cpu backdoor within a intel cpu?

[bystander36]

That's like saying you should just accept the reality that someone just broke into your house and move on and not do anything about it.

Accepting violation of privacy should not be something we just accept. Something needs to be done. I don't know what, but something needs to be done. We need to fight this. Everywhere you look now, you have companies and government wanting to know our every move and having full access to everything in our lives, it's ridiculous.

Exactly what can you do about it? Nothing short of not using an AMD or Intel CPU. You can scream moan and hide your head, but you have no choice in the matter.

You can live with it, or you can make yourself miserable. Your choice.

 

[DrMrLordX]

OpenPower's firmware ecosystem is fully open-source and available on GitHub, all the way down to things like the power management controller. Raptor Engineering is planning to release an OpenPower workstation board oriented at users with high security/auditability requirements.

https://www.raptorengineering.com/TALOS/prerelease.php

Right, I know the platform is meant to be open. I'm just wondering if it would be possible to sneak a backdoor into something that's available for review by nearly anyone. Think about it, there's a lot there . . . it would be like hiding a needle in a haystack.

 

[Red Squirrel]

Exactly what can you do about it? Nothing short of not using an AMD or Intel CPU. You can scream moan and hide your head, but you have no choice in the matter.

You can live with it, or you can make yourself miserable. Your choice.

There needs to be more noise made about this, corporations need to threaten to move to other platforms, perhaps in house platforms. If enough people of significance make noise maybe they'll stop. Or maybe hackers can find a way to hack it, so it can be disabled, either through hardware or software.

Really I think the issue we face today is everything is too proprietary. We really need an open source hardware platform. I wonder if ARM is an option, that's still proprietary, but if they can be proven to not be pulling this stuff off either more stuff needs to move to that. I would sacrifice performance for security.

 

[bystander36]

There needs to be more noise made about this, corporations need to threaten to move to other platforms, perhaps in house platforms. If enough people of significance make noise maybe they'll stop. Or maybe hackers can find a way to hack it, so it can be disabled, either through hardware or software.

Really I think the issue we face today is everything is too proprietary. We really need an open source hardware platform. I wonder if ARM is an option, that's still proprietary, but if they can be proven to not be pulling this stuff off either more stuff needs to move to that. I would sacrifice performance for security.

What is clear is we are not dealing with Intel and AMD with this. We are dealing with the Government. A secret branch of the government. If we switched to another platform, they'll force them to put in a backdoor as well.

So unless you know how to circumvent the government, we are stuck with it.

 

[Red Squirrel]

It's always going to be a cat and mouse game, but the point is to always try to be ahead of the government. This is by far not easy though but can't just give up. Hopefully some knowledgeable people will be able to figure out a way to disable this.

Another thing is those TVs that spy on us, that is pretty bad too, as it actually listens to your voice. I imagine they use some form of RF to communicate with satellites or something. There might be an obvious antenna inside the TV that simply needs to be shorted to ground. Would be interesting to open up one of these spy TVs actually. I think most of the newer Samsungs do it. I think Visio too.

 

[superstition]

Big-Little seems to be another way of keeping the telemetry going. Even if you "turn off" your computer the little processor will be a busy little bee.

related discussions:

Will SME SEV and hardware SHA be CPU game-changers?
How long before PC desktop CPUs are sold, with 3G or better internet, built-in?
New CPUs will require Windows 10
[TheReg] Intel Management Engine
Ivy-Bridge Hardware Trojan?
3g chip inside intel vpro skus
Nvidia adds telemetry to its driver (not linked since it's the GPU forum)

Are Intel chips NSA data hubs?

With all of the NSA revelations thanks to Edward Snowden, but also even before him from William Binney we know for a fact, we have the documents that they have partnerships with technological and software companies to implement backdoors so they can spy through them.

William Binney: http://www.computerweekly.com/feature/Interview-the-original-NSA-whistleblower

Intel P4 chip at the time was reportedly spying and would allow access to your computer. Going into the closer past we have a report about Intel's new Core I chips having a secret 3G chip that can be remotely accessed and enabled.

http://news.softpedia.com/news/Secr...uld-Steal-Your-Ideas-at-Any-Time-385194.shtml
http://arstechnica.com/security/201...ias-chip-based-crypto-freebsd-developers-say/

Of course these types of reports are nothing new, back in 2010 there was another similar controversy, that time about a feature that could remotely be shut down.

http://www.techspot.com/news/41643-intels-sandy-bridge-processors-have-a-remote-kill-switch.html

So the big question really is, how much is Intel in bed with NSA and how much of our information is in danger?

