A Security Issue in Intel’s Active Management Technology

Discussion in '[H]ard|OCP Front Page News' started by Megalith, Jan 13, 2018.

  1. Megalith

    Megalith 24-bit/48kHz Staff Member

    Messages:
    11,912
    Joined:
    Aug 20, 2006
    F-Secure is highlighting another critical Intel security issue: according to the Finnish cyber security and privacy company, Intel’s Active Management Technology (AMT) allows local attackers to compromise and take control of work laptops in as little as 30 seconds. Due to insecure defaults, user and BIOS passwords can be completely bypassed.

    The security issue "is almost deceptively simple to exploit, but it has incredible destructive potential," said Harry Sintonen, the senior security consultant at F-Secure who came across the oversight. "In practice, it can give an attacker complete control over an individual's work laptop, despite even the most extensive security measures."
     
  2. Spaceninja

    Spaceninja [H]ard|Gawd

    Messages:
    1,460
    Joined:
    Sep 15, 2004
    2018 Doesn't seem to be Intel's year.....
     
    Chupachup, Stimpy88, 86 5.0L and 5 others like this.
  3. Semantics

    Semantics 2[H]4U

    Messages:
    3,530
    Joined:
    May 18, 2010
    Eh...more bad press than glaring security issue that must immediately be addressed. Just needs to be addressed sometime soon.
     
    griff30 likes this.
  4. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    3,431
    Joined:
    Jan 30, 2005
    It really isn't. BTW, is this the result of a default password?

    [​IMG]
     
  5. viper1152012

    viper1152012 Gawd

    Messages:
    605
    Joined:
    Jun 20, 2012
    I have an image of a backyard fire in my head, where the fire department has shown up and just when you think it's under control they dump a truck load of napalm on it.

    Oh memories
     
    Chupachup likes this.
  6. Elf_Boy

    Elf_Boy [H]ard|Gawd

    Messages:
    1,964
    Joined:
    Nov 16, 2007
    This is what corporate yes men create and sell. Someone somewhere had to have mentioned something about these flaws.
     
  7. Galvin

    Galvin 2[H]4U

    Messages:
    2,216
    Joined:
    Jan 22, 2002
    This cause intel hardware and software became too complex?
     
  8. griff30

    griff30 I Lower the Boom!

    Messages:
    8,527
    Joined:
    Jul 15, 2000
    Damn, another nail in the Intel server coffin.

    Jebus
     
  9. Kdawg

    Kdawg Gawd

    Messages:
    625
    Joined:
    Aug 12, 2017
    so this is some remote connection shit?

    How does this affect my 6700hq ?

    it says AMT needs to be configured to stop this issue.
     
  10. BloodyIron

    BloodyIron 2[H]4U

    Messages:
    2,302
    Joined:
    Jul 11, 2005
    Yes, and they were issued gag orders. I know because I've talked to some...

    You think Intel didn't know this shit? Of course they do. They put it there so three letter agencies had built in malware.

    And Intel will litigate the fuck out to keep Pandora's box sealed.

     
  11. 86 5.0L

    86 5.0L [H]ardness Supreme

    Messages:
    6,888
    Joined:
    Nov 13, 2006
    Guess who uses Intel CPUs? China, Russia, Iran, etc etc
     
  12. auntjemima

    auntjemima 2[H]4U

    Messages:
    3,140
    Joined:
    Mar 1, 2014
    Oh, so it's a default password exploit. Lol, nothing to see here!
     
  13. thesmokingman

    thesmokingman [H]ardness Supreme

    Messages:
    4,788
    Joined:
    Nov 22, 2008
    Why am I not surprised at even more Intel security flaws?
     
    griff30 likes this.
  14. Dwayne

    Dwayne n00bie

    Messages:
    10
    Joined:
    Oct 31, 2017
    griff30 likes this.
  15. Johan Steyn

    Johan Steyn n00bie

    Messages:
    50
    Joined:
    Dec 1, 2016
    Not that simple, it is a password that many, actually most don't even know about.

    How do you change a default password when you are not aware is even there. Yes it is stupid, but most people are very ignorant about these things.

    Usibg default passwords are also a big problem in the corporate world.

    So there is something to see here.
     
    griff30 likes this.
  16. Chebsy

    Chebsy Limp Gawd

    Messages:
    350
    Joined:
    Jan 24, 2013
    Thats just what I was thinking when I read this !!
     
    griff30 likes this.
  17. Azphira

    Azphira [H]ard|Gawd

    Messages:
    1,520
    Joined:
    Aug 18, 2003
    So it's a case of...

    Forgetting to turn off range top, burning hand on rangetop, blaming Hotpoint for burns?

    Forgetting to turn the sink faucet off a week ago, blaming Kohler for the high water bill?

    Cutting your own throat attempting to shave with a straight razor for the first time, blaming Thiers Issard for the medical bills?
     
  18. alamox

    alamox Limp Gawd

    Messages:
    315
    Joined:
    Jun 6, 2014
    not really, even if the pc have random password, if you clear the Cmos the password reverts to admin/admin, it makes it harder and requires more time with the pc compared to the ones already set to default psw.
    still intel cannot catch a break, weird that this started happening after ryzen, it's like ppl knew tons of exploits but didn't bother reporting them, and now that they have an alternative they started dumping them.
     
    auntjemima likes this.
  19. Stimpy88

    Stimpy88 [H]ard|Gawd

    Messages:
    1,029
    Joined:
    Feb 18, 2004
    Intel has never been a software company. They can’t write drivers for their ancient graphics chips that have been on the market largely unchanged for years, so what surprises anyone that they have a hard time with software features written into firmware?
     
