[Cryptography] Intel Management Engine pwnd
Ryan Carboni
ryacko at gmail.com
Sat Nov 25 18:44:25 EST 2017
>
> Which would indicate that Intel have probably been
> paid off by somebody (NSA, the Chinese government, ???) to force a
> covert backdoor on every user of their products. This exact issue is
> why I have refused to buy Intel gear for many years, and I can't be
> the only one.
>
>
I wish you didn't suddenly fall silent about your suspicions about IPSEC.
You may have been on to something.
Regardless, clearly the mechanism is:
1. Make standards more complex.
2. Hire employees of private companies to commit fraud and theft against
their employer (usually through an allied Five Eyes to get around domestic
restrictions), the complex standard makes it easy to subvert.
3. Options are endless, Socat backdoor is one example.
There is an odd pattern of standards with non-standardized features.
Regardless, FIPS certification requires submitting the design to NIST? Are
you alleging that Intel isn't making their errata fully known?
Your attitude seems to be:
1. Be outraged.
2. Sit.
3. Accomplish nothing.
I'm not entirely sure the point of the open letter to Congress (
http://masssurveillance.info ) I mean, are you saying the government is
lawless and we aren't in a democracy, or the government is lawful and we
are in a democracy? If it's lawless, then why would they listen? If it is
lawful, then wouldn't the mass surveillance be lawful?
But I don't have a PhD so...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20171125/1e0db3c2/attachment.html>
More information about the cryptography
mailing list