back to article 'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc

A slit in Intel's security – a tiny window of opportunity – has been discovered, and it's claimed the momentary weakness could be one day exploited to wreak "utter chaos." It is a fascinating vulnerability, though non-trivial to abuse in a practical sense. It cannot be fixed without replacing the silicon, only mitigated, it is …

  1. Anonymous Coward
    Anonymous Coward

    A backdoor ?

    Who could have possibly mandated that ?

    1. Julz Silver badge
      Black Helicopters

      Re: A backdoor ?

      I came here to write something similar. The bit of the article which jumps out is' "A single key is used for an entire generation of Intel chipsets". Now which agencies might have access to that key?

      1. Luiz Abdala Bronze badge
        Pirate

        Re: A backdoor ?

        "A single key is used for an entire generation of Intel chipsets".

        Replace Intel with Sony and Nintendo, and chipsets with Playstation, Switch, Wii U or whatever, and you will understand why it is so easy to get bootlegged games on some of these platforms.

        Entire ecosystems inside Nintendo were borked, DRM defeated, and finally, easily pirated because there was a hard-coded single key on the entire line of hardware.

        Not just Intel, but also entertainment products had this sloppy, lazy development aspect.

        One of them required a specific vendor CD-ROM used in the console, which the mateys found out and quickly procured to find the keys inside the firmware and explode any DRM schema out of the water before they were even loaded from the disc (a really convoluted roundabout way, but still).

        "Never blame maliciousness when simple stupidity can be the culprit" or something like that.

        (edit) Oh here it is:

        "Never attribute to malice that which is adequately explained by stupidity"

        Hanlon's razor.

        How about AMD?

        1. ShadowDragon8685

          Re: A backdoor ?

          I always feel the need to bring up Petey's Corollary whenever someone waves Hanlon's Razor around:

          "'Never attribute to Malice that which is adequately explained by Incompetence' is only good advice when there isn't Malice afoot."

    2. Anonymous Coward
      Anonymous Coward

      Re: A backdoor ?

      No-one Strikingly Asinine.

      1. A.P. Veening Silver badge

        Re: A backdoor ?

        How about No Such Agency?

        1. Anonymous Coward
          Anonymous Coward

          Re: A backdoor ?

          No Straight Answers.

        2. chroot

          Re: A backdoor ?

          I work for No Such Agency!

      2. Sandtitz Silver badge

        Re: A backdoor ?

        Flowers By Irene ?

        1. tip pc Silver badge

          Re: A backdoor ?

          Well above their pay grade

    3. Anonymous Coward
      Anonymous Coward

      Re: A backdoor ?

      I've no idea what you lot are on about, there's Nothing to See here At all...

    4. Anonymous Coward
      Anonymous Coward

      Re: A backdoor ?

      N efarious

      S ubversive

      A nti-democratic

      ?

    5. Anonymous Coward
      Anonymous Coward

      Getting security 100% right is hard

      Occam's Razor says this was unintentional.

      Especially since simply supplying the chipset key to the NSA would make way way more sense than leaving an exploit that among other things would open up DRM - the spooks don't care about that!

      1. Richocet

        Re: Getting security 100% right is hard

        I think previous commenters were suggesting that the keys might have been supplied to the NSA by Intel , not that the vulnerability was deliberately put there for the benefit of the NSA.

        1. NeilPost Bronze badge

          Re: Getting security 100% right is hard

          It seems nonsensical that the default protection was off and enabled as part of the start-up routine.... allowing this pin-prick vulnerability.

          What were they thinking ???

          1. This post has been deleted by its author

          2. jelabarre59 Silver badge

            Re: Getting security 100% right is hard

            What were they thinking ???

            Ah, "thinking". That's where your logic falls apart.

      2. Tomato Krill

        Re: Getting security 100% right is hard

        But perhaps Occam works for the NSA?

        1. MrDamage

          Re: Getting security 100% right is hard

          Nah, but Hanlen left his razor in the company bathroom.

      3. Anonymous Coward
        Anonymous Coward

        Re: Getting security 100% right is hard

        "Occam's Razor" has never been applicable to humans, especially humans doing things they know they should not. Those who love secrets and lies delight in adding complexity and distraction in order to hide their nefarious actions. The way of the mountebank has many paths and all lead away from truth

    6. Scott 53

      Re: A backdoor ?

      I think if this was some agency's cunning plan, they would have ensured it wasn't described in the documentation. Surely.

      1. Anonymous Coward
        Anonymous Coward

        Re: A backdoor ?

        I hate it when people misspell my name!

        Shirley

      2. Tom Chiverton 1

        Re: A backdoor ?

        It's there but hidden to give plausible denyability.

    7. Anonymous Coward
      Anonymous Coward

      Re: A backdoor ?

      Huawei & China.

      Intel are obeying Beijing.

      Put them on the black list now!

