[Cryptography] Big ugly security problem in post-2008 Intel chipsets.
Jason Cooper
cryptography at lakedaemon.net
Tue May 2 16:25:42 EDT 2017
Hi John,
On Tue, May 02, 2017 at 03:39:24PM -0400, John Ioannidis wrote:
> On Mon, May 1, 2017 at 10:40 PM, Ray Dillinger <bear at sonic.net> wrote:
> > [,,,]
> > https://semiaccurate.com/2017/05/01/remote-security-exploit-
> > 2008-intel-platforms/
> >
> Any details of what level of local access is needed for a local exploit? In
> particular, is this exploitable from inside a VM? That would be really bad
> news for AWS, Google Cloud, or Azure.
Please read:
https://mjg59.dreamwidth.org/48429.html
for a more pragmatic review of the issue.
tl;dr most Intel chips don't ship with AMT. Those that do, it's
disabled by default out of the box.
thx,
Jason.
More information about the cryptography
mailing list