Pages

Sunday, January 28, 2018

Killer discovery: What does a new Intel kill switch mean for users?

Recently, security researchers from Positive Technologies discovered a way to disable the Intel Management Engine that referenced a National Security Agency (NSA) program.

Over the years, the Intel ME has caused controversy while being touted as a backdoor into systems for governments, mainly the NSA. With the finding of the Intel kill switch, many people seemed to take it as a nefarious and secretive method the NSA used to spy on systems. But, before we jump to any conclusions, let's dig deeper into what actually occurred.

First of all, the Intel ME has been considered a security risk and backdoor by many people in the past. These chips have separate CPUs, they can't be disabled out of the box with code that's unaudited and they are used by Active Management Technology (AMT) to remotely manage systems. Likewise, these chips have full access to the TCP/IP stack, the memory, they can be active when the system is hibernating or turned off, and they have dedicated connections to the network interface card.

These facts must be pointed out to make a more logical hypothesis based off of what was found by the researchers. The risk that the Intel ME function could come under attack or have a vulnerability that enabled attackers to access systems directly, without interfacing directly with the OS, is a large concern in general, but especially for government agencies.

By setting and using the undocumented feature in a configuration file, the researchers were able to find a way to turn off the Intel ME function and disable it from being used. This configuration setting was labeled HAP, which stands for High Assurance Platform, and it is a framework developed by the NSA as part of a guide on how to secure computing platforms.

Intel has further confirmed that the HAP switch within the configuration was put there per the request of the U.S. government; however, it was only used in a limited release, and it is not an official part of the supported configuration.

Now, before we get too upset about the NSA, I firmly believe that asking to have the Intel kill switch enabled was a good move. The Intel ME is an accident waiting to happen, and if it can't be disabled by default, then the configuration of this code to kill its function actually helps harden the device's security. I wouldn't be as concerned with the NSA requesting the Intel kill switch, since they're probably trying to harden the U.S. government's system from attack.

Intel and other vendors include config changes like this in their hardware to accommodate the needs of large customers. Overall, this HAP config change simply enables you to harden your system against the use of the Intel ME feature. The blame should land more on Intel for allowing this function in the first place, than on the NSA for looking to remove it.

My article at: http://searchsecurity.techtarget.com/answer/Killer-discovery-What-does-a-new-Intel-kill-switch-mean-for-users

23 comments:

  1. Best Bluetooth speaker 2020, then you are in the right place. We just created a list of best Bluetooth speaker 2020 for you.

    ReplyDelete
  2. we need urgently cyber security sytem for our cheap website design dubai company we have many expensive projects.

    ReplyDelete
  3. These realities must be brought up to make a progressively intelligent speculation dependent on what was found by the specialists. The hazard that the Intel ME capacity could go under assault or have a powerlessness that empowered assailants to get to frameworks legitimately, without interfacing straightforwardly with the OS, is a huge worry all in all, yet particularly for government organizations. Hr Paper Topics

    ReplyDelete
  4. Cheap Homework Help their equipment to suit the necessities of huge clients. Generally, this HAP config change basically empowers you to solidify your framework against the utilization of the Intel ME include. The fault should land more on Intel for permitting this capacity in any case, than on the NSA for hoping to evacuate it.

    ReplyDelete
  5. The act of setting up a different group inside an endeavor or association to deal with e-discovery needs is alluded to as in-house e-discovery. for more information

    ReplyDelete
  6. Speak with your essay writer through instant messaging! buy dissertation Do not have to spend your time on tiresome task just need to pay for essays online.

    ReplyDelete
  7. This comment has been removed by the author.

    ReplyDelete
  8. Hi there! Great discussion and I appreciate you for this working because you are giving more tips to blog readers and this information it’s very useful for me because I am a writer conflict theory essays and anyways good work and keep it up thanks.

    ReplyDelete
  9. Howdy! Extraordinary conversation and I like you for this working since you are giving more tips to blog peruses and this data it's exceptionally helpful for me since I am an author of Help With Essay and in any case great work. keep it up much and appreciated.

    ReplyDelete
  10. that asking to have the Intel kill switch enabled was a good move. write my research proposal for me The Intel ME is an accident waiting to happen, and if it can't be disabled by default, then the configuration of this code to kill its function actually helps harden the device's security.

    ReplyDelete
  11. Check spy listening app for android to earn some personal information about your friends and other people. I use this app for a long time so i definitely recommend it for everyone.

    ReplyDelete
  12. Very interesting and mystical story. I don't have any to tell you, but I can share with you a useful presentation writing service

    ReplyDelete
  13. I constantly spent my half an hour to read this web site’s content daily along with a cup
    of coffee. 토토

    ReplyDelete
  14. Nice post. I learn something totally new and challenging on websites I stumbleupon everyday. It’s always useful to read content from other authors and use a little something from other websites. | 스포츠토토

    ReplyDelete

  15. 안전놀이터
    Nice and very unique post…help for me…. Thank you very much…


    ReplyDelete
  16. This comment has been removed by the author.

    ReplyDelete
  17. Significant breeze speeds additionally happen across seas and huge water bodies. Since the vast majority of the total populace lives close to seas, wind ranches areas of strength for with and inland breezes could create a bountiful measure of electricity. plugs

    ReplyDelete
  18. Electric bikes are dealt with very much like customary bikes for administrative purposes, so there's positively no enrollment or regulation to stress over. Electric Off-Road Bike

    ReplyDelete
  19. Electricians are skilled in troubleshooting electrical faults and EV Charger Installation identifying defective components.

    ReplyDelete
  20. Netsuite ERP the best erp for wholesale distribution. NetSuite ERP for wholesale distribution can help you manage every part of your business through a single platform. All of your business data is connected.

    ReplyDelete
  21. Holiday lightings remind me that there's still magic in the world. Holiday Lighting Installation

    ReplyDelete