      1. leenex

        Re: A backdoor ?

        Could be the Muslims Or The Gays, using this back door to Cause Floods and Destroy Western Civilization.

        1. MrDamage

          Re: A backdoor ?

          Of course it was put in by the gays. The more backdoors the better.

    8. Anonymous Coward
      Anonymous Coward

      Re: A backdoor ?

      'Twas the land of No Secrets Anymore, where even the shadows lie.

  2. Tom 7 Silver badge

    Pi's look sweeter by the day!

    Nom Nom!

    1. Anonymous Coward
      Anonymous Coward

      Re: Pi's look sweeter by the day!

      Well, up to the spectre vulnerable Pi4 anyway

      Oh on a related point, the Pi doesn't come with any firewall by default. Those that are concerned might consider UFW (available via apt-get and a doddle to configure but walk throughs are available online) and or turning off IP6 with the rest of the usual suspects when they are doing basic lock down after a fresh build.

    2. cowardly weasel

      Re: Pi's look sweeter by the day!

      That and Macs with T1 or T2 security chips (which load first) are also unaffected.

  3. Chairman of the Bored Silver badge

    Honest question...

    Is the system DMA controller in modern Intel chipsets baked into the CPU silicon and part of the HW trust boundary, or is this a separate chip?

    1. WorBlux

      Re: Honest question...

      From what I can tell, there is more than one DMA controller, and it's potentially the one of the PCH (chipset) that is leaking. However the request is going though the main IOMMU, which is brought online in a security disabled state.

  4. Anonymous Coward
    Anonymous Coward

    "maintain physical possession of their platform"

    Which is all very well, as long as no laptops or tablets use this chipset ...

    Personally, I'm not too bothered, since for about 20 plus years I have been banging on about not trusting anything you don't make - all the FOSS sparkle in the world can't hide the fact that we have no idea what the silicon below is up to.

    Assume all platforms are compromised and act accordingly. The problem with that approach is it means spending money, and we only get the security we are prepared to pay for.

    1. Tomato Krill

      Re: "maintain physical possession of their platform"

      Or desktops- unless you sleep with yours?

      1. YetAnotherLocksmith

        Re: "maintain physical possession of their platform"

        Nah, it's in the office, and no-one but the boss, your Cow-orkers, all previous employees until they change the code, HR subbies, security, oh, and the below minimum wage cleaners have keys or access. Impregnable!

        1. Anonymous Coward
          Anonymous Coward

          Re: "maintain physical possession of their platform"

          "[...] and the below minimum wage cleaners [...]"

          Like uniforms - that generic role makes the individual invisible in their access to all areas. Emptying office waste paper bins has long been a useful source of information. Apparently at one point a country's troops were short of toilet paper - so they used pages torn out of military equipment manuals. These could be retrieved from non-water latrines.

          1. Anonymous Coward
            Anonymous Coward

            Re: "maintain physical possession of their platform"

            I heard of that one, but seem to remember it being telex/teletype/radio transmission carbons?

            Either way, it's putting the "p" in espionage...

            1. Anonymous Coward
              Anonymous Coward

              Re: "maintain physical possession of their platform"

              "[...] but seem to remember it being telex/teletype/radio transmission carbons?"

              Apparently a Cold War Operation Tamarisk.

          2. zuckzuckgo Bronze badge

            Re: "maintain physical possession of their platform"

            > "These could be retrieved from non-water latrines."

            Thus the recommendation: "maintain physical possession of their platform"

      2. Chairman of the Bored Silver badge
        Joke

        Re: "maintain physical possession of their platform"

        At my age, maybe the only hard drive possible!

  5. batfink Silver badge

    "maintain physical possession of their platform"

    Wonderful advice thanks Intel. I'd never have thought of that. Should be easy to maintain physical possession in all circumstances, shouldn't it?

    1. Anonymous Coward
      Anonymous Coward

      Re: "maintain physical possession of their platform"

      Not entirely. A couple of good examples where the person in control of a machine may never once in their entire life have physical access to the server:

      - Dedicated Servers

      - VPS

      - Cloud

      Then there's the "it's our hardware, but we can't control who has physical access":

      - Co-location DCs

      This pretty much sums up the bulk of websites on the internet these days.

      Sadly, I'm also guilty of just renting dedi's instead of trying to run them from the office or home due to the UK's internet speeds (and if you want leased lines, which can be good enough, the price) and hardware costs. And in most cases a DC can offer better physical security than your house.

    2. Tom 7 Silver badge

      Re: "maintain physical possession of their platform"

      Assuming you make it at home yourself!

  6. disgustedoftunbridgewells Silver badge

    Pointless, pointless, pointless....

    "However, this key is not platform-specific. A single key is used for an entire generation of Intel chipsets. "

    Ah.

