Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Jo]

I totally agree with you, finding exploits is way easier, especially
with practically unlimited resources. The whole Me-thing is blown
completely out of porpotion, altough of course you do not want an Me,
especially not me 11/ any closed source remote admin functions you cant
effectively disable nor remove.

Also, please do not mention Purism in the same Sentence with legit
Opensource Projekts like Qubes ore coreboot.This is very offending for
people like the coreboot ore Qubes devs who actually try to make people
free and secure, while others in comparison only scam people by making
them believe their laptops/handys are opensource and with coreboot.

cheers
On 05/12/18 16:46, charly LEMMINKÄINEN wrote:
> Anyway people, even if he was saying the truth. Then why is he silent
> then ? Why doesn’t he have joined purism or coreboot or qubes or
> others to neut the ME?
>
> The difference between reality and what can be real is really thin and
> it’s often easier to believe what could be then what really is.
>
> First you need to indentify the goal and here it is not clear. Do you
> know why ?
> Because it would mean that Chinese could get access to it with enough
> intelligence. Russian could get access to it. And what you are calling
> Odin so the NSA or any other entity, don’t want all that because it
> would mean that even them are at risk ;) which is clearly not the goal.
> You don’t want to implement something that you can not control.
> So it’s easier to find an exploit, there are enough of them. Or to
> create one within software or OS where you can patch it easily than in
> hardware.
>
> The real threat from all time, is not the intelligence services, it’s
> the companies. Anything else doesn’t matter.
>
> Obtenez Outlook pour iOS <https://aka.ms/o0ukef>
> 
> *From:* qubes-users@googlegroups.com <qubes-users@googlegroups.com> on
> behalf of awokd <aw...@elude.in>
> *Sent:* Saturday, May 12, 2018 4:38:08 PM
> *To:* qubes-users
> *Subject:* Re: [qubes-users] Intel ME Backdoor, called Odin's Eye
>  
> On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote:
> > On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote:
>
> >> I don't trust ME either and run me_cleaner but that link is just some
> >> unsubstantiated text. If he'd really been working at Intel 15 years he
> >> should have been able to get copies of internal documentation at least.
> >> A
> >> blacked out W-2 form doesn't cut it either.
> >
> > Do you find that sticking your head in the sand to be a productive form
> > of security?
>
> How does requiring proof instead of an anecdote equate to sticking one's
> head in the sand? Do you believe all scientists are sticking their head in
> the sand when they do research?
>
> > I'm sorry that this information upset you so much, but by denying it
> > you're only putting others in harms way.
>
> What gave you the impression I was upset?
>
> > Maybe you'd like for others to have security vulnerabilities?
>
> No, that's why I encourage them to use Qubes. I think you must be new
> here. Check out some of my other posts.
>
> > Perhaps you are exposing your agenda too much?
>
> Re-read the first sentence of what I wrote above, perhaps more slowly this
> time, then explain what agenda it is you think I have.
>
>
>
> -- 
> You received this message because you are subscribed to the Google
> Groups "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in.
> For more options, visit https://groups.google.com/d/optout.
> -- 
> You received this message because you are subscribed to the Google
> Groups "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to qubes-users+unsubscr...@googlegroups.com
> <mailto:qubes-users+unsubscr...@googlegroups.com>.
> To post to this group, send email to qubes-users@googlegroups.com
> <mailto:qubes-users@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM
> <https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM?utm_medium=email_source=footer>.
> For more options, visit https://groups.goo

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[charly LEMMINKÄINEN]

Anyway people, even if he was saying the truth. Then why is he silent then ? 
Why doesn't he have joined purism or coreboot or qubes or others to neut the ME?

The difference between reality and what can be real is really thin and it's 
often easier to believe what could be then what really is.

First you need to indentify the goal and here it is not clear. Do you know why ?
Because it would mean that Chinese could get access to it with enough 
intelligence. Russian could get access to it. And what you are calling Odin so 
the NSA or any other entity, don't want all that because it would mean that 
even them are at risk ;) which is clearly not the goal.
You don't want to implement something that you can not control.
So it's easier to find an exploit, there are enough of them. Or to create one 
within software or OS where you can patch it easily than in hardware.

The real threat from all time, is not the intelligence services, it's the 
companies. Anything else doesn't matter.

