So I just saw an article that reports that every Intel chip from Skylake forward is susceptible to being compromised through the Intel Management Engine.
The IME is a component of the CPU that can act independent of the operating system - the article describes it as “a CPU on top of the CPU”. The documented compromise was by USB. And apparently the IME can only be deactivated by a firmware update.
The Next Web: Researchers find almost EVERY computer with an Intel Skylake and above CPU can be owned via USB.
Now, I’m trying to make sense of this as a relatively non-techy person and I would appreciate the input of more knowledgeable tech gurus in the community. My questions are:
In practical terms, how do you assess the implication of risk to our shiny new V’s? Is this a significant concern?
Where would I get a firmware update to disable IME? Would that come from Intel or from Eve? Is it something that already exists or would it need to be created?
If you continues to read some other articles in the great internets, you would’ve understood that
You can’t get rid of it without introducing other problems (for example your computer rebooting every 30 minutes, or even better not starting at all)
There are people (for example the google singularity) who are working in getting rid of this (along with uefi and some other possibly unsecure parts from the boot process), but it’s enormously difficult because the world is as it is today and companies don’t like change
We are already being watched (Person of interest anyone?) and others know more about us and what we do before we think about it. It’s the price we pay for having things simpler and free. (a price i pay without much problems)
You (as a random guy on the internets) (yes, that includes me as well) are giving this waaaaaaay too much thught. If something bad would happen, CIA? FBI? Area 69? ← they would care about this more than us with our petty problems such as family cat photos and the video of that one time in Thailand with that girl. :^)
I wouldn’t say it’s very significant. There are many threats that give the attacker a chance to take full control of your computer, keyloggers, etc… This is just another one of them. In my understanding, it can see what you’re doing right now while it’s running, but not anything else if it’s encrypted. And that’s why we have antivirus software that prevents you from getting those viruses in the first place, and even if you do get one, prevents it from running.
Trust me, you can’t fix every possible security flaw, because as soon as you fix one, someone finds another one. So your best chance is to get a good antivirus and update it often. And of course, don’t use weird USB sticks you found laying on the ground
As to my understanding, the attacker needs physical access to your device first before they can abuse it. That factor alone dramatically reduces the probability of your particular device getting attacked.
Even one step after that, if they want to steal your data, how are they going to do it? Copy it over the internet? You need WiFi driver for that with all the dependancies. Copy it to a physical hard drive? How are they going to retreive the hard drive from you?
Of course, this is a real issue and shouldnt be dismissed, but for most people, this is nothing to worry about, FOR NOW.
Its cool though, MINIX OS that is used there, is now probably the most popular OS in the world.
I’ve been reading the links suggested here (thanks for the replies and suggested reading!) and some others. Full network stack and a web server built in besides its USB capabilities. That’s concerning. Seems to me that while the only successful reported attack right now is via USB, the possibility for network based exploration could exist.
I’m curious about this. Are you talking about Windows’ bit locker or is there something else that would be useful?
New vulnerability, nothing we users can do about.
Team (@iKirin) , we all know you guys are busy with the online shop and second batch, but please find some time to have a patch ready once the HEBs get them