  7. Dan 55 Silver badge
    Black Helicopters

    That's what they want you to think

    Like a digital janitor, the CSME works behind the scenes, below the operating system, hypervisor, and firmware, performing lots of crucial low-level tasks, such as bringing up the computer, controlling power levels, starting the main processor chips, verifying and booting the motherboard firmware, and providing cryptographic functions.

    Google found they could delete most of the ME and UEFI. Maybe it'll be possible to wipe practically everything with this exploit.

  8. Pascal Monett Silver badge
    Coat

    And none of this is important

    unless the miscreant gains physical access to your PC. And if he gets physical access, it's game over anyway.

    Well, thank you for yet another method to cause chaos if some goon gets to my keyboard. I'm thrilled to know that there is yet another way he can trouble. Apart, obviously, from just ripping out the hard disk and chucking it into an external reader under a different platform allowing him to read everything.

    I'll file this under Hollywood Apocalypse Scenario #4622.

    1. adam 40 Bronze badge

      Re: And none of this is important

      I think you're missing the point. An attacker can own their own PC and refer it a gazillion times, each time leaking out a bit of the private key.

      Once they have the private key, it can be applied to _your_ computer, probably remotely too, to whatever API's or connections are exposed. And there are quite a few, from what I have read.

      1. Dan 55 Silver badge

        Re: And none of this is important

        Remotely via the ME which nobody particularly wanted in their computers anyway? Which malicious actor put that there?

      2. boltar Silver badge

        Re: And none of this is important

        And exactly how pray does a remote attacker get past the OS and any hypervisor and access the management layer without physical access to the machine?

        1. Anonymous Coward
          Anonymous Coward

          Re: And none of this is important

          Easy, by not needing to go via the OS or hypervisor to get to the management engine. This management layer is before any of that, even on the Ethernet port. It intercepts everything, remember the empty password AMT bug?

        2. eldakka Silver badge

          Re: And none of this is important

          But this only has to happen once, on one machine, anywhere in the world. Doing this the once, even on their own perfectly legally purchased kit, will now give them the global master key to unlock the local platform keys for every intel computer of the last several generations.

          Once this global master key is unlocked, then they may be able to remotely attack other intel computers, at least that's how I read it.

          1. YetAnotherLocksmith

            Re: And none of this is important

            Of course, quite how this hasn't already been figured out via chip decapping, I'm unsure?

        3. Tomato Krill

          Re: And none of this is important

          Via exploits

    2. Anonymous Coward
      Anonymous Coward

      Re: And none of this is important

      If you are worried about personal files being stolen just change all the extensions to .exe , no one click them then.

    3. thosrtanner

      Re: And none of this is important

      As far as I can see, if said miscreant gets access to your PC, they can read the management key which doesn't apply to your PC, it applies to however many hundreds of thousands of PCs that were built with the same chipset.

      I imagine it's rather less hard at that point to do interesting things remotely.

      1. vtcodger Silver badge

        Re: And none of this is important

        I'm pretty sure that I don't understand this. But it sure sounds like the miscreant doesn't need to tease out the management key on your PC. They can use the management key from their own PC if it has the same chipset as yours. Which suggests that it's only a matter of time -- weeks? months? years? -- before the management keys to every intel CPU with a management engine are available to everybody on the internet. The next question would seem to be what nasty things can they actually do if they know that key and somehow get access to someone's Intel CPU by, for example, by incorporating some malicious Javascript in an ad?

        Let's all fervently hope that the answer is "Not much really." If it isn't, you may want to wait a while before sending that dust covered (ME less) 386DX out in the garage off to the dump, You may be about to find a use for it.

        1. amanfromMars 1 Silver badge

          Re: And none of this is important

          Let's all fervently hope that the answer is "Not much really." ..... vtcodger

          Are we to expect you suspect that a forlorn hope, vtcodger, and practically anything is then virtually possible and therefore most probable?

          1. vtcodger Silver badge

            Re: And none of this is important

            "Are we to expect you suspect that a forlorn hope, vtcodger, and practically anything is then virtually possible"

            Nope. This is way beyond my pay grade. The only clue I have is that if "anything is then "virtually possible" I should think there would be a **LOT** of excitement, hand waving, blame shifting, and preposterous "solutions". So maybe in practice having the management keys to most of the world's Intel CPUs become public knowledge is no big deal and nothing to worry about.

            1. the future is back!

              Re: And none of this is important

              Or not.

        2. the future is back!

          Re: And none of this iand you do realize...s important

          This is some Daniel Craig, 007 type shit here. So X has compromised every #Intel #CPU for generations of versions. And Q doesn’t have an answer. In theory. .

        3. YetAnotherLocksmith

          Re: And none of this is important

          Exactly.

          Think of it like figuring it how to break into your car without a trace or key, and drive it away. Those exact same steps will get you into every other (2011 Vauxhall Astra|2001 VW Golf|1974 Ford Cortina)

          1. Anonymous Coward
            Anonymous Coward

            Re: And none of this is important

            >"Those exact same steps will get you into every other (2011 Vauxhall Astra|2001 VW Golf|1974 Ford Cortina)"

            But at least nothing of value is at stake.

