Pages

Sunday, January 28, 2018

Killer discovery: What does a new Intel kill switch mean for users?

Recently, security researchers from Positive Technologies discovered a way to disable the Intel Management Engine that referenced a National Security Agency (NSA) program.

Over the years, the Intel ME has caused controversy while being touted as a backdoor into systems for governments, mainly the NSA. With the finding of the Intel kill switch, many people seemed to take it as a nefarious and secretive method the NSA used to spy on systems. But, before we jump to any conclusions, let's dig deeper into what actually occurred.

First of all, the Intel ME has been considered a security risk and backdoor by many people in the past. These chips have separate CPUs, they can't be disabled out of the box with code that's unaudited and they are used by Active Management Technology (AMT) to remotely manage systems. Likewise, these chips have full access to the TCP/IP stack, the memory, they can be active when the system is hibernating or turned off, and they have dedicated connections to the network interface card.

These facts must be pointed out to make a more logical hypothesis based off of what was found by the researchers. The risk that the Intel ME function could come under attack or have a vulnerability that enabled attackers to access systems directly, without interfacing directly with the OS, is a large concern in general, but especially for government agencies.

By setting and using the undocumented feature in a configuration file, the researchers were able to find a way to turn off the Intel ME function and disable it from being used. This configuration setting was labeled HAP, which stands for High Assurance Platform, and it is a framework developed by the NSA as part of a guide on how to secure computing platforms.

Intel has further confirmed that the HAP switch within the configuration was put there per the request of the U.S. government; however, it was only used in a limited release, and it is not an official part of the supported configuration.

Now, before we get too upset about the NSA, I firmly believe that asking to have the Intel kill switch enabled was a good move. The Intel ME is an accident waiting to happen, and if it can't be disabled by default, then the configuration of this code to kill its function actually helps harden the device's security. I wouldn't be as concerned with the NSA requesting the Intel kill switch, since they're probably trying to harden the U.S. government's system from attack.

Intel and other vendors include config changes like this in their hardware to accommodate the needs of large customers. Overall, this HAP config change simply enables you to harden your system against the use of the Intel ME feature. The blame should land more on Intel for allowing this function in the first place, than on the NSA for looking to remove it.

My article at: http://searchsecurity.techtarget.com/answer/Killer-discovery-What-does-a-new-Intel-kill-switch-mean-for-users

9 comments:

  1. Best Bluetooth speaker 2020, then you are in the right place. We just created a list of best Bluetooth speaker 2020 for you.

    ReplyDelete
    Replies
    1. Great Article
      Cyber Security Projects

      projects for cse

      Networking Security Projects

      JavaScript Training in Chennai

      JavaScript Training in Chennai

      The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training

      Delete
  2. we need urgently cyber security sytem for our cheap website design dubai company we have many expensive projects.

    ReplyDelete
  3. These realities must be brought up to make a progressively intelligent speculation dependent on what was found by the specialists. The hazard that the Intel ME capacity could go under assault or have a powerlessness that empowered assailants to get to frameworks legitimately, without interfacing straightforwardly with the OS, is a huge worry all in all, yet particularly for government organizations. Hr Paper Topics

    ReplyDelete
  4. Cheap Homework Help their equipment to suit the necessities of huge clients. Generally, this HAP config change basically empowers you to solidify your framework against the utilization of the Intel ME include. The fault should land more on Intel for permitting this capacity in any case, than on the NSA for hoping to evacuate it.

    ReplyDelete
  5. The act of setting up a different group inside an endeavor or association to deal with e-discovery needs is alluded to as in-house e-discovery. for more information

    ReplyDelete