On Thu, 7 Sep 2017 at 21:17:20 +1000
Erik Christiansen <dvalin@???> wrote:
> The notion of an extra embedded CPU or two on big Intel chips is not
> difficult to credit, but where is the postulated entire minix OS loaded
> from?
It's in the report by the Positive Technologies team:
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
We see increasing interest in Intel ME internals from researchers all
over the world. One of the reasons is the transition of this
subsystem to new hardware (x86) and software (modified MINIX as an
operating system). The x86 platform allows researchers to make use of
the full power of binary code analysis tools. Previously, firmware
analysis was difficult because earlier versions of ME were based on
an ARCompact microcontroller with an unfamiliar set of instructions.
> If our hosts cannot be trusted not to phone home to folk wearing dark
> glasses,
They do not just that they phone home, the worst part is that they pick up
the phone, your phone!
> then would it not suffice to employ a simple embedded host with
> a small die, such as an ARM, e.g. Beaglebone Black, as a firewall?
Maybe, but it's difficult to know exactly what triggers the numerous ME
modules and functions of a running system - it's best disabling everything
at boot time. You are supposed to filter both incoming and outgoing traffic,
which is not very easy when you do not know what you need to block. Plus, I
do not remember where I read it, but there are functions in WiFi AP/DSL
modems that were found to have backdoors that are triggered by a precise
sequence of IP packets the unit receives where both headers and payload
matter, which makes for a complicated deep packet inspection firewall that
you need to set up.
What we actually need is Openhardware products ready to supplant current
off-the-shelf proprietary chips and controllers.
--
Alessandro Selli
http://alessandro.route-add.net
VOIP SIP: dhatarattha@???
Chiavi PGP/GPG keys: B7FD89FD, 4A904FD9