[Cryptography] Big ugly security problem in post-2008 Intel chipsets.

iang iang at iang.org
Sat May 6 23:28:38 EDT 2017

On 01/05/2017 22:40, Ray Dillinger wrote:

> I have been saying this for years, but kept receiving assurances from
> everyone "official" at the manufacturers and OEMs whom I brought it up
> to, all claiming that it wasn't true.
> Any machine with a hardware BIOS that allows network bootup, data
> recovery, and OS installation regardless of the condition or even
> presence of an OS installed locally on the machine has got to be broken.
> This is self-evident.  To claim otherwise is clearly lying, or
> childishly believing in something which is logically impossible for no
> reason better than wishing it to be true.

We had a similar eye opening experience back around 2007 when we were 
setting up rack machines for remote management.  These big name 2U 
machines had remote access software that was very hard to get going.  
When we got into debugging and setting up the remote management 
software, we realised it was so badly done that it could not be secure.

This was mystifying, so we asked around ... and the answer that came 
back was that everyone knew they were insecure, and that's what 
customers wanted.  They wanted experts from the suppliers to come in and 
hack the machines to get access when something went wrong.  The 
customers (banks) didn't care about the suppliers getting access, that 
wasn't their threat model.

It was observations like that that led me to suggest that actually, 
there was much less hacking going on than we might have thought if we 
just assumed our threat models were reflective of the real world?  Or 
that the hacking was narrowly expertised, such as SQL injection, so low 
hanging fruit?  So maybe we were just overspending on security and 
tickets for the security theater was a better proposition?

Unpopular opinions!  I think there was an element of truth in all that, 
but two things changed - one was the evolution serious criminal gangs 
which industrialised the process.  The second was the rise of 
cyberwar... although the jury's out as to whether this was caused by 
e.g. Obama's OLYMPICGAMES or as a natural evolution, a tit for tat.

By the time we entered 2010s any peace dividend was pretty much spent.  
But, by that time we were screwed because crap security was 
institutionalised and meanwhile so was good, industrialised thievery and 

> The advertising therefore clearly contained a logical contradiction, and
> I'd been assuming that it was the security they were wrong (or lying)
> about rather than the remote management capabilities.  There is flatly
> and literally no way that the advertised capabilities of "remote
> management" on these machines can be provided without the existence of a
> hardware security problem that someone can drive a tank through.
> Well, guess what.  It's Effing broken, and somebody's evidently been
> driving tanks through it.  I'm not the guy who proved it; I'm just the
> guy who's been assuming, and sometimes arguing, for years, that it must
> clearly be broken in order for those capabilities to exist.
> https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/

It isn't one thing.  At a systemic level it is pointless chasing one 
bug, one observation.  As far as I can tell, it's been Effing broken for 
several decades, and it ain't gonna change coz of this one guy.


More information about the cryptography mailing list