RE: [NTSysADM] OS in the CPU

[Melvin Backus]

And if the current stats are even close to accurate there are something like 
200000 unfilled cybersecurity jobs at the moment with only about 20000 
qualified people to fill them, and the unfilled numbers are growing faster than 
the qualified people.  That would lead me to think that the ‘career ending 
event’ would actually be a gateway to a new job where they probably understand 
that you can’t possibly catch everything, particularly heretofore unknown 
things.

How’s that saying go?  You can’t know what you don’t know.

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

¯\_(ツ)_/¯

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Andrew S. Baker
Sent: Tuesday, November 21, 2017 11:43 AM
To: ntsysadm <ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] OS in the CPU

Sure, but there are lots of ways to lose jobs -- many of which have nothing to 
do with your own personal actions.

InfoSec currently lends itself more to employment than unemployment.


Regards,

 ASB



On Mon, Nov 20, 2017 at 12:05 PM, Jonathan Link 
<jonathan.l...@gmail.com<mailto:jonathan.l...@gmail.com>> wrote:
More like job insecurity. Missing an exploit might be a career ending event, 
even if it is heretofore an unknown exploit.

On Mon, Nov 20, 2017 at 11:54 AM Melvin Backus 
<melvin.bac...@byers.com<mailto:melvin.bac...@byers.com>> wrote:
Some call them opportunities, we in IT call them job security. ☺

--
There are 10 kinds of people in the world...
         those who understand binary and those who don't.

¯\_(ツ)_/¯

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Kurt Buff
Sent: Monday, November 20, 2017 11:34 AM
To: ntsysadm <ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>>
Subject: Re: [NTSysADM] OS in the CPU

There are always more problems:

https://www.thezdi.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor

https://www.youtube.com/watch?v=uRemWLNBSZg

On Mon, Nov 20, 2017 at 8:05 AM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
But wait!   There's more...

https://www.youtube.com/watch?v=KrksBdWcZgQ


​(I see your "solution" and raise you two more problems)​


Regards,

 ASB


On Sun, Nov 19, 2017 at 12:28 PM, Kurt Buff 
<kurt.b...@gmail.com<mailto:kurt.b...@gmail.com>> wrote:
The OS in question (minix), isn't in the main CPU - it's in the CPU of the 
management engine, which is completely separate, and doesn't, or at least 
shouldn't, affect system performance.
https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Hardware
That actually makes it worse, since as long as the machine is connect to power, 
even though putatively "off", the management engine is available. That is, if 
it's been configured. This is an enterprise feature, so the ME is usually not 
active in consumer-grade computers.
But, if it's present and turned on, then it's pretty risky:
https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/
But there's some hope, of a sort - Google is on the case:
http://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html
Kurt

On Sun, Nov 19, 2017 at 6:34 AM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
No wonder our machines don't seem as fast as we think they *could* be...     
They're busy running more stuff than we thought:

http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

The security implications are also pretty staggering...

Regards,

 ASB




[https://my-email-signature.link/signature.gif?u=162639&e=13791714&v=7975870bc76bdc7c79b2d58cdfb91e073b6d44ef6b8306b92a5cf8598e0753bb]