1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

New security flaw detected in Intel hardware

Discussion in 'Frontpage news' started by zero_cool, Jan 12, 2018.

  1. zero_cool

    zero_cool Member

    Messages:
    40
    Likes Received:
    11
    GPU:
    Two amd fury X
    Last edited by a moderator: Jan 12, 2018
  2. RavenMaster

    RavenMaster Master Guru

    Messages:
    856
    Likes Received:
    20
    GPU:
    2x EVGA GTX 1080's
    So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, how many times has your PC been hacked at hardware level?
     
    Last edited: Jan 12, 2018
    jaggerwild likes this.
  3. kruno

    kruno Master Guru

    Messages:
    246
    Likes Received:
    65
    GPU:
    4890/1
    Cr*p, did they even patched last hole in AMT
     
  4. kruno

    kruno Master Guru

    Messages:
    246
    Likes Received:
    65
    GPU:
    4890/1
    Hardly,lawsuits in USA has already begun, in any way this "blunders" is going to cost them dearly
     

  5. Amaze

    Amaze Ancient Guru

    Messages:
    2,321
    Likes Received:
    46
    GPU:
    Gigabyte 970 G1 1550/7800
    This isn't a ploy
    Ploys usually don't involve ruining your reputation for years to come.
     
    yasamoka and alanm like this.
  6. Denial

    Denial Ancient Guru

    Messages:
    11,376
    Likes Received:
    356
    GPU:
    EVGA 1080Ti
    This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.

    The F-Secure article specifically states this:

    Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.


    Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:

    https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/

    But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues? Or the various security companies that audit this hardware rather frequently?

    It was clearly overlooked.
     
  7. kruno

    kruno Master Guru

    Messages:
    246
    Likes Received:
    65
    GPU:
    4890/1
    Actually it is just Intel's meltdown (with 2 ARM), software side (MS,Linux,BSD..) is just trying to soft patch hardware flaw
     
  8. RavenMaster

    RavenMaster Master Guru

    Messages:
    856
    Likes Received:
    20
    GPU:
    2x EVGA GTX 1080's
    [​IMG]

    Whatever happens, fear sells and somebody is set to profit from these vulnerabilities massively

    https://imgur.com/CRNqn8K
     
    Last edited: Jan 12, 2018
  9. Aura89

    Aura89 Ancient Guru

    Messages:
    6,709
    Likes Received:
    174
    GPU:
    -
    This. For this entire forum, so much this.
     
  10. alanm

    alanm Ancient Guru

    Messages:
    7,832
    Likes Received:
    400
    GPU:
    1070 AMP!
    So to favor the 9 series, they give up a years sales of the vulnerable 8 series? Hmm.. And so many people in the company would have to be in on it, any righteous (or disgruntled) employee would spill the beans faster than you can say busted, disgraced, sued for billions, and mass resignations of Intels senior management. Not to mention just the extreme incompetence to think up such a silly plan would see their asses booted out by shareholders pretty quick.
     
    yasamoka likes this.

  11. tsunami231

    tsunami231 Ancient Guru

    Messages:
    8,408
    Likes Received:
    130
    GPU:
    EVGA 1070Ti Black
    This, it not intel fault default password are left as, that is just pain stupid in corporate environment
     
    WareTernal likes this.
  12. SerotoNiN

    SerotoNiN Ancient Guru

    Messages:
    2,540
    Likes Received:
    270
    GPU:
    nVidia GTX 1080 8GB
    Obvious backdoor to "fight against terrorism" or whatever BS the flock buy into this week. This was an obviously known exploit and it doesn't take 10 years to find such a critical issue. Think.
     
    HonoredShadow likes this.
  13. WareTernal

    WareTernal Member Guru

    Messages:
    190
    Likes Received:
    20
    GPU:
    XFX R9 380X XXX
    My thoughts exactly. Sounds like the problem is a combination of two factors: the feature works as intended, and people are lazy.
    Couldn't we say a similar thing about a lot of routers? If you haven't changed the password AND a bad actor has physical access to the device, they could gain control of the device, and configure it for remote access.
     
    sykozis likes this.
  14. RzrTrek

    RzrTrek Maha Guru

    Messages:
    1,495
    Likes Received:
    177
    GPU:
    RX 580 (8GB)
    What the heck has Intel been doing for the past 15 years?
     
    HonoredShadow, TheDeeGee and Silva like this.
  15. tsunami231

    tsunami231 Ancient Guru

    Messages:
    8,408
    Likes Received:
    130
    GPU:
    EVGA 1070Ti Black
    well on the other side of things alot routers when you first go in to them ask to have passwords/user changed, smart people will do this, others will ignore it, others never go in to the routers., intel could do something like this again it assume people have brains to know it should be changed.

    Other side of this they could do what is what verizon does with there routers they all have random pw made fore each router sent out.

    lazyness and bad security habits like not chaning default passwords is no intels fault
     

  16. Turanis

    Turanis Maha Guru

    Messages:
    1,293
    Likes Received:
    68
    GPU:
    Gigabyte RX500
    Ermm...backdooors and milk the end-user/corporate?

    Meanwhile at Intel:

    "Intel CEO promises Customer-First Urgency,Transparent and Timely Communications,Ongoing Security Assurance in open letter to tech industry leaders.
    Further, the CEO said the open sharing of performance data by hardware and software developers would be essential to "rapid progress" moving forward."
     
    RzrTrek likes this.
  17. Stormyandcold

    Stormyandcold Ancient Guru

    Messages:
    5,047
    Likes Received:
    70
    GPU:
    MSI GTX1070 GamingX
    As long as our governments demand a method to be able to gain access, then, our PC+data will never be fully secure. No hat on needed, that's just reality. All this wasn't a problem until the methods became public.
     
    airbud7, sykozis and Silva like this.
  18. Fender178

    Fender178 Ancient Guru

    Messages:
    3,539
    Likes Received:
    37
    GPU:
    GTX 1070 | GTX 1060
    Yeah this is how this entire thing got exposed because a member of the NSA had his home computer hacked through Kaspersky and it allowed users to gain access to the same tools that the NSA users.
     
  19. Denial

    Denial Ancient Guru

    Messages:
    11,376
    Likes Received:
    356
    GPU:
    EVGA 1080Ti
    There is a difference between the NSA finding zero-day exploits in hardware and keeping them to themselves and the NSA working with Intel to implement said backdoors.

    Why would the NSA ask Intel to implement some complicated exploit that's a complete pain in the ass to get meaningful data out of and causes debugging errors when they could just tell them to shove a well designed wide open backdoor in the AMT/PSP/Etc - a block of hardware that no one has access to and can read/write anything encrypted and transfer it over the internet even when the computer is off?

    Like the logic makes no sense and any/all leaked evidence points to NSA not working with Intel and just finding the exploits first - but then everyone just goes and says the opposite because who knows why.

    There is a saying called "Hanlon's Razor" and I think it applies here:

    "Never attribute to malice that which is adequately explained by stupidity."
     
    yasamoka, airbud7 and sykozis like this.
  20. slyphnier

    slyphnier Master Guru

    Messages:
    425
    Likes Received:
    11
    GPU:
    GTX1070
    this admin/admin basically used everywhere isnt it ?
    not only bios, but also in various devices (networking devices such as routers/modems/ etc.also using same combination)

    i might read it to fast and missed something, but why now ?
    i mean this been used for years, without anyone reporting/complaining
    and all of sudden there report for this

    its just like someone trying to get attention/advantage from the current "intel" hot/break news
     

Share This Page