Obtenez Outlook pour iOS<https://aka.ms/o0ukef>

From: qubes-users@googlegroups.com <qubes-users@googlegroups.com> on behalf of 
awokd <aw...@elude.in>
Sent: Saturday, May 12, 2018 4:38:08 PM
To: qubes-users
Subject: Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote:
> On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote:

>> I don't trust ME either and run me_cleaner but that link is just some
>> unsubstantiated text. If he'd really been working at Intel 15 years he
>> should have been able to get copies of internal documentation at least.
>> A
>> blacked out W-2 form doesn't cut it either.
>
> Do you find that sticking your head in the sand to be a productive form
> of security?

How does requiring proof instead of an anecdote equate to sticking one's
head in the sand? Do you believe all scientists are sticking their head in
the sand when they do research?

> I'm sorry that this information upset you so much, but by denying it
> you're only putting others in harms way.

What gave you the impression I was upset?

> Maybe you'd like for others to have security vulnerabilities?

No, that's why I encourage them to use Qubes. I think you must be new
here. Check out some of my other posts.

> Perhaps you are exposing your agenda too much?

Re-read the first sentence of what I wrote above, perhaps more slowly this
time, then explain what agenda it is you think I have.



--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in.
For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/AM5P190MB03374A2B4B81C19532CBE1EAAB9E0%40AM5P190MB0337.EURP190.PROD.OUTLOOK.COM.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[awokd]

On Thu, May 10, 2018 12:37 am, dangmad...@gmail.com wrote:
> On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote:

>> I don't trust ME either and run me_cleaner but that link is just some
>> unsubstantiated text. If he'd really been working at Intel 15 years he
>> should have been able to get copies of internal documentation at least.
>> A
>> blacked out W-2 form doesn't cut it either.
>
> Do you find that sticking your head in the sand to be a productive form
> of security?

How does requiring proof instead of an anecdote equate to sticking one's
head in the sand? Do you believe all scientists are sticking their head in
the sand when they do research?

> I'm sorry that this information upset you so much, but by denying it
> you're only putting others in harms way.

What gave you the impression I was upset?

> Maybe you'd like for others to have security vulnerabilities?

No, that's why I encourage them to use Qubes. I think you must be new
here. Check out some of my other posts.

> Perhaps you are exposing your agenda too much?

Re-read the first sentence of what I wrote above, perhaps more slowly this
time, then explain what agenda it is you think I have.



-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5cca9a5a8bfd3e53a8a53f1e560dfda1%40elude.in.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[dangmadzyu]

On Wednesday, January 10, 2018 at 2:02:36 PM UTC-8, awokd wrote:
> On Wed, January 10, 2018 8:35 pm, dangmad...@gmail.com wrote:
> > On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote:
> 
> 
> > That Red Pill is a bitter one, isn't it?
> 
> I don't trust ME either and run me_cleaner but that link is just some
> unsubstantiated text. If he'd really been working at Intel 15 years he
> should have been able to get copies of internal documentation at least. A
> blacked out W-2 form doesn't cut it either.

Do you find that sticking your head in the sand to be a productive form of 
security?


I'm sorry that this information upset you so much, but by denying it you're 
only putting others in harms way.


Maybe you'd like for others to have security vulnerabilities? 


Perhaps you are exposing your agenda too much?


-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0bd0d196-4a11-4257-9e2f-3acaba7af63f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

['awokd' via qubes-users]

On Wed, January 10, 2018 8:35 pm, dangmad...@gmail.com wrote:
> On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote:


> That Red Pill is a bitter one, isn't it?

I don't trust ME either and run me_cleaner but that link is just some
unsubstantiated text. If he'd really been working at Intel 15 years he
should have been able to get copies of internal documentation at least. A
blacked out W-2 form doesn't cut it either.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/17ebf5d641fe86e2d5c9f125d59bbd05.squirrel%40tt3j2x4k5ycaa5zt.onion.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[dangmadzyu]

On Sunday, January 7, 2018 at 10:14:26 AM UTC-8, haaber wrote:
> > https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597=339d919645f1de31a42913c748d1d7fb
> I personally consider
> this troll post.

That Red Pill is a bitter one, isn't it?