  9. g00ner

    Disable AMT/ME

    Some vendors give the option of disable AMT/me in the bios.

    One of my steps when building windows clients.

    1. Joe Harrison

      Re: Disable AMT/ME

      That's what they want you to think. You set the switch to "disabled" in the BIOS, then relax with a well-earned beer. Meanwhile...

      1. Thoguht Silver badge

        Re: Disable AMT/ME

        Exactly. Sounds like the ME has its own BIOS that boots and runs before ever the main BIOS does.

  10. DenTheMan

    Blame China

    Wasn't Bruce Lee a double agent who also dabbled in coding?

    A tiny bit far fetched even for Donald Trump to use.

    Only just though.

  11. Mike 125

    The best.

    " 'Unfixable' boot ROM security flaw..."

    That's my favourite kind, a bit like 'impossible milestone', 'challenging deadline', 'unreachable dream'.

    My advice is take a beer, stretch out, and self-isolate.

    1. A.P. Veening Silver badge

      Re: The best.

      It is only infixable as long as you insist on using Intel chips, no problem whatsoever if you are prepared to switch to AMD.

      1. whitepines Silver badge
        Alert

        Re: The best.

        no problem whatsoever if you are prepared to switch to AMD.

        AMD has pretty much the exact same system in play, it just hasn't been attacked as earnestly as the IME yet. Look into the PSP. This is only good news for AMD if they can continue to lie about their security focus while still forcing the exact same DRM model that has brought Intel to this situation.

        To get away from it you can select from certain ARM CPUs, Power, or RISC-V. Or, use old hardware from the early 2010s or before. Ryzen, Epyc, etc. are not going to get you away from this!

        1. the future is back!

          Re: The best.

          Faaaak now I have a headache.

        2. zuckzuckgo Bronze badge

          Re: The best.

          Not sure about other current CPUs but it seems to me that "old hardware from the early 2010s" lacks this kind of secure enclave altogether so would still be less secure then the new stuff with the vulnerability.

          1. whitepines Silver badge

            Re: The best.

            Not sure about other current CPUs but it seems to me that "old hardware from the early 2010s" lacks this kind of secure enclave altogether so would still be less secure then the new stuff with the vulnerability.

            Depends on use case, but the older hardware tended to have isolated TPMs so would still have secure enclave support (ish) whereas with this vulnerability even something as basic as secure boot or firmware signing is completely trashed.

            The new hardware of course has (at least on the Power side) secure enclave type functionality. ARM has its TrustZone, but SoCs with TrustZone and open firmware for it aren't the most common. Given a choice I'd use the newer chips that aren't from Intel or AMD but for those that feel they absolutely must game on their PC the old hardware is likely the only thing that will work.

            1. zuckzuckgo Bronze badge

              Re: The best.

              Upvote for the clarification.

            2. Tom 64

              Re: The best.

              > "for those that feel they absolutely must game on their PC the old hardware is likely the only thing that will work."

              Depends on your definition of 'work'. Suffering a 50% drop in FPS is not palatable to most gamers.

      2. the future is back!

        Re: The best.

        But that’s not a point, let alone THE point.

      3. Stoneshop Silver badge
        FAIL

        Unfixable

        How many laptops are available with AMD processors?

      4. Sudosu

        Re: The best.

        I'd settle for a new SPARC laptop...

    2. tekHedd

      Re: The best.

      Don't forget 'stretch goal'

    3. vtcodger Silver badge

      Re: The best.

      "... and self-isolate."

      The network cable is the one with a flat 8-pin connector.

  12. seven of five Silver badge

    – a tiny window of opportunity –

    "A one in a million chance."

    -Samuel Vimes

    1. DrBed

      Re: – a tiny window of opportunity –

      > "A one in a million chance."

      Almost suitable for Infinite Improbability Drive (@ Zaphod's Heart of Gold).

      1. Soruk

        Re: – a tiny window of opportunity –

        It's not his, he stole it.

    2. NeilPost Bronze badge

      Re: – a tiny window of opportunity –

      “One in a million Chance”

      - Boris Johnson.

      1. DenonDJ DN-2500F

        Re: – a tiny window of opportunity –

        Boris Johnson - one in a million CHANCER.

    3. Wayland Bronze badge

      Re: – a tiny window of opportunity –

      I used to shoot wamprats no bigger than that.

    4. zuckzuckgo Bronze badge

      Re: – a tiny window of opportunity –

      Unfortunately, "A one in a million chance." + 238,310 MIPS (2014) = certainty.

  13. NonSSL-Login
    Coat

    SDDS

    Another example of what I assume is a government organisation gifted backdoor which shows that backdoors cannot be kept secret forever and once exposed, everyone can be screwed by every Tom,Dick and Harry.

