‘Meltdown’: Google team flags Intel bug that may affect billions of devices (https://www.rt.com/usa/414955-intel-processors-meltdown-spectre/)

RT
Published time: 4 Jan, 2018 04:53
Edited time: 4 Jan, 2018 10:21
Get short URL (https://on.rt.com/8w6j)


https://cdni.rt.com/files/2018.01/article/5a4d9e64fc7e932c2b8b4569.jpg
© 4kodiak / Getty Images


Information stored on every desktop computer, smartphone and cloud server since 1995 could be accessed by hackers if two hardware bugs are exploited, a new report has warned.

On Wednesday, security researchers at Google Project Zero disclosed (https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html) technical details on two security flaws that allow hackers to engage in unauthorized reads of a computer’s memory data, which may contain sensitive information such as passwords.

The researchers discovered that the vulnerabilities affect many CPUs, including those from Intel, Advanced Micro Devices (AMD) and ARM Holdings, as well as the devices and operating systems running on it.

The first method of attack, known as Spectre, can be exploited by hackers to dissolve the barrier that separates different applications and trick otherwise error-free applications into leaking information stored on their memory.

Last year, researchers demonstrated (https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/) how hackers could utilize “speculative execution” – a technique used by most modern processors to optimize performance – to gain access to sensitive information.

In order to improve speeds, modern processors execute certain functions speculatively, or before it is known whether they are needed. The technique prevents the delay that would come from executing the functions after they are requested.

Jann Horn, a lead researcher for Project Zero who first reported both vulnerabilities, discovered that attackers can take advantage of this technique in order to read information on the system’s memory that should be inaccessible.

In the original report (https://spectreattack.com/spectre.pdf), researchers said the vulnerability affects “billions of devices” that use microprocessors from Intel, AMD, and ARM.

The second flaw, known as Meltdown (https://meltdownattack.com/meltdown.pdf), allows hackers to “melt” security boundaries between user applications and the operating system normally enforced by hardware. Hackers can exploit the vulnerability to gain access to the memory of other programs and the operating system, which could include passwords and other sensitive data.




https://pbs.twimg.com/profile_images/795733525391613952/ykWlP2Gj_bigger.jpg Michael Schwarz‏ @misc0110 (https://twitter.com/misc0110)

Using #Meltdown (https://twitter.com/hashtag/Meltdown?src=hash) to steal passwords in real time #intelbug (https://twitter.com/hashtag/intelbug?src=hash) #kaiser (https://twitter.com/hashtag/kaiser?src=hash) #kpti (https://twitter.com/hashtag/kpti?src=hash) /cc @mlqxyz (https://twitter.com/mlqxyz) @lavados (https://twitter.com/lavados) @StefanMangard (https://twitter.com/StefanMangard) @yuvalyarom (https://twitter.com/yuvalyarom) https://meltdownattack.com/ (https://t.co/gX4CxfL1Ax)


https://pbs.twimg.com/tweet_video_thumb/DSp7SbVXcAAQ7FC.jpg (https://twitter.com/misc0110/status/948706387491786752?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.rt.com%2Fusa%2F414955-intel-processors-meltdown-spectre%2F)

(click on above picture to view animation)

4:03 PM - 3 Jan 2018
64 replies 4,932 retweets 4,444 likes In the original report (https://meltdownattack.com/meltdown.pdf), researchers said the vulnerability affects “virtually every user of a personal computer.” However, researchers at Google’s Project Zero have only been able to show that ‘Meltdown’ affects Intel microprocessors.

Daniel Gruss, one of the researchers who originally discovered Meltdown, told Reuters (https://www.reuters.com/article/us-cyber-intel/security-flaws-put-virtually-all-phones-computers-at-risk-idUSKBN1ES1BO) the flaw is “probably one of the worst CPU bugs ever found.”

Gruss said Meltdown was the more serious attack, because it was easier for hackers to take advantage of. However, he said that Spectre was much harder to patch, and would be a bigger problem in the future.

In an overview (https://meltdownattack.com/) of the attacks, researchers said it would be “unusual” for either attack to be blocked by an antivirus, since they are “hard to distinguish from regular benign applications.” Google said, however, that an attacker must first be able to run a malicious code on a computer before they can exploit the vulnerability.

Researchers also warned it would be nearly impossible to detect if hackers had exploited the weakness, since the attack would not leave “any traces in traditional log files.”

In a blog (https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html) posted Wednesday, Matt Linton, senior security engineer at Google, said there is “no single fix for all three attack variants,” but many vendors made several patches available Wednesday.

Google provided a list (https://support.google.com/faqs/answer/7622138) of their products that are vulnerable to the attacks, as well as their mitigation status. The company said as soon as they discovered the vulnerabilities, their security teams updated their systems and affected products to protect against the attacks.

