CPU Backdoors

Kharzette · Oct 20, 2024

Continuing my downward spiral into hippie freedom happyland, I've been reading up on intel management engine and other such flaws.

Every few years I remember this stuff exists, get all outraged about it, then do absolutely nothing and forget about it for a few years.

Are any of you pedantic enough to have bothered disabling this cancer upon your system?

My reading list today is:

Libreboot – Frequently Asked Questions about Libreboot firmware

libreboot.org

GitHub - corna/me_cleaner: Tool for partial deblobbing of Intel ME/TXE firmware images

Tool for partial deblobbing of Intel ME/TXE firmware images - corna/me_cleaner

github.com

GitHub - google/pawn: Extract BIOS firmware from Intel-based workstations and laptops

Extract BIOS firmware from Intel-based workstations and laptops - google/pawn

github.com

Get the status of Intel ME

Tool for partial deblobbing of Intel ME/TXE firmware images - corna/me_cleaner

github.com

My board bios is not cooperating with the usual bag of tricks, so I think this might be a very time consuming project.

Probably most of you have cpus that are too new to fix. I'm rocking an old I5 so it should be possible to fix.

Furry · Oct 20, 2024

Kharzette said:
Continuing my downward spiral into hippie freedom happyland, I've been reading up on intel management engine and other such flaws.

Every few years I remember this stuff exists, get all outraged about it, then do absolutely nothing and forget about it for a few years.

Are any of you pedantic enough to have bothered disabling this cancer upon your system?

My reading list today is:

Libreboot – Frequently Asked Questions about Libreboot firmware

Libreboot – Frequently Asked Questions about Libreboot firmware

libreboot.org

GitHub - corna/me_cleaner: Tool for partial deblobbing of Intel ME/TXE firmware images

Tool for partial deblobbing of Intel ME/TXE firmware images - corna/me_cleaner

github.com

GitHub - google/pawn: Extract BIOS firmware from Intel-based workstations and laptops

Extract BIOS firmware from Intel-based workstations and laptops - google/pawn

github.com

Get the status of Intel ME

Tool for partial deblobbing of Intel ME/TXE firmware images - corna/me_cleaner

github.com

My board bios is not cooperating with the usual bag of tricks, so I think this might be a very time consuming project.

Probably most of you have cpus that are too new to fix. I'm rocking an old I5 so it should be possible to fix.

Seek therapy. Every program ever written has vulnerabilities. No, these vulnerabilities are not backdoors… most of the time. The only way you can avoid vulnerabilities is to toss your electronics out the window, which you are obviously not willing to do. Everything you do else wise is risk mitigation. Is this risk mitigation sensible or worthwhile for an average person? No.

Kharzette · Oct 20, 2024

This isn't a "program". It is a whole other internal cpu with full memory and networking access to your main system.

Furry · Oct 20, 2024

Kharzette said:
This isn't a "program". It is a whole other internal cpu with full memory and networking access to your main system.

You claim it isn’t a program, yet you are trying to reprogram it. And what you list here are the necessary components of running a program.

Control · Oct 20, 2024

The only way to be reasonable sure at this level is to build something that's fully offline and has no wireless inputs (including microphone).

Mist · Oct 20, 2024

lol Furry is so out of his depth here.

Intel Management Engine vulnerabilities are very well-known and documented at this point and there is some basis for concern. But this is mostly at the router level. I would simply keep my UEFI patched and look more into a router with good IDS/IPS capabilities if you're worried about this

Kharzette .

Noodleface · Oct 20, 2024

So if you remember I wrote UEFI BIOS for Intel CPUs.

The ME always has and always will be an intel black box. I have access to Intels BIOS source code, internal documentation, specs, etc. You know what they don't give us source to? If you guessed the ME you're correct. It's the only thing (aside from some other early SEC phase stuff) that Intel keeps extremely close to the chest.

If it is ever cracked, it will put every CPU on the market since the ME's inception at critical risk for extreme vulnerabilities. There is a lot of security stuff baked into it.

We can configure the ME but disabling it or bypassing it would probably cripple a system.

Even if you use coreboot, you have to embedd the ME binary blob among a few other things.

My opinion is it's a gigantic piece of shit.

I'm curious though why do you think you need to disable it?

Edit: after looking at those links i can see people are still way behind on this stuff.

sleevedraw · Oct 20, 2024

Mist said:
lol Furry is so out of his depth here.

Intel Management Engine vulnerabilities are very well-known and documented at this point and there is some basis for concern. But this is mostly at the router level. I would simply keep my UEFI patched and look more into a router with good IDS/IPS capabilities if you're worried about this Kharzette .