    All the US has to do now is to make a noise about foreign hardware having backdoors so everyone scrambles to buy US backdoored kit. oh wait...i'll get my coat.

    1. Inventor of the Marmite Laser Silver badge

      Re: SDDS

      Never ascribe to malice things which can be explained by stupidity

      1. Kabukiwookie Silver badge

        Re: SDDS

        Isn't that the NSA's PR department's slogan?

      2. Wayland Bronze badge

        Re: SDDS

        Never give your enemy the benefit of the doubt.

    2. NeilPost Bronze badge

      Re: SDDS

      .... and all the shouting has been about Huawei.

      1. DCFusor Silver badge

        Re: SDDS

        Projection is all over government and politics. You always accuse the other guys of doing what you damn well know you're guilty of yourself. Rampant in the US just now, but it's not exclusive and not new.

    3. zuckzuckgo Bronze badge

      Re: SDDS

      > "backdoors cannot be kept secret forever"

      Especially when you describe them in the product documentation.

  14. amanfromMars 1 Silver badge

    For/From Those of A.N.Other Persuasion ........ an Alternate View for Earthly Presentation

    'Unfixable' boot ROM security flaw in millions of Intel chips could spell 'utter chaos' for DRM, file encryption, etc

    Although exploitation is like shooting a lone fish in a tiny barrel 1,000 miles away ..... Shaun Nichols in San Francisco 5 Mar 2020 at 14:00

    Attempts at prevention of exploitation are much more likely to be like shooting a lone fish in a tiny barrel 1,000 miles away, Shaun.

    You can be sure if the key sequences to boot and root are lost and found in the ken of others, further experimentation is virtually guaranteed to be Servered as Spectacular BlockBusters in an Endless Stream of Halcyon Day 0Days.

  15. tekHedd

    An infinite number of typewriters gets you every time

    The chance of exploitation is miniscule...and you get an unlimited number of attempts. I think I see the problem here.

    So... we've built basically an entire world full of computers with a hardware backdoor, but fortunately only *trusted authorities* have the key to that backdoor. Only now the key is leaking. Time to pretend to be surprised and shocked and double down because a) this was never really a backdoor it's a handy tool for administrators, and b) this doesn't invalidate the need to put backdoors in everything else as well, which also aren't backdoors but desperately needed to protect you.

    "[EPID] is used for things like providing anti-piracy DRM protections, and Internet-of-Things attestation"

    Translation: the point of EPID is to ensure that you, the end user, do not have control of your computer. This is why its compromise is a disaster of biblical proportions. If your computer is compromised that's sad. If /their/ telemetry and DRM content is compromised, cats and dogs sleeping together, mass hysteria.

    1. jonathan keith Silver badge

      Re: An infinite number of typewriters gets you every time

      Don't forget the human sacrifices. Very important part of the End Of Days.

    2. Claptrap314 Silver badge
      Boffin

      Re: An infinite number of typewriters gets you every time

      This. Any article on the Reg which mentions and apocalypse without cats and dogs sleeping together is clearly just hype. No cats & dogs sleeping together? No apocalypse.

      1. Frumious Bandersnatch Silver badge

        Re: An infinite number of typewriters gets you every time

        Who's to say that someone hasn't already infiltrated your computer and muddled the quite glaringly obvious reference to cogs and dats that is explicitly mentioned in the (fine) article?

    3. Anonymous Coward
      Anonymous Coward

      Re: An infinite number of typewriters gets you every time

      "So... we've built basically an entire world full of computers with a hardware backdoor, but fortunately only *trusted authorities* have the key to that backdoor."

      We have built a world full of hardware/firmware/software made by others that we believe to be secure. It was never secure without trust and the trust was never deserved.

      To try and address this, we have added even more layers of hardware/firmware/software and it appears that we have become even less secure.

      A few more layers of hardware/firmware/software are bound to fix the issue. Or make it seem so far away it can never hurt us.

  16. Sgt_Oddball Silver badge
    Holmes

    Missing the point....

    I, for one, am fascinated that this flaw exists and was open for all in the documentation (finally a reason to RTFM, no?) but I'd be intrigued how this behaves on a multi cpu system.

    Whilst I'm aware that you used matched CPUs if one if compromised, does that mean they both are? Or is it a pot shot on if you can hijack one or multiple cpus in the attempt? Questions, questions..

    1. bazza Silver badge

      Re: Missing the point....

      TBC, but I reckon mutliple CPUs are going to make it harder for an exploit to successfully attack both successfully in that narrow window of opportunity. Doesn't mean its impossible.

      Of course, what we now know is that pretty much every Intel CPU has the same key inside, and that need leak only once anywhere in the Internet for whatever havoc that can then ensue to actually happen. If that includes exploits beating up CPUs later on in their runtime (i.e. after that narrow window of opportunity has passed, but others are open if the key is known), then presumably all CPUs in a multi-chip setup would be vulnerable.

