save you a click, I even cut and pasted the entire post full of nonsense. There is no need to tiptoe around the fact that the guy making those claims is a complete loon.

But I guess the real problem is that I offended an Alex Jones fan. Yay me. :D Maybe it's time to reevaluate some of the life choices, amirite? ;)
 
Last edited:
pxc said:
Which certainly describes the wacko source for that information. To save you a click, I even cut and pasted the entire post full of nonsense.

But I guess the real problem is that I offended an Alex Jones fan. Yay me. :D
Click to expand...

I don't give two shits about Alex Jones. Couldn't care less.

But I'll let you in on a little secret, you haven't proved a thing. You calling Alex Jones, or the author of the article, or the guy quoted in the article, "wackos" doesn't mean anything to me. Without further explanation and proof as to how these backdoors are an impossibility, IMO you come off looking like the idiot. You may well know what you are talking about but you haven't proven anything yet and, at this point, knowing what I do know, I will forever side with the "conspiracy theorists" before taking the words of anyone even appearing to defend corporate entities and/or their lackey government.

So, convince everyone it is impossible or quit being a jerk and calling people idiots for believing stuff like this could be possible.
 
So you want me to prove a negative. Logic fail.

It's easier to explain the issue, as I did above. The "Sandy Bridge haz teh 3G radio" is a 3 year old rumor based on the platform Anti-Theft feature. What technically illiterate people have done is made the assumption that it's the CPU which has a 3G radio built into it. As anyone who is capable of reading marketing information and data sheets can understand is that the "SMS poison pill" is not a remote management feature, and even having Anti-Theft in a working state requires an enabled platform (chipset and appropriate external components added to the system board), along with a separate subscription service to send out such a message. This is not secret information.

The other things are FUD, like Charlie's usual keyboard mastrubatory "article", which is high on alarm and at level 0 for supporting evidence.

What exactly do you have a problem with in requiring substantiated facts instead of wild, retarded claims? Seriously, because that's the only thing I really have a problem with here.

Your turn.
 
You must log in or register to reply here.
Back
Top