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2120b2aa-34b3-4576-95c7-8d33be43c7d2%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Franz]

On Mon, Jan 8, 2018 at 7:41 PM, Vít Šesták <
groups-no-private-mail--contact-me-at--contact.v6ak@v6ak.com> wrote:

> > You could use POWER-KVM and have an assortment of VM's with shared
> > folders, you can replicate all the other stuff via various methods and
> > have a better security level it simply wouldn't look as slick.
>
> Not sure about that. Qubes is not just set of tools. It is also a set of
> careful choices of configuration (e.g., strictly using HVMs with stubdoms).
> I might be wrong, but I don't think you can get a comparable level of
> security easily. You would have to take similar choices and maybe even to
> make a new decisions that affect security.
>
> > Qubes isn't virtualization, it is simply a collection of tools that can
> > theoretically be compiled for POWER although currently the qubes VMM is
> > xen which isn't yet available for POWER (the xen devs are ignoring
> > requests to assist with porting efforts).
>
> It is not just the collection of tools.
>
> You are right that QubesOS can be probably ported to KVM. Even if this is
> a solution (not 100% convinced), it is not there yet. At best, TALOS 2
> might be some solution for future, not something you can buy and use just
> now (for those purposes).
>
> > If T2 is successful (ie: enough people buy it) there are plans for a
> > POWER laptop.
>
> Cool.
>
> But at the moment, it does not make me sense to buy a workstation I don't
> need and hope that some time later, they will release a laptop and someone
> else will port QubesOS for it. I could somewhat support efforts of porting
> QubesOS to POWER9, it makes me more sense.
>
> > > * It is quite expensive for needs of most people.
> > It fills the very high performance sector that previously had no libre
> > hardware, it isn't meant for those like you and me who would be
> > satisfied with the performance of one of the various libre firmware
> > available boards such as the KGPE-D16, KCMA-D8 ($300 MSRP) etc...
>
> You are right. It is rather a good special-purpose workstation.
>
> > No one ever found money or success trying to sell to the average yokel.
>
> I could argue that selling to average yokel for low price can bring both
> success and money, because there are plenty of yokels.
>
> I understand this is not for masses in the same scale as Windows. This is
> not necessary for success. But I am also afraid this is not suitable even
> for 1 % of Qubes user base. (Maybe it will be successful elsewhere, but it
> does not matter much in this discussion.)
>
> > That option simply removes the PCI device and the Option ROM menu, it
> > doesn't disable PSP - like ME it is integral to the x86-64 boot process
> > so it simply can't be disabled.
>
> OK, good to know.
>
> > > But it is still matter of trust. Not having PSP/IME does not mean
> there cannot be any backdoor.
> > On an owner controlled system that has libre hardware, firmware and
> > software it is incredibly difficult to add a backdoor function, one
> > truly could trust their computer in that case.
>
> Not 100%. First, you cannot be 100% sure your CPU matches the design.
> Second, some backdoors can look like a regular vulnerability. Those are
> even worse. Good backdoor can be abused by few people, maybe it requires
> digital signature. That's not good, but regular (pseudo-)vulnerabilities
> are even worse, because they can be abused by much broader set of people.
>
> But I agree that having open CPU design can be a good start.
>
>
Very interesting, it may happen that in a couple of years Qubes will be
ported to it and I'll have to change my passwords.  So it may be better to
wait before buying a new laptop.
best
Fran

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAPzH-qCDO%2BF-BVN12ABFLWiYy4BaDAGO9HqRSAQnnLJiEskjAA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Vít Šesták]

> You could use POWER-KVM and have an assortment of VM's with shared 
> folders, you can replicate all the other stuff via various methods and 
> have a better security level it simply wouldn't look as slick.

Not sure about that. Qubes is not just set of tools. It is also a set of 
careful choices of configuration (e.g., strictly using HVMs with stubdoms). I 
might be wrong, but I don't think you can get a comparable level of security 
easily. You would have to take similar choices and maybe even to make a new 
decisions that affect security.

> Qubes isn't virtualization, it is simply a collection of tools that can 
> theoretically be compiled for POWER although currently the qubes VMM is 
> xen which isn't yet available for POWER (the xen devs are ignoring 
> requests to assist with porting efforts).

It is not just the collection of tools.

You are right that QubesOS can be probably ported to KVM. Even if this is a 
solution (not 100% convinced), it is not there yet. At best, TALOS 2 might be 
some solution for future, not something you can buy and use just now (for those 
purposes).

> If T2 is successful (ie: enough people buy it) there are plans for a 
> POWER laptop.

Cool.

But at the moment, it does not make me sense to buy a workstation I don't need 
and hope that some time later, they will release a laptop and someone else will 
port QubesOS for it. I could somewhat support efforts of porting QubesOS to 
POWER9, it makes me more sense.