      Could be that anyone relying on Intel CPU security features is going to be in a whole heap of trouble real soon.

      Good news for AMD of course, though who knows what problems actually exist over there. On the whole they do seem to have dodged most of the bullets that have done a lot to dent Intel's reputation recently.

      1. whitepines Silver badge
        Happy

        Re: Missing the point....

        Good news for AMD of course

        AMD has pretty much the exact same system in play, it just hasn't been attacked as earnestly as the IME yet. Look into the PSP. This is only good news for AMD if they can continue to lie about their security focus while still forcing the exact same DRM model that has brought Intel to this situation.

        Go ahead, downvote me for daring to speak against Team Red...

        1. Unicornpiss Silver badge
          Meh

          Re: Missing the point....

          Re. AMD, they very well may have the same vulnerability in their chipsets. Or they may have corrected any hole years ago. Since I have not seen an article analyzing AMD yet, I'm going to cautiously give them the benefit of the doubt thus far, partially in good faith since their CPUs aren't nearly as vulnerable as Intel's offerings from the same era, at least to as many exploits.

          1. whitepines Silver badge

            Re: Missing the point....

            I know for a fact they just haven't been analyzed as much. AMD still has the exact same "keys to the kingdom" problem, they're just at a much smaller market share so interest in cracking their key versus Intel's key is a lot lower.

            Same way Linux doesn't have many viruses -- tiny market share in terms of gullible PC users, so just not worth the effort to crack (yet).

    2. Anonymous Coward
      Anonymous Coward

      Re: Missing the point....

      The flaw exists in the supporting "Platform Controller Hub" or PCH rather than the CPU, so on a multi-processor system this is still likely to be present, assuming the PCH has the Intel Management Engine functionality.

      As far as I can tell, this appears to make TPM/content protection keys vulnerable and may provide a way of introducing firmware onto hardware in the system. I say may as access appears to be gated by ROM instructions - it's not a free for all.

      Its worth noting that this is using an Intel debug bus for access - while this information and the tools to use it are being publicly disclosed, Intel will already have something similar for debugging/development purposes. And will likely have provided it to their friends.

  17. whitepines Silver badge
    Angel

    This is exactly why we use ARM and Power systems (though technically those systems are chosen only for the open firmware, it's mainly that those two architectures have CPUs with open firmware that are powerful / pervasive enough to be useful).

    I just can't believe it's taken this long for the master key to leak...

    ...which makes me suspect it's already been extracted some time ago, just not in white hat circles / publicly.

    Wonder what the GDPR implications are, since it's not exactly like the IME was a secret for the past 5+ years? Shouldn't purposefully choosing a cheap, but insecure, platform to store protected trigger some fairly nasty fines now that data leak (especially of, and I quote, "encrypted" data) is possible? Especially since the decision was purely to minimize cost on "that IT cost centre"?

    1. Anonymous Coward
      Anonymous Coward

      Cost

      Wouldn't this problem have been nullified if intel had spent a couple of bucks on a dedicated RAM die for this security engine?

      1. Brewster's Angle Grinder Silver badge
        Facepalm

        According to the article it had dedicated RAM. And yet, still, some devices could DMA into it.

  18. Hooda Thunkett

    If any kit on your computer has DMA access, is it capable of attacking the CSME in this way? I'm thinking perhaps of Ethernet controllers for systems that have power-on over Ethernet capability. If that controller has a different vulnerability that would allow an attacker to modify the ROM of the Ethernet controller, which has DMA and can reset the processor (or potentially power-cycle it) then you could have a significant vulnerability.

    1. WorBlux

      Thunderbolt does, but that's not even the big implication of this. If the SKS is compromised, and attacker could put any arbitrary image on the SPI flash chip. Not a big deal for some of us, for others it's a disaster in the making.

    2. Sgt_Oddball Silver badge

      Well....

      Pretty much any server with a management interface (HPE's iLO for example) would probably get you round that problem since it's active when the main CPU(s) are powered down.

      So yeah... That.

    3. Zolko
      Mushroom

      as designed

      If that controller has a different vulnerability that would allow an attacker to modify the ROM of the Ethernet controller...

      and what about the driver of that Ethernet controller ? For some of these controllers it's probably a closed-source driver, therefore anybody having access to the source of said driver could have already installed a usable exploit of this "vulnerability".

      Said otherwise:

      - US companies make Ethernet controllers with closed-source (binary blob) drivers.

      - US government is known to spy on everybody, using computer tech

      - US government has a law called "Gagging order" which prevents any US person from even telling that it received such an order

      - US tech firm has made a "mistake" that can be leveraged by a DMA-capable Ethernet controller.