Researchers also provided a link (https://lwn.net/Articles/738975/) to software patches for Linux Windows, and OS X that guard against Meltdown attacks.

Microsoft released a patch (https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892) Wednesday to protect customers against the vulnerabilities. However, the company said some anti-virus vendors will need to update their software to be compatible with the new patches.




https://pbs.twimg.com/profile_images/825373745896382464/iyQdZViF_bigger.jpg Alex Ionescu‏ @aionescu (https://twitter.com/aionescu)

Microsoft Patch is out: https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892 … (https://t.co/t3bIKOu1yR). Note that your AV vendor must set a special registry key! "Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY."

3:21 PM - 3 Jan 2018
8 replies 156 retweets 177 likes The company has also released an emergency update (https://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892%20) for all devices running Windows 10, and further updates are planned. Microsoft also said they are in the process of deploying mitigations to cloud services. However, the fixes will also rely on firmware updates from Intel, AMD, and ARM.

Microsoft said they have not received “any information to indicate that these vulnerabilities had been used to attack our customers,” according to a statement to The Verge (https://www.theverge.com/2018/1/3/16846784/microsoft-processor-bug-windows-10-fix).

Amazon has also reportedly said (https://twitter.com/zerohedge/status/948694524657795073) they have protected most of their cloud servers from the vulnerabilities.

AppleInsider reports (http://appleinsider.com/articles/18/01/03/apple-has-already-partially-implemented-fix-in-macos-for-kpti-intel-cpu-security-flaw) that Apple has already deployed a partial fix for the bug in MacOS 10.3.2 that was released last month.




https://pbs.twimg.com/profile_images/825373745896382464/iyQdZViF_bigger.jpg Alex Ionescu‏ @aionescu (https://twitter.com/aionescu)

The question on everyone's minds: Does MacOS fix the Intel #KPTI (https://twitter.com/hashtag/KPTI?src=hash) Issue? Why yes, yes it does. Say hello to the "Double Map" since 10.13.2 -- and with some surprises in 10.13.3 (under Developer NDA so can't talk/show you). cc @i0n1c (https://twitter.com/i0n1c) @s1guza (https://twitter.com/s1guza) @patrickwardle (https://twitter.com/patrickwardle)


https://pbs.twimg.com/media/DSojPM7UMAEBuev.jpg (https://twitter.com/aionescu/status/948609809540046849?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.rt.com%2Fusa%2F414955-intel-processors-meltdown-spectre%2F)


https://pbs.twimg.com/media/DSojPwmV4AA8CcA.jpg (https://twitter.com/aionescu/status/948609809540046849?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.rt.com%2Fusa%2F414955-intel-processors-meltdown-spectre%2F)



https://pbs.twimg.com/media/DSojQzoU8AAO1No.jpg (https://twitter.com/aionescu/status/948609809540046849?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.rt.com%2Fusa%2F414955-intel-processors-meltdown-spectre%2F)



https://pbs.twimg.com/media/DSojRSpUQAUG2xR.jpg (https://twitter.com/aionescu/status/948609809540046849?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Fwww.rt.com%2Fusa%2F414955-intel-processors-meltdown-spectre%2F)


(click on picture to view larger version)

9:39 AM - 3 Jan 2018
35 replies 1,139 retweets 1,311 likes The report also said that tests show the update does not cause any notable slowdowns.

On Tuesday, The Register first reported (https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/) on the vulnerabilities, saying the patches to fix the problem would slow computers by 30 percent.

While researchers do not know how much the updates could slow the performance of older processors, Intel released a statement (https://newsroom.intel.com/news/intel-responds-to-security-research-findings/) Wednesday that said the updates will not “significantly” slow computers for the average user.

“Any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time."

Intel rejected claims that either of the vulnerabilities were unique to their products, adding that it affects “many types of computing devices – with many different vendors’ processors and operating systems – are susceptible to these exploits.”

However, AMD said their products were not vulnerable to any of the attacks.

“Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time,” representatives of the company told CNBC (https://www.cnbc.com/2018/01/03/amd-rebukes-intel-says-flaw-poses-near-zero-risk-to-its-chips.html).

ARM also released a statement (https://developer.arm.com/support/security-update) Wednesday that said the “majority” of their products are “not impacted by any variation” of the Spectre attack.

Related:
UK spies boast ‘over-achievement’ in developing arsenal of hacking tools (https://www.rt.com/uk/413804-gchq-hacking-tools-arsenal/)

So.... this hole has existed since 1995... and people are just finding it now? Or pardon me, just disclosing it now? How embarrassing.