> > * It is quite expensive for needs of most people.
> It fills the very high performance sector that previously had no libre 
> hardware, it isn't meant for those like you and me who would be 
> satisfied with the performance of one of the various libre firmware 
> available boards such as the KGPE-D16, KCMA-D8 ($300 MSRP) etc...

You are right. It is rather a good special-purpose workstation.

> No one ever found money or success trying to sell to the average yokel.

I could argue that selling to average yokel for low price can bring both 
success and money, because there are plenty of yokels.

I understand this is not for masses in the same scale as Windows. This is not 
necessary for success. But I am also afraid this is not suitable even for 1 % 
of Qubes user base. (Maybe it will be successful elsewhere, but it does not 
matter much in this discussion.)

> That option simply removes the PCI device and the Option ROM menu, it 
> doesn't disable PSP - like ME it is integral to the x86-64 boot process 
> so it simply can't be disabled.

OK, good to know.

> > But it is still matter of trust. Not having PSP/IME does not mean there 
> > cannot be any backdoor.
> On an owner controlled system that has libre hardware, firmware and 
> software it is incredibly difficult to add a backdoor function, one 
> truly could trust their computer in that case.

Not 100%. First, you cannot be 100% sure your CPU matches the design. Second, 
some backdoors can look like a regular vulnerability. Those are even worse. 
Good backdoor can be abused by few people, maybe it requires digital signature. 
That's not good, but regular (pseudo-)vulnerabilities are even worse, because 
they can be abused by much broader set of people.

But I agree that having open CPU design can be a good start.

Regards,
Vít Šesták 'v6ak'

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/89dc0d5d-6997-4aa5-a107-fe447c15ac02%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Vít Šesták]

> Or you could just buy POWER 9/TALOS 2, have a libre high performance 
> system right now and stop waiting for what will never happen (and would 
> be immediately fixed if it did)

Talos 2 looks nice in theory, but:

* Qubes OS does not support this architecture. So you are going to have 
something  more resistant to backdoors, but it is also less resistant to 
classical exploits. If your typical threat is not like NSA, you probably lose 
security. And even if it is, it is at least not clear win, as NSA could use 
those classical exploits anyway.
* Not an option for those who want a laptop.
* It is quite expensive for needs of most people.

That's not to say Talos 2 has no merit. It might have some niche, but it is far 
far from a solution for masses.

> If you buy new Intel/AMD CPU's you are supporting future anti-feature 
> development.

Maybe this is not that bad for AMD: 
https://www.phoronix.com/scan.php?page=news_item=AMD-PSP-Disable-Option

But it is still matter of trust. Not having PSP/IME does not mean there cannot 
be any backdoor.

Regards,
Vít Šesták 'v6ak'

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/751ae8ce-c183-4d2e-a17d-6637d029221c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[taii...@gmx.com]

On 01/07/2018 03:27 PM, Ivan Ivanov wrote:

Yes, hopefully one day we would see more leaks, that could help us to
truly get rid of ME ;)
Meanwhile, perhaps the only thing we could do is to stockpile those
few computer models
that are both coreboot (or libreboot) supported and without Intel ME / AMD PSP
Or you could just buy POWER 9/TALOS 2, have a libre high performance 
system right now and stop waiting for what will never happen (and would 
be immediately fixed if it did)


If you buy new Intel/AMD CPU's you are supporting future anti-feature 
development.


--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5136d332-4c56-cb68-9dd7-8ec5760fb192%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[anac]

On 01/08/2018 03:27 AM, Ivan Ivanov wrote:

perhaps the only thing we could do is to stockpile those
few computer models that are both coreboot (or libreboot)
supported and without Intel ME / AMD PSP


Any hints on which models come into consideration?