      So, what are the odds that all this was actually designed: bake a backdoor into a family of CPUs, make said back-door exploitable via DMA at resume, make Ethernet controllers DMA and wake-on-LAN capable, install exploit of said backdoor into said driver of said controller, send gagging orders to everybody involved that they can't talk about any of it. Disguise all this as an unfortunate bug.

      Yes, the NSA could have asked for the key's themselves, but if that request were ever to be leaked it would be impossible to deny.

  19. Ian Johnston Silver badge

    So, basically, an attacker needs to run some software on your computer in a tiny period before the processor has been switched on, let alone started running even the OS? That sounds like a risk I'm happy to take.

    1. chivo243 Silver badge
      Windows

      Happy or not, if you have the shitset in your computer you get the risk anyway.

    2. DrBed
      Facepalm

      > "So, basically, an attacker needs to run some software on your computer in a tiny period before the processor has been switched on, let alone started running even the OS? That sounds like a risk I'm happy to take."

      How about "if my brain is dead just for a tiny period, it sounds like a risk I'm happy to take." ?

      Tiny in deed.

    3. Wayland Bronze badge

      Probably not affecting Fortnite players that much.

    4. conscience

      @Ian Johnson

      This doesn't need to interact with your OS at all. Dodgy software can attack the Intel management engine, which is a full-blown computer that resides inside your CPU and which has it's own OS and direct access to RAM, storage and all the rest of your hardware. By the time your PC gets as far as the BIOS to start the boot up process it is already game over - and there is nothing you can do to stop or fix it without getting a new, non-Intel CPU. This affects just about all the generations of the Core family, as well as various Xeons, Pentiums, Atoms and Celerons.

  20. Mage Silver badge
    Coat

    Earlier wasn't there a JTAG attack

    Don't some Intel or some Mobos have a JTAG accessible via USB?

    Basically if you have LOCAL access, i.e. you are the Evil Maid (or Butler), all bets are off. Encrypted Discs, TPM, etc. The wonders of HID mean that you don't personally have to be local, send a nice gamer mouse to the target.

    Maybe this needs something clever connected to the computer, but unlike regular warfare the "sniper" can keep trying at that crack without getting caught.

    Wouldn't surprise me either if some maker leaves a flaw via esata, or the laptop dock or HDMI signalling or USB that allows the sniping.

    Mine's the one with an apparently normal set of mouse, SD card, external esata device, USB mobile modem and USB memory sticks to drop on desks or in car parks.

    1. Anonymous Coward
      Anonymous Coward

      Re: Earlier wasn't there a JTAG attack

      Intel motherboards have a debug interface accessible with appropriate hardware

      It looks like this would allow you to bypass TPM (bad) and HDCP (good....), but you need physical access to the device to do bad stuff.

      As for firmware flaws, I suspect there are a lot of "standard practices" with firmware updating that makes this potentially dangerous - we never thought we'd need to digitally sign new firmware because it could only be updated by doing X....

  21. Kev99

    Weren't there articles some time ago about the flaws & holes in Intel's Management Engine? This sounds awfully familiar.

  22. Anonymous Coward
    Anonymous Coward

    Another day, another security flaw. Yawn.

  23. Anonymous Coward
    Anonymous Coward

    Perhaps some very awesome clever amazing people can dump the whole IME rom and poke around for those NSA backdoors that are definitely there. :D

  24. YetAnotherJoeBlow

    Backdoors

    I imagine that this exploit was just standard no review careless approach to engineering. However, The ME is a different story. Before those chips were released, the NSA got a batch with the ME disabled - because, of course, they knew. The NSA has revealed its hand.

    1. Anonymous Coward
      Anonymous Coward

      Re: Backdoors

      Could be a bit of both. "Any point fixing this rare race case?" Would have little need to fix as "nah there's no risk it's too hard and impossible to exploit. "

      With a little of "oh that's a nice overlooked error there we can use, lean on our friends at Intel not to fix or to add extra features to this..."

      While attributing planning to this might be off. For those in the know or those with requirements ot would not take long for it to be a trick of the trade useful feature.

      See the million dollar iPhone unlock exploits for sale as an example or frozen dram chip swaps as another. Why fix something so obscure a security risk? Why expect those who newd it not to take the easy route to cracking the system?

  25. W.S.Gosset Silver badge

    Utter Chaos?

    > utter chaos will reign

    Nonsense! It affects only a subset of the world's machines and it really only makes easier some already-extant attacks.

    So... partial chaos will reign.

    Or perhaps, utter chaos will have a surprise surge in the electorate. Despite forming a new minority party, it fails to secure control of the country.

  26. SuperGeek

    Attack on power up? Been known for years!

    Attacking a system as soon as power is applied has been known for years as the weakest link. I don't think that will ever change. Too many subsystems on a computer for it to start protected instantly.

  27. razorfishsl

    simple... just slow the CLK cycles down......

    thereby lengthening the window of opportunity......