  20. Pieter3dnow

    Pieter3dnow [H]ardness Supreme

    Messages:
    5,292
    Joined:
    Jul 29, 2009
    Basically Intel ignored all the warnings where you would have to protect your customer in favour of functions which might help them?
    As it turns out now it is one of the worst features Intel made for their cpu.
     
  21. auntjemima

    auntjemima 2[H]4U

    Messages:
    3,140
    Joined:
    Mar 1, 2014
    Most people are very ignorant about the password on their router login as well, but this place wouldn't hesitate to berate them should someone log into it with the default password.

    I guess Intel doesn't get a pass because they are the bitch of the month.
     
  22. iamjanco

    iamjanco Limp Gawd

    Messages:
    208
    Joined:
    Jul 8, 2016
    "By design" could be another way of saying "well, we knew early on back in the heyday that China would become our biggest customer, but they stipulated requirements for multiple backdoors that could be used to keep an eye on their consumers, so we had to come up with architecture that could be used anywhere and improved upon."
     
  23. Stimpy88

    Stimpy88 [H]ard|Gawd

    Messages:
    1,029
    Joined:
    Feb 18, 2004
    These latest "vulnerabilities" found in Intel CPUs is actually the exposure of built-in backdoors for government use.
     
  24. MrDeaf

    MrDeaf Limp Gawd

    Messages:
    243
    Joined:
    Jun 9, 2017
    It says "local attack", which I would assume, means the attacker has direct access to the PC.

    Still, 30s is pretty quick, I have to say.
     
  25. DeathFromBelow

    DeathFromBelow [H]ardForum Junkie

    Messages:
    9,648
    Joined:
    Jul 15, 2005
    Routers have documentation of such key features and warnings to change your password. Where are Intel's instructions about this feature? Would the average user even have known about it?

    Won't somebody please think of the poor multibillion-dollar monopoly. They only lied a little bit!
     
    blandead and auntjemima like this.
  26. auntjemima

    auntjemima 2[H]4U

    Messages:
    3,140
    Joined:
    Mar 1, 2014
    So, to you, their value makes a difference when it comes to lying? Gotcha.
     
  27. griff30

    griff30 I Lower the Boom!

    Messages:
    8,527
    Joined:
    Jul 15, 2000
    Time to buy AMD stock!
     
  28. kirbyrj

    kirbyrj Why oh why didn't I take the BLUE pill?

    Messages:
    22,635
    Joined:
    Feb 1, 2005
    I'm just waiting for Shintel and juanrga to come in here proclaim this as a "feature."
     
    JustReason likes this.
  29. BloodyIron

    BloodyIron 2[H]4U

    Messages:
    2,302
    Joined:
    Jul 11, 2005
    Also note it's illegal to ship encryption technology to those countries. Hence why you will never find a SoC or computer coming from China with AES-NI. (Much to my chagrin)

     
  30. Pieter3dnow

    Pieter3dnow [H]ardness Supreme

    Messages:
    5,292
    Joined:
    Jul 29, 2009
    It has to do with processor design rather then backdoors put in for any government agency to be used why else would ARM suffer the same problems (look up arm on wikipedia).


    https://www.theregister.co.uk/2015/04/10/us_intel_china_ban/
    https://tech.thaivisa.com/china-bans-apple-intel-cisco-and-other-companies-for-state-purchases/5716/

    China was not so keen on the Intel chips for a good while now maybe they knew some things already (from By Staff Writer on 2015-02-27 )
     
  31. Elf_Boy

    Elf_Boy [H]ard|Gawd

    Messages:
    1,964
    Joined:
    Nov 16, 2007
    Should we all chip in and send Intel one of those extra large containers of lube from amazon?
     
  32. katanaD

    katanaD Gawd

    Messages:
    798
    Joined:
    Nov 15, 2016
    FTFA:

    so, you first have to have physical access long enough to reboot the machine. if you can reboot the machine you can boot it up via a flash drive and also bypass any security, so this is really a mute issue. If i have physical access to your computer, your screwed. end of story
     
  33. Elf_Boy

    Elf_Boy [H]ard|Gawd

    Messages:
    1,964
    Joined:
    Nov 16, 2007
    The article I read suggests it is a bigger deal then that.

    Yes, physical access is required. The attack would bypass encryption (based on the first article I read on this) and that is a big deal.
     
  34. krotch

    krotch [H]ardness Supreme

    Messages:
    4,559
    Joined:
    Aug 12, 2004
    https://software.intel.com/en-us/ar...ement-technology-start-here-guide-intel-amt-9

    Also buy an Intel board, it comes with plenty of documentation for it and provides links for further information. Intel has also recommended that AMT should be disabled if not used and if used, that the default password be changed or it needs to be provisioned.

    Other manufacturers using Intel's products should be the ones handling their own documentation of what features they have on their products and what state those features are set by default.
     
  35. OrangeKhrush

    OrangeKhrush [H]ard|Gawd

    Messages:
    1,289
    Joined:
    Dec 15, 2016
    don't worry a firmware will be out soon to magically fix silicon level short cuts. the normal rhetoric is "but they may have it to" but it looks like all the nasty stuff is Intel sided and it looks like AMD will suffer the Linux/Windows blanket patching that will nerf how their CPU's run by imposing Intel hard limits. The issue though is dwarfed by the impending Legal consequences of violations of personal information, every country has such legislation and the penalties are severe.