[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
From: "podmo" <podmo@xxxxxxxxxxx>
Date: Mon, 19 Dec 2016 18:20:41 -0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 19 Dec 2016 13:21:21 -0500
Importance: Normal
In-reply-to: <e32886a7-8c5f-100d-2950-d3cb76314bb1@dea.spamcon.org>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti2-o6stvGEVB8exdPKPZztdEVXif+esRx5YKw6=EH1qYLA@mail.gmail.com> <06644443913d1e6dca1b8bb2c14343d3.webmail@localhost> <20161218030837.45d8837b@natsu> <cf39e040-77c8-1059-e9b2-3d9e8f984564@gmx.com> <ef5daec3420c95d30751295ba62a746a.webmail@localhost> <e32886a7-8c5f-100d-2950-d3cb76314bb1@dea.spamcon.org>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 12/18/2016 10:22 AM, Milton Scritsmier wrote:

> Not all Intel chipsets support AMT (check Intel's website for which ones
> do, but most consumer PC/laptop chipsets don't), and for every version
> of ME firmware there are two releases, one for chipsets with AMT support
> and one for chipsets without. Chipsets which support AMT can have the ME
> firmware updated remotely if it's signed properly and the AMT password
> is entered or bypassed somehow. Chipsets without AMT support cannot be
> updated remotely AFAIK.
>
> If somebody got their hands on the Intel ME toolset and private signing
> keys they could create a custom version of ME firmware that could do
> just about anything, including accessing almost all the PC's RAM at any
> time. But getting it on the machine is the trick. Without AMT support it
> would require physical access to the machine, but then you can do just
> about anything anyway with physical access.
>
Thank you, Roman and Joe for your well-written, rational and FUD free
emails to the list on this topic. ;)
I played around with AMT on a system I have access to. Per the
manufacturer's documentation it ships out of the box in factory mode which
disables all remote access features. After changing the ME password from
the default I could configure AMT and turn AMT off entirely. Like Roman
mentioned, no need for BMC so I think the Reddit poster's information was
out of date but his point about securing the OS is still a good one.




-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: Roman Mamedov

References:
- [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: grarpamp
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: podmo
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: Roman Mamedov
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: Joe Btfsplk
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: podmo
- Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
  - From: Milton Scritsmier

Prev by Author: Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
Next by Author: Re: [tor-talk] NoScript problems after TBB 6.08 update
Previous by thread: Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
Next by thread: Re: [tor-talk] Intel ME / AMT + NSL vs Tor Nodes
Index(es):
- Author
- Thread