    1. MrTom4321

      Or use a Celeron processor if they're vulnerable. Those things are like stones, no multitasking at all.

  28. Richard 12 Silver badge
    Unhappy

    The key is already out

    One master key, which means the attacker can just buy a few cheap Intel PCs and leave them trying to extract the key tens or hundreds of times a second.

    So we must assume the key is already extracted.

    The important question:

    What can be done with that key?

    1. amanfromMars 1 Silver badge

      Re: The key is already out

      So we must assume the key is already extracted.

      The important question:

      What can be done with that key? ...... Richard 12

      The fear is pretty much take over and make over of operating systems catastrophically vulnerable to remote anonymous commands controlling collapses in exclusive executive market flash crashes, Richard 12.

      And that and/or those able to exercise that key facility/utility are perfect candidates for exercising the efficacy of the power of Danegeld.

      However, if ever classified as TS/SCI, it will not be widely known as an unfixable systemic security flaw being exploited and doused with Danegeld to try and mitigate and prevent colossal damage and manic disruption from a secret uncovered which cannot be denied, which remarkably allows it to be more stealthily employed elsewhere, should it be so desired.

  29. Colonel Mad

    Old stuff

    There is some advantage to having slightly older kit: 11.8.50.3470, phew, have I escaped?

  30. Conundrum1885 Bronze badge

    Digs out my

    486 laptop.

    Always have a "Burner laptop" for those times the SHTF as it still runs 98SE with Firefox + MAFF

    Incidentally the 133 chip aka Cyrix upgrade does actually still work though is missing a few pins.

    Bit of minor SMD repair to the tracks and voila!

    1. EnviableOne Silver badge

      Re: Digs out my

      98 SE with SP5 is probably the best OS from MS.

  31. Wayland Bronze badge

    Arnold

    I seem to remember something about this, in fact I have TOTAL RECALL!

  32. Timmy B Silver badge

    Meanwhile at AMD

    There are smiles aplenty I can imagine.

    1. Tom 64
      Mushroom

      Re: Meanwhile at AMD

      Does anyone still own intel stock?

  33. Anonymous Coward
    Anonymous Coward

    Time window, anyone?

    My servers are re-booted maybe once in six months....maybe less often.

    *

    So....and attacker has a few seconds once every 15 million seconds.....so pretty difficult to time the attack!

    *

    But then, if the attacker has sufficient access to initiate the reboot....then it's game over anyway!

    *

    Move along....nothing to see here!

  34. Anonymous Coward
    Anonymous Coward

    Crypto AG & Intel ME

    That's the whole world covered.

    And yet the NSA, FBI & CIA let 9/11 happened.

  35. Fading Silver badge
    Mushroom

    So the Intel IME..

    Is a 486 with 1.5MB of RAM running a custom Minix.... so who is going to be the first to get Doom to run on it?

  36. Miss_X2m1

    Keep your computer powered on??

    Will keeping your computer powered on and unable to sleep help avoid this "issue"???

  37. EnviableOne Silver badge

    Why did i swap to Intel ....

    just waiting for the intel supply chain to dry up completley,

    then we might get some of the decent AMD chips in otherwise high spec laptops.....

    damn shame mine needs the juice to do the job or i'd never have switched

    1. Anonymous Coward
      Anonymous Coward

      Re: Why did i swap to Intel ....

      Afaik the nice AMD laptop CPUs and laptops are out this year. No idea if they are paired with nice screens and gpus and other stuff though.

  38. MrTom4321
    Pirate

    DRM?

    So the title mentions DRM and file encryption. So what does this mean for streaming video and Blu-ray playback on a computer?

    Will video streaming be blown wide open once CSME access is gained? How about the encryption between a computer and an HDMI display? Will Blu-ray playback be able to be intercepted through this? What kind of ramifications does this have on DRM in general?

    1. diodesign (Written by Reg staff) Silver badge

      What kind of ramifications does this have on DRM in general?

      Any decryption done using keys secured by the CSME can be broken: so video streaming, anti-copying mechanisms, etc that rely on the EPID/TPM to store and use keys.

      DVD and Blu-ray encryption is already cracked.

      C.

  39. Evilgoat76
    Alert

    Fish in a barrel...

    Didnt Mythbusters do that? And decided if you use an enormous chaingun its pretty easy...

  40. A random security guy Bronze badge

    A single key used as a KEK for an entire product

    Why would they even do that? There are better ways of generating, storing, and protecting keys in HW during manufacturing. Unless Intel, in its infinite wisdom, decided to 'simplify' this whole process by simplifying the injection of keys.

    WTF. Basic ABC of root of trust.

  41. A random security guy Bronze badge

    Decapping and retrieving the master key: 1 day?

    It would take a day at most for a company doing reverse engineering in China (yeah, you can reverse engineer most processors there) ... The only obstacle would be the small scale. Just a matter of money.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020