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/a17865f5-f98a-6638-5787-66b897424e8b%40rbox.co.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Ivan Ivanov]

Yes, hopefully one day we would see more leaks, that could help us to
truly get rid of ME ;)
Meanwhile, perhaps the only thing we could do is to stockpile those
few computer models
that are both coreboot (or libreboot) supported and without Intel ME / AMD PSP

2018-01-07 20:01 GMT+00:00 haaber :
>> воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал:
 https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597=339d919645f1de31a42913c748d1d7fb


 Summary:

 Intel Whistleblower leaks details about his role in backdooring all IME 
 chips on behalf of Intelligence Agencies.
>>> The post is unspecific. Of course ME is a problem: the allegations could
>>> be true or could be disinformation. "I know exactly" is an unplausible
>>> formulation for a backdooring engineer - it is almost surely a wrong ot
>>> statement if it was not himself who spied ...  To conclude: unless some
>>> details are given to enhance trustworthyness (a specific backdoor,
>>> protocol, communication interface, whatsoever), I personally consider
>>> this troll post.
>>
>> Sorry but you haven't seen the full story. This "Intel guy" is legit, he 
>> provided proofs like this one:
>>
>> https://i.warosu.org/data/g/img/0595/40/1490327898699.png
> Maybe, maybe not. Who can verify scanned and blacked papers? I would
> appreciate him helping me to remove it from my mainboard though! How to
> do THIS is the right discussion to my pov.
>
> --
> You received this message because you are subscribed to a topic in the Google 
> Groups "qubes-users" group.
> To unsubscribe from this topic, visit 
> https://groups.google.com/d/topic/qubes-users/bqRSuU3T6MA/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to 
> qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/qubes-users/506eac1a-d270-e5aa-ab72-27088ddd7fea%40web.de.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAAaskFB9FS1esuD2NrYiEyNntb4U%3DCRaN%2BYvND5p1dyst679%3Dw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Ivan Ivanov]

*not all the whistleblowers

2018-01-07 20:22 GMT+00:00 Ivan Ivanov :
> Yes, sadly not whistleblowers are reasonable, but we need any
> whistleblowers - not just the Snowden tier! ;-)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAAaskFABwYJ1%3Dyc4f5BoH0ttA5_vjRMwOENr%2BRF83gR8k%2BvyAw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Ivan Ivanov]

Yes, sadly not whistleblowers are reasonable, but we need any
whistleblowers - not just the Snowden tier! ;-)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAAaskFD8Env%3D%3DwM80yU%3DV3p2ZitEKEkhvtzT46ABPL-Lvc4SJQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[haaber]

> воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал:
>>> https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597=339d919645f1de31a42913c748d1d7fb
>>>
>>>
>>> Summary:
>>>
>>> Intel Whistleblower leaks details about his role in backdooring all IME 
>>> chips on behalf of Intelligence Agencies. 
>> The post is unspecific. Of course ME is a problem: the allegations could
>> be true or could be disinformation. "I know exactly" is an unplausible
>> formulation for a backdooring engineer - it is almost surely a wrong ot
>> statement if it was not himself who spied ...  To conclude: unless some
>> details are given to enhance trustworthyness (a specific backdoor,
>> protocol, communication interface, whatsoever), I personally consider
>> this troll post.
> 
> Sorry but you haven't seen the full story. This "Intel guy" is legit, he 
> provided proofs like this one:
> 
> https://i.warosu.org/data/g/img/0595/40/1490327898699.png
Maybe, maybe not. Who can verify scanned and blacked papers? I would
appreciate him helping me to remove it from my mainboard though! How to
do THIS is the right discussion to my pov.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/506eac1a-d270-e5aa-ab72-27088ddd7fea%40web.de.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[Franz]

On Sun, Jan 7, 2018 at 4:26 PM, qma ster  wrote:

> воскресенье, 7 января 2018 г., 18:20:37 UTC пользователь tai...@gmx.com
> написал:
> > On 01/07/2018 02:46 AM, d@gmail.com wrote:
> >
> > > Summary:
> > >
> > > Intel Whistleblower leaks details about his role in backdooring all
> IME chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename:
> Odin's Eye
> > >
> > That isn't an "intel whistleblower" that is simply a random dude with
> > too much time on his hands making up a bullshit story, besides there is
> > no "backdooring" IME as it already is a backdoor.
> >
> > Intel doesn't need to add a specific backdoor for such a thing nor would
> > a TLA ever ask as:
> > They already have knowledge of various exploits that do the same thing
> > A specific func_backdoor has zero plausible deniability
> > Any foreign intel agency could easily obtain proof and tell the media.
>
> Sorry but you haven't seen the full story. This "Intel guy" is legit, he
> provided proofs like this one:
>
> https://i.warosu.org/data/g/img/0595/40/1490327898699.png
>
>
Hmmm, which is the sense to avoid telling the Intel guy name, but providing
enough information for Intel to understand who is writing? If it was real,
Intel and intelligence agencies would immediately act and deprive him/her
of the freedom to tell or confirm more. The only working way to do that is
how Snowden taught, taking full responsibility, providing plenty of
evidence, getting media help  and moving to a country willing to protect
you.

