Looks like (according to Intel) it's only the lower end Pentium / Celeron / Atom stuff; it wouldn't be useful for the kinds of chips people are most interested in circumventing ME for, though perhaps there are things that are useful to learn…
Also mildly interesting, Dmitry Sklyarov was credited… appears to be the same one from Elcomsoft that got arrested at one point because Adobe complained (and DMCA).
>They're not impenetrable per se, but iPhone is pretty secure, even with physical access.
Citation seriously needed for this bold statement.
Apple is not known for timely patches for their vulnerabilities, so no, you don't even need physical access to compromise iPhones, RCE vulns not acknowledged by Apple will do just fine. Just ask shady Israeli/Saudi security companies.
Also, nothing is ever impenetrable. In cybersecurity, if your opponent has physical access to your device then it's considered game over and you have to wipe or even throw it away. That's why burner devices are heavily used.
Plus, what do iPhones have to do with the Intel chips here anyway?
Wow! Every week it seems on HN there are articles about the porous nature of iPhone impenetrability. Everything from zero click attacks in iMessages that have been unpatched since iOS 4 to Wi-Fi bugs that could be exploited for remote code execution without any user interaction at all. The problem that these exist is not even the issue. It's the glaring number and breadth of the exploits that make it likely these are just the tip of the iceberg. Apple has been sleeping at at wheel with regards to security and I can't imagine short of a "Snow Leopard" style crusade to fix security (back then it was performance), that this is going to change anytime soon.
There is also a whole series of Atom processor made for 5G telecom appliances, the kind of thing where security definitely matters.
The Atom C3000 series is also widely used in NAS because it supports ECC memory and can be passively cooled while still being performant enough to not be a bottleneck.
"may allow escalation of privilege" - from being a mere consumer to an actual owner? All advantages as far as I can see, but of course to the authoritarian corporatocracy it's a vulnerability...
I really miss the days when Intel basically released all the documentation you needed to build a computer around their CPUs. The Pentium was when they started being secretive.
You're not an "actual owner" if non-ring-0 code you run on your processor can gain ring 0.
I agree that there is value in having control over your devices. But control, by its nature, must be limited. If everyone controls your device, nobody does, certainly not you.
Uh oh, looks like someone left the DF* (DF-star, a.k.a. design for X) features accessible and not fused-off. The links on the intel page don't show any details, nor does googling the CVE.
One of the researchers (@_markel___) put out a tweet with more information
> After a year of the coordinated disclosure process, we (+
@h0t_max and @_Dmit ) can finally share: we found a reliable, not damaging way to extract the security fuses (Chipset + EPID root keys) from the Intel platforms.
These kind of disclosures are the accepted practice in this security space. People and organizations more-or-less help each other out, help users, and play by the rules.
There are some who disagree the process is good, works well, or actually achieves its goals. However most (not all) go along with it and don't moralize about corporate strategy or try to hold their vulnerability discoveries over a company as some kind of activism.
I think it's pretty safe to say they don't think they are heroes for working with the vendor, they are probably quite rightly proud of their discovery and work though.
You comment seems unnecessarily hostile toward them.
An organization like Intel has extremely complicated strategies and estimations of what they deem "necessary". Whether you personally like it or not, a company has some leeway to do their own thing with the products they sell.
> Those who help the enemy, should also be considered enemies.
And you have purchased no products that contain any parts or other companies that license Intel's IP because that benefits Intel in the form of revenue in any way. What computers, phones, etc do you use, then, that come from companies which don't act in any user hostile ways?
Is there any team that has done more public work on ME transparency than Positive Technologies? Unlike others that withhold all information for embargoed announcements, they continually publish updates on their research.
> Intel recommends that users of affected Intel® Processors update to the latest version provided by the system manufacturer that addresses these issues.
Also mildly interesting, Dmitry Sklyarov was credited… appears to be the same one from Elcomsoft that got arrested at one point because Adobe complained (and DMCA).