[Cryptography] Intel Management Engine pwnd

John Gilmore gnu at toad.com
Sat Nov 25 16:15:19 EST 2017


Jerry Leichter <leichter at lrw.com> said:
> Modern Intel chips have some very sophisticated power management
> algorithms.  Turning those algorithms off would require running the
> chips at well below their rated capacities or they can overheat.  

Heat & power management does not require anything that can communicate
with the outside world (e.g. with an Ethernet chip).

> So whatever may have started Intel down the path of making some of
> this stuff mandatory ... by now, the requirement is embedded deep in
> the designs.

I disagree.  People I've met who were on Intel CPU design teams tell
me that the CPUs do not require a running ME.  Apparently the
dependency, if there is one, is in the chip set (the support chips).
That's consistent with what was reverse-engineered by the people at
Positive Technologies who claim to have discovered the ME
vulnerability that Intel just patched:

  http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
  http://blog.ptsecurity.com/2017/11/intel-fixes-me-vulnerability.html#more

	John

PS: By the way, modern Intel USB3 chips also provide a JTAG debug
interface that's accessible from any USB3 port.  This interface
provides detailed hardware-level control and debugging.  In theory
this is disabled in consumer devices, but it can be enabled in the
BIOS.  By exploiting an ME vulnerability, an attacker could
permanently switch this mode on for all the Intel devices on a
network, making such machines vulnerable to a later irresistable
physical attack merely by plugging in a malicious USB device.  This
hard to detect manipulation would, for example, enable malicious
re-entry into the network after malware has been cleaned out of it.
See:

  http://blog.ptsecurity.com/2017/01/intel-debugger-interface-open-to.html
  https://www.ptsecurity.com/upload/corporate/ww-en/analytics/Where-theres-a-JTAG-theres-a-way.pdf


More information about the cryptography mailing list