[Cryptography] practical verifiable systems -- forensic and otherwise, cheap and otherwise

Steve Weis steveweis at gmail.com
Thu Mar 5 07:16:19 EST 2015

On Thu, Mar 5, 2015 at 4:00 AM, Peter Gutmann <pgut001 at cs.auckland.ac.nz>

> Steve Weis <steveweis at gmail.com> writes:
> >When it comes to measured boots with Trusted Execution (TXT), the lack of
> >visibility into the BIOS is a big gap because of SMM. You can detect when
> the
> >BIOS has changed, but don't know that the SMM loaded by BIOS is actually
> good.
> If SMM, ring -1 access to your system, is bad, LOM, ring -2 access, is a
> nightmare, typically an ancient, buggy, vuln-riddled version of Linux
> running
> a collection of equally buggy and insecure services that have complete
> backdoor control over your system and that typically can't actually be
> disabled even if you think you've disabled them.

Yes, this is a very good point. Something like Intel's Management Engine is
embedded in the chipset and cannot be removed or disabled. It's unclear to
me if VT-d offers any protection -- it should in theory, but I don't know
if it does in practice.

> I don't remember offhand seeing much about exploiting the various LOM
> systems
> in the NSA's catalogues, but I'd be very surprised if they didn't have
> implants for the various systems out there.

Invisible Things Labs presented some exploits against vPro at Blackhat in
2009, so exploiting these LOM systems has been in the grasp of a couple
independent researchers for years:

My experience with LOM systems in practice is that they are garbage and
barely do their intended job, much less do it securely.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150305/e1c4d649/attachment.html>

More information about the cryptography mailing list