I tried to find the topic about AMD's embedded module but can't seem to locate it in the search. I think it's some sort of ARM-type processor that will be inside Zen CPUs.

 

[Red Squirrel]

There needs to be way more outrage about this than there is. While people worry about crap like ransomeware, this is a much bigger threat. Corporations need to fight this, people will never get their way, but corporations will, and to me this should be a concern even for them. OF course I could see Intel just turn it off for corporations but not civilians...

I think this really should be an eye opener though, seems we can't trust even bare metal anymore, we need an open source movement that goes right down to the silicon level. That would be far from easy though.

Or perhaps someone needs to figure out a way to break it. It might be as simple as disabling specific pins on the cpu or something.

 

[jhu]

There's some work on neutrilizing IME on Sandy Bridge/Ivy Bridge. This supposedly works all the up to Skylake as well. But let's say you do all that, how do you know your hard disk firmware isn't compromised?

 

[Red Squirrel]

Oh right forgot about hard drives. They have backdoors too. Chances are all these backdoors work together and communicate via a separate layer 1 network throughout the PC/LAN. NICs probably have it too, as they could use a separate layer 1 protocol to communicate between machines. Packet sniffers would not pick this up. A logic analyzer perhaps would. Then one CPU within the network could be used to transmit to the NSA satellites or to the cellular network or whatever way they communicate out. I presume they attempt to use your internet, but that could be easier to trace with a packet sniffer on a mirrored switch port for example.

This stuff is just getting so ridiculous. It's one of the things that has driven me to get an interest in component level electronics. Though I don't expect to really have the knowledge to hack/analyze this stuff either, this is beyond electronic hobbyist levels. A lot of these involve silicon with no datasheets available. Or datasheets that specifically don't mention the backdoor part.

All we can do is speculate, but considering how hell bent the government is on spying on everyone none of this is really that surprising, it's just a piss off because there's basically nothing we can do. We are constantly being violated.

 

[superstition]

how do you know your hard disk firmware isn't compromised?

Along with everything else. Even GPU drivers have spyware in them now.

Agner Fog once wrote an article that was somewhat critical of the need for multiprocessor (multi-core mainly) desktop machines. He quipped that the only real use for a second core would be to "run all the spyware" that infects so many machines. How right he was.

 

[lopri]

Yeah it's pretty much been proven now and even the government has admitted to all this spying stuff. That's what we know, it's probably even worse than what we know. Then just look at how companies like google and FB are collecting so much data on us too, those are pretty much facts at this point, not conspiracies. The sad part is most people seem to just accept it.

Hopefully someone will figure something out to disable this thing, it might be something as simple as bridging or cutting some pins or something. But then how do you know it really worked...

What's funny is that those who urge us to "accept the new reality" now are the ones who vehemently denied the existence of this kind of tech in the first place.

 

[ehume]

Well, I power off my machine when I don't use it . . .

 

[superstition]

Well, I power off my machine when I don't use it . . .

Big-Little will have you covered.

Apple engineers are planning to offload the Mac’s low-power mode, a feature marketed as "Power Nap," to the next-generation ARM-based chip. This function allows Mac laptops to retrieve e-mails, install software updates, and synchronize calendar appointments with the display shut and not in use. The feature currently uses little battery life while run on the Intel chip, but the move to ARM would conserve even more power, according to one of the people.

This sort of thing doesn't really seem to be limited to Apple. Isn't there some type of ARM core embedded in Zen?

 

[Rifter]

Why do i feel that its us consumers who are taking it in the backdoor with all these privacy issues lately.

 

[sm625]

In order for Intel Management Engine to be remotely accessed independent of the OS, it must access the NIC. In order to do that, it must talk over a PCI bus. It must have a list of common NIC vender and device IDs as well as the protocols and register maps for each device. It is likely that the ME firmware would contain a list of common Intel NICs as well as the code required to talk to and through them. But there is no way to be able to control every NIC from every company. So if you value your privacy, just use an obscure NIC from an obscure brand, or at the very least, dont use an intel NIC. And most certainly dont use the onboard NIC. In all likelihood, the onboard NIC is probably the only NIC that IME knows how to talk to.

