22
Comments (25)
sorted by:
6
RedWhiteandPew 6 points ago +6 / -0

Is this new? A decade ago people were reporting that computers had a 3G transmitter that would send "disagnostic" information even if the machine was never connected to the internet.

1
JesusChristLives 1 point ago +1 / -0

If you had a 3G modem installed, it can officially communicate back "home" using that modem thanks to the Intel management engine. They can also do it over ethernet or wifi networking cards as well.

Unofficially I don't believe for a second though that they're limited to "3G", and that especially military could have backdoored them to communicate using any other part of the radio spectrum.

2
RedWhiteandPew 2 points ago +2 / -0

At the time the standard was 3G...I'm sure it's an open pipe at this point.

1
JesusChristLives 1 point ago +1 / -0

I'm sure it's an open pipe at this point.

Satan's just creating a cheap (very cheap) imitation of God's omnipresence .

https://tv.gab.com/channel/trunews/view/coming-soon-racist-police-drones-60bea008ff67f91022ae627f?ts=1920

1John 4:4 Ye are of God, little children, and have overcome them: because greater is he that is in you, than he that is in the world.

https://www.biblewaytoheaven.com/salvation.html

1
pkvi [S] 1 point ago +4 / -3

This is another one. Intel had now several "bugs" in their architecture that allowed hacking no matter what security you had on your OS

https://www.newsweek.com/intel-csme-cpu-bug-unfixable-security-vulnerability-chipsets-five-years-1490746

3
factdigger 3 points ago +3 / -0

NSA says hello!

2
krzyzowiec 2 points ago +2 / -0

His second tweet mentions that these instructions fail unless in debug mode, so this doesn’t impact users.

2
GynaNumbaZero 2 points ago +2 / -0

Jokes on them, we use LENOVO PCs at my higly secure job.

2
JesusChristLives 2 points ago +2 / -0

we use [insert brand name here]

They all source the same parts now though don't they?

1
GynaNumbaZero 1 point ago +1 / -0

The joke is our BIOS is updated by a Chinese company.

-1
2
GynaNumbaZero 2 points ago +2 / -0

I used to have on of those... 486 Gangsta 😎

-2
pkvi [S] -2 points ago +2 / -4

Wisely old enough to have rocked a Tandy and Wang running Direct Access, DOS and.. whoa, out of space.

Don't forget the 25 5.25 disks to play Kings Quest IV

God damn it .. kids today (makes senior noise)

2
yeldarb1983 2 points ago +2 / -0

Uncle had a C64 he let me play around with back in the day, got an Apple ][e when the school was getting rid of them for $50. (They were cheap as balls and kids could write reports on them, so they hung on well into the 90s).

Sadly, my brothers and I went to live with my bitch of an aunt over some BS I wont get into, and then I got into some trouble and got put into juvie. When I asked about the thing years later, the cunt looks at me like a deer in the headlights and tells me they threw it away years ago.

shame, I had a ton of software that the teachers at the school had gotten rid of when the ][e's went, and between that and the machine, even if i had decided to sell it, I might have been sitting on a small fortune by now. Oh well.

2
GynaNumbaZero 2 points ago +2 / -0

Old school. I think there's an IBM PS2 286 with windows v1.5 at the 'rents house with some Lesurie Suit Larry 3 on it. Might even have a whole 512kb hard drive.

I'm all about booting up Myst on windows 3.11 homey.

Oregon Trail Generation stuff. Old enough to remember life without them, but still free up with em.

0
pkvi [S] 0 points ago +2 / -2

If we only knew right then and there, less is more. Keep it simple, stupid.

Sigh. Welp, back to burning down a society overindulged.

2
undecidedmask 2 points ago +2 / -0

What does this mean?

4
fuckthatt 4 points ago +4 / -0

Backdoor access to any computer with this chip... Without the computer needing to be on or logged in to Windows.

1
pkvi [S] 1 point ago +4 / -3

The CPU has its own operating system which has cycled off data to whatever source which was a known "issue" before -- this one they are exclaiming is code embedded in the CPU that changes software architecture to do xyz -- most probably to script sending data or altering data.

4
80960KA 4 points ago +4 / -0

The CPU has its own operating system

Not really. Microcode is more a way to implement complex multi-step instructions from simple (fast-executing) primitives, it's basically a way to teach the CPU to do new operations (or fix broken ones) without spinning a new silicon rev. What you're thinking of does kinda exist, it's the embedded system management controller (trivia: distant relative of the Nintendo SuperFX chip) which does have a sort of primitive operating system and can do snoopy things.

exclaiming is code embedded in the CPU that changes software architecture to do xyz -- most probably to script sending data or altering data

The security relevance with this microcode issue is more that microcode is probably in a sub-ring 0 context. If an attacker can change microcode on the fly using undocumented instructions, particularly if it can be done from a non-privileged ring, they can likely bypass all the security features of the architecture. I haven't dug into it, but there's a BIG chance this could be used for really easy privilege escalation on any Intel. You could of course do more Dan Brown tier shit like breaking FP math to return bad results and make planes crash, but really when people see this kinda thing "get root" is almost universally the goal.

2
DeepFrozenOcean 2 points ago +2 / -0

Check out Christopher Domas' talks for more about these hidden internals, and tools to find and exploit them.

https://www.youtube.com/results?search_query=Christopher+Domas

2
Torrvarpen 2 points ago +2 / -0

It's possible to update the microcode firmware via OS. Linux does this by default nowadays with open source microcode: https://wiki.archlinux.org/title/Microcode. I'm sure windows does it too, or NSA via Windows built in back-doors, only difference is that their firmware is proprietary and full of shady stuff.

1
yeldarb1983 1 point ago +1 / -0

With the understanding that "secure" is a relative term, how secure am I using Fedora 33 on an Core 15 chip? (I'll look up the exact chip if it helps.)

2
Torrvarpen 2 points ago +2 / -0

Depends on yourself, humans with too much privileges are the biggest threat to any secure system. A clean fresh installation of Fedora 33 should overwrite the CPU microcode before even starting the system and decrypting your drive.

You can check this in the boot menu, fist thing you see after start where it says "Fedora" and "Advanced options for Fedora" or similar. Press E and you should see the whole boot command which will run in sequence. First it loads the microcode, then the kernel and then (if you have full disk encryption enabled) the prompt comes up, or whatever mechanism you use to decrypt on boot.

So relatively secure is the best answer I guess. Just make sure that nobody else ever gets physical access to your device. Make sure to never run shady proprietary software, stick to open source and verify that there are no back doors. That way, chances are very low that someone could ever spy on you or steal your data.

But if you wanna be really secure, you might wanna use Qubes OS. A Linux distro designed with security in mind. Every program runs in it's own vm, and it's not the standard type of vm's, these are completely isolated from each others, giving you full control over everything that runs in your system.

It's not the most convenient solution tho, for instance if you want to plug in a usb device and let a software use it, you need to explicitly allow that in the systems task manager since the usb firmware run in it's own isolated box too. It's a bit of al earning curve, but worth it if you really want perfect security.

2
yeldarb1983 2 points ago +2 / -0

It's not the most convenient solution tho, for instance if you want to plug in a usb device and let a software use it, you need to explicitly allow that in the systems task manager since the usb firmware run in it's own isolated box too. It's a bit of al earning curve, but worth it if you really want perfect security.

and I imagine it gives things like OBS all kinds of headaches, lmao.

Thanks for not treating me like an idiot =D