There's a hole in my bucket, Dear Liza Dear Liza,
There's a hole in my bucket, Dear Liza,
A hole

 
 
It seems Intel had a hand in writing that article? (wouldn't be unusual) :)


Intel is claiming that AMD and ARM CPUs are also affected by the "Intel processor Kernel bug" ...

AMD denied their processors were affected yesterday ...
"AMD has confirmed that its own processors are not affected by this security bug. “AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against,” explains Tom Lendacky, an AMD engineer. AMD stocks have soared this morning as a result of Intel’s processor flaw. Intel has not yet publicly commented on the security problem." https://www.theverge.com/2018/1/3/16844630/intel-processor-security-flaw-bug-kernel-windows-linux

But I'm waiting to hear AMD's response to Intel's latest claim since Intel's "official press" on the topic ...



Intel claims there will be no performance hit, others differ on that ... A test with a PostgresSQL database showed significant hits ...


PostgreSQL SELECT 1 with the KPTI workaround for Intel CPU vulnerability https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de …

Best case: 17% slowdown
Worst case: 23%
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/


Other tests have indicated that most home user use won't have a significant slowdowns for basic web browsing and gaming though -- it'll be database servers that will take the greatest hit.

Intel is in damage control mode, first the Management Engine security flaw (which will cost us a fair bit of off hours resources at my work to get patched), now this kernel bug, which will likely have relatively large performance hits in databases and servers, and AMD's Ryzen refresh out in (rumoured) 2-3 months with Epyc getting ramped up in 2018. Ouch. Bad timing ...

As mentioned though, I am waiting to hear from AMD to now either backtrack and confirm Intel's claim, or to continue to deny that the "Intel Kernel Bug" does indeed affect their CPUs and what, if any, performance hit their processes will sustain from the patch being applied. If AMD can't prove that their CPUs aren't affected, even if no one can prove that they are, Microsoft will broadly apply the patch to all CPUs - potentially affecting performance for all CPUs - whether the bug is actually present or not.

Intel CEO sold 24m in stocks (http://www.businessinsider.com/intel-ceo-krzanich-sold-shares-after-company-was-informed-of-chip-flaw-2018-1) before the announcement.......


This makes me think it's an actual flaw instead of an engineered back door.

https://i.redd.it/dt12jdw1q1801.png

Re: What processors are affected? 

It's a bit more complex than just that ...

In its default kernel configuration state, the bug does not affect AMD CPUs at all. Only "if the BPF JIT is enabled", which is a non-default configuration for AMD PRO CPUs (and thus likely Ryzen) and possibly ARM, then AMD CPUs are susceptible to variant 1 (Spectre) of the three variants of attack types this bug leaves. Variant 1 types of vulnerabilities can be software patched and have no performance impact. I don't know the possibility of having the kernel config changed from it's default, but AMD is asserting "near zero risk to any AMD CPUs", Google's testing seems to confirm this to be true - with only a configuration change to the kernel itself allowing only variant 1 type of attack (out of the three) which can be easily software patched without any performance hit.

The two other variants, called simply variants 2 and 3 (Meltdown), affect only Intel and ARM processors and these are the major issues. These issues are apparently caused by an Intel hardware implementation for their specific pre-emptive prediction branch that attempts to identify what type of code will be run next, speeding up some processes. It seems that part of what makes Intel processors fast, is also leaving them vulnerable, hence the potentially large performance hit with this type of patch - Intel will have to disable parts of this feature with a hardware firmware patch on existing chips to fix - OS update alone is not going to fix it. Future produced chips should see this fixed at the hardware level without that performance hit (or see it mitigated).

Here's Googles take on the situation and some of their test results: https://wccftech.com/intel-affected-by-critical-kernel-bug-amd-hit/ <-- (this site generally is NOT a good resource, but the article wasn't too bad.)

EDIT: Here's a better article from a better site that explains the flaw well: https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/


The odd thing about the Intel ME bug recently and now this one, is that it takes well over six months for any official notice. I first heard of the ME issue about six months before Intel officially announced it, and Google had discovered this flaw and let Intel know almost a year ago ... why so long to address these issues?

Intel CEO sold 24m in stocks (http://www.businessinsider.com/intel-ceo-krzanich-sold-shares-after-company-was-informed-of-chip-flaw-2018-1) before the announcement.......


This makes me think it's an actual flaw instead of an engineered back door.

It seems like an engineering flaw. But potentially faster chips seem to be the result of its expense. Makes you wonder if it wasn't a choice that was made at some point ...



As the researchers put it at the end of the the Spectre paper:

The vulnerabilities in this paper, as well as many others, arise from a longstanding focus in the technology industry on maximizing performance