 

[Ichinisan]

Jump to 1m57s:
https://www.youtube.com/watch?v=EjbQ-BDh4PU#t=1m57s
"It's got a tiny little modem embedded in each processor."

Pilot episode of the X-FIles spin-off "The Lone Gunmen."

Of course, that was inspired by controversy that the Pentium III would have a built-in serial number.

 

[LTC8K6]

Just flip the power switch in the back, unplug it, or take the battery out, etc., whichever applies to power the computer down completely.

 

[VirtualLarry]

Of course, that was inspired by controversy that the Pentium III would have a built-in serial number.

Uhm, it did, and it does, as does every Intel CPU since then.

At least, on the Pentium III, they added a BIOS option that would lock out being able to read the serial number with a user-mode instruction, but rest assured, the PI-ROM is present in every modern Intel CPU. (Processor Information ROM.)

Edit: Hard drives, SSDs, flash drives, and motherboards all have serial numbers, and NICs have MAC addresses which are nearly just as good. Why should it surprise you that the CPU might have a serial number as well?

 

[Ichinisan]

Uhm, it did, and it does, as does every Intel CPU since then.

At least, on the Pentium III, they added a BIOS option that would lock out being able to read the serial number with a user-mode instruction, but rest assured, the PI-ROM is present in every modern Intel CPU. (Processor Information ROM.)

Absolutely. There was controversy about the electronic serial number before the Pentium III was actually released.

Yes. The Pentium III had an electronic serial number and most computers had a BIOS option to disable it (so that software could not read it). I know that.

I'm not sure if the Pentium III was released at the time that pilot episode aired. I just don't remember the timing of it.

 

[superstition]

Apple may have been the pioneer here.

Every Lisa was serialized and would brand any disk used to install software onto it. I don't know if it would brand all disks used in the system or not. There was a chip on the motherboard of the Lisa for the serialization.

However, it wouldn't surprise me if the Fairchild F8 and Intel 8080 have some sort of tech that's useful for spying that no one has talked about. It's not like the NSA was asleep when microcomputers hit the consumer market. Just because the Pentium III's serialization made the press doesn't mean stuff like that didn't already exist. Sometimes the goal is to let the public know they're being watched.

 

[DrMrLordX]

Jump to 1m57s:
https://www.youtube.com/watch?v=EjbQ-BDh4PU#t=1m57s
"It's got a tiny little modem embedded in each processor."

Pilot episode of the X-FIles spin-off "The Lone Gunmen."

Of course, that was inspired by controversy that the Pentium III would have a built-in serial number.

They also predicted the World Trade Center attack.

 

[nopainnogain]

Out of curiosity, which older AMD processors do not have the cpu backdoor?

 

[superstition]

Out of curiosity, which older AMD processors do not have the cpu backdoor?

The ARM core is something new for Zen I think. There was a topic about it here but I couldn't find it with a search. However, I'd assume that any CPU has some type of spyware in it in order to satisfy the US government. The same goes for operating systems.

 

[Nothingness]

The ARM core is something new for Zen I think. There was a topic about it here but I couldn't find it with a search.

Carrizo already has the secure ARM core: http://www.anandtech.com/show/9319/...leap-of-efficiency-and-architecture-updates/8

However, I'd assume that any CPU has some type of spyware in it in order to satisfy the US government. The same goes for operating systems.

I'd be curious to see the Linux spyware

 

[superstition]

I'd be curious to see the Linux spyware

I'd be curious if the biggest distros, like Ubuntu, don't have it somewhere where it's so deeply embedded that only the inner circle can tell it's there. It seems like the kernel is the best place for it. Isn't that something that Torvalds and such continue to have control over?

Otherwise, the more banal tactic of having encryption standards and communication protocols be broken in the draft phase (things like that) would have to be the only vectors.

There's this, though:

XKeyscore flags any IP address involved in any web search for the term Tails or its meaning. The program refers to Tails Linux distribution as “a comsec mechanism advocated by extremists on extremist forums,” according to Techspot.

The program marks and tracks the IP addresses of those who search for 'tails' or 'Amnesiac Incognito Live System' along with 'linux', ' USB ',' CD ', 'secure desktop', ' IRC ', 'truecrypt' or ' tor '.