He's just getting started early on his Asshat campaign; don't mind him.

Kithani · Oct 20, 2024

Noodleface said:
So if you remember I wrote UEFI BIOS for Intel CPUs.

The ME always has and always will be an intel black box. I have access to Intels BIOS source code, internal documentation, specs, etc. You know what they don't give us source to? If you guessed the ME you're correct. It's the only thing (aside from some other early SEC phase stuff) that Intel keeps extremely close to the chest.

If it is ever cracked, it will put every CPU on the market since the ME's inception at critical risk for extreme vulnerabilities. There is a lot of security stuff baked into it.

We can configure the ME but disabling it or bypassing it would probably cripple a system.

Even if you use coreboot, you have to embedd the ME binary blob among a few other things.

My opinion is it's a gigantic piece of shit.

I'm curious though why do you think you need to disable it?

Edit: after looking at those links i can see people are still way behind on this stuff.

Noodleface wrote all the backdoors to steal our buttcoins so he can finally remodel his home, confirmed.

Kharzette · Oct 21, 2024

Noodleface said:
Even if you use coreboot, you have to embedd the ME binary blob among a few other things.

I'm curious though why do you think you need to disable it?

Well I still run an oldish cpu so from what I've read it doesn't need to be there. I think the newer cpus they make it part of the boot to force people to keep it working.

And I don't really need to disable it. I'm not really very security paranoid. I have all my stuff auto login and get rid of annoying password typing whenever I can. I don't patch my windows partition at all.

I just thought it might be fun to do and I had a few hours to kill yesterday while waiting on the grand prix to appear.

I think it is also just a matter of time till someone cracks the keys to it.

A later thought as tea wakes up my noggin: Wouldn't it be cool to have full access to this? Maybe run a little c64 emulator on it or something

Izo · Oct 21, 2024

Kithani said:
Noodleface wrote all the backdoors to steal our buttcoins so he can finally remodel his home, confirmed.

Remember when all those pagers exploded? ME is made to control terrorists. ME, muucho explosiiiive. Time to buy AMD

Kharzette · Oct 21, 2024

Hmm no Noodle is correct, some bits of it need to be there for my I5 to boot. It isn't as old as I thought it was.

This is just the ME bit extracted. The cleaner doesn't like my bios format so it doesn't work on the full bios file.

I think I will wait till I get a rom flasher writer thingy before I try any of this for real. I'm very likely to mess up.

Noodleface · Oct 21, 2024

At some point I think they were going to ditch the ME and change to the innovation engine but I'm not sure if that got dropped. Either that or I'm misremembering. It's wild to me the ME source has never been leaked in all these years.

Fucker · Oct 21, 2024

Lessons in Technical Misadventure: The Day Kharzette Learned How to Brick a CPU.

Furry · Oct 21, 2024

Mist said:
lol Furry is so out of his depth here.

Intel Management Engine vulnerabilities are very well-known and documented at this point and there is some basis for concern. But this is mostly at the router level. I would simply keep my UEFI patched and look more into a router with good IDS/IPS capabilities if you're worried about this Kharzette .

You're pretty much just mirroring what I said. Yes, there are sensible concerns, yes you should take some reasonable precautions if you think its worthwhile. Your suggestion sounds perfectly reasonable.

Trusting some internet goons to edit your cpu's firmware to remove vulnerabilities that are only theoretical so far... not so much.

Noodleface · Oct 21, 2024

I certainly wouldn't muck with the ME, because we have bricked boards when we made some changes AND we knew what we were doing. Kinda..

Kithani · Oct 21, 2024

Noodleface said:
I certainly wouldn't muck with the ME, because we have bricked boards when we made some changes AND we knew what we were doing. Kinda..

This is EXACTLY what someone who coded backdoors into the ME in order to steal our buttcoins would say!

Kharzette · Oct 22, 2024

I've been messing around with my old XP system I use to debug xbox stuff and I think I need mmtool 3.26 for the bios on that one. That seems to have vanished from the internet at least officially. Any of you have it lying around? The links I see for it look very dodgy.

Also, while digging around for that board, an old asus, I ran across some pictures of some similar boards that had jumpers that would disable the ME.

CPU Backdoors

Watcher of Overs

Email Loading Please Wait

Watcher of Overs

Email Loading Please Wait

Bronze Baronet of the Realm

REEEEeyore

A Mod Real Quick

Revolver Ocelot

Blackwing Lair Raider

Watcher of Overs

Tranny Chaser

Watcher of Overs

A Mod Real Quick

Log Wizard

Email Loading Please Wait

A Mod Real Quick

Blackwing Lair Raider

Watcher of Overs