Am Montag, 13. November 2017 schrieb dan pridgeon: > > From: info at smallinnovations dot nl <[email protected]> > To: [email protected] > Sent: Sunday, November 12, 2017 5:42 AM > Subject: Re: [DNG] (forw) Re: [skeptic] MINIX: ?Intel's hidden in-chip > operating system > > On 09-11-17 02:24, Rick Moen wrote: > > Vaughan-Nichols's article is at > > http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/ > > > > > > ----- Forwarded message from Rick Moen <[email protected]> ----- > > > > Date: Wed, 8 Nov 2017 17:19:35 -0800 > > From: Rick Moen <[email protected]> > > To: [email protected] > > Subject: Re: [skeptic] MINIX: ?Intel's hidden in-chip operating system > > Organization: If you lived here, you'd be $HOME already. > > > > Quoting Scott Peterson ([email protected]), citing a mostly good > > Steven J. Vaughan-Nichols's ZDnet article: > > > >> Buried deep inside your computer's Intel chip is the MINIX operating > >> system and a software stack, which includes networking and a web > >> server. It's slow, hard to get at, and insecure as insecure can be. > [...] > > > > Garrett's AMT FAQ makes good reading for people wanting to know more. > > https://mjg59.dreamwidth.org/48429.html?thread=1840429 > > > > This includes the fact that by _no_ means do all Intel chipsets > > possessing ME firmware also have AMT code that runs on it -- and how to > > query your machine to find out if it does. Most Intel systems don't > > have AMT. Most Intel systems with AMT don't have it turned on. > > > > It also includes the fact that the biggest concern is remote access to > > the AMT. If that isn't enabled, and there are various ways to ensure > > that it isn't, that concern (a remote backdoor) goes away. > > > > > > _______________________________________________ > > skeptic mailing list > > [email protected] > > http://linuxmafia.com/mailman/listinfo/skeptic > > To reach the listadmin, mail [email protected] > > > > ----- End forwarded message ----- > > _______________________________________________ > > Dng mailing list > > [email protected] > > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > > When reading > https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/ > > where some claim to be able to access ME via USB ports I wonder how long > it takes before ME is enabled and abused by malware.
You should include "lawful inspection" under the label "malware". And then, well, guess what ... Nik > > Grtz > > Nick > > _______________________________________________ > Dng mailing list > [email protected] > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > > > Does this imply that after the JTAG is fully exploited, the contents of ME > could be extracted,dis-assembled, updated, and reloaded to allow the machine > to boot and run? And could the ME be updatedfrom the selfsame machine by > cross-connecting two USB ports? Just thinking out loud. > > -- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ... _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