 It seems

> Best regards,
> Ivan Ivanov
>
> --
> You received this message because you are subscribed to the Google Groups
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/qubes-users/ac501523-14ca-4938-a074-0fd5a51fc6bc%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAPzH-qBVeKwdy2nhVLu_j1KtAqxzsibiuyGqsK7igPJiXuLXkg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[qma ster]

воскресенье, 7 января 2018 г., 18:14:26 UTC пользователь haaber написал:
> > https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597=339d919645f1de31a42913c748d1d7fb
> > 
> > 
> > Summary:
> > 
> > Intel Whistleblower leaks details about his role in backdooring all IME 
> > chips on behalf of Intelligence Agencies. 
> The post is unspecific. Of course ME is a problem: the allegations could
> be true or could be disinformation. "I know exactly" is an unplausible
> formulation for a backdooring engineer - it is almost surely a wrong ot
> statement if it was not himself who spied ...  To conclude: unless some
> details are given to enhance trustworthyness (a specific backdoor,
> protocol, communication interface, whatsoever), I personally consider
> this troll post.

Sorry but you haven't seen the full story. This "Intel guy" is legit, he 
provided proofs like this one:

https://i.warosu.org/data/g/img/0595/40/1490327898699.png

Best regards,
Ivan Ivanov

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/9757603f-5905-4b2d-ba1c-22fba634b8bf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[qma ster]

воскресенье, 7 января 2018 г., 18:20:37 UTC пользователь tai...@gmx.com написал:
> On 01/07/2018 02:46 AM, d@gmail.com wrote:
> 
> > Summary:
> >
> > Intel Whistleblower leaks details about his role in backdooring all IME 
> > chips on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: 
> > Odin's Eye
> >
> That isn't an "intel whistleblower" that is simply a random dude with 
> too much time on his hands making up a bullshit story, besides there is 
> no "backdooring" IME as it already is a backdoor.
> 
> Intel doesn't need to add a specific backdoor for such a thing nor would 
> a TLA ever ask as:
> They already have knowledge of various exploits that do the same thing
> A specific func_backdoor has zero plausible deniability
> Any foreign intel agency could easily obtain proof and tell the media.

Sorry but you haven't seen the full story. This "Intel guy" is legit, he 
provided proofs like this one:

https://i.warosu.org/data/g/img/0595/40/1490327898699.png

Best regards,
Ivan Ivanov

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ac501523-14ca-4938-a074-0fd5a51fc6bc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[taii...@gmx.com]

On 01/07/2018 02:46 AM, dangmad...@gmail.com wrote:


Summary:

Intel Whistleblower leaks details about his role in backdooring all IME chips 
on behalf of Intelligence Agencies. Posted 3/22/2017. Codename: Odin's Eye

That isn't an "intel whistleblower" that is simply a random dude with 
too much time on his hands making up a bullshit story, besides there is 
no "backdooring" IME as it already is a backdoor.


Intel doesn't need to add a specific backdoor for such a thing nor would 
a TLA ever ask as:

They already have knowledge of various exploits that do the same thing
A specific func_backdoor has zero plausible deniability
Any foreign intel agency could easily obtain proof and tell the media.

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2cc06a17-fbab-a4b5-d24e-ba3b49c09e6d%40gmx.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Intel ME Backdoor, called Odin's Eye

[haaber]

> https://i.redditmedia.com/5mA7LrMiwgmmhrwfYF8Jks0WEng66fxWoCcGw33dhCA.jpg?w=597=339d919645f1de31a42913c748d1d7fb
> 
> 
> Summary:
> 
> Intel Whistleblower leaks details about his role in backdooring all IME chips 
> on behalf of Intelligence Agencies. 
The post is unspecific. Of course ME is a problem: the allegations could
be true or could be disinformation. "I know exactly" is an unplausible
formulation for a backdooring engineer - it is almost surely a wrong ot
statement if it was not himself who spied ...  To conclude: unless some
details are given to enhance trustworthyness (a specific backdoor,
protocol, communication interface, whatsoever), I personally consider
this troll post.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/035a9345-d5a4-89be-b260-14387cd8715d%40web.de.
For more options, visit https://groups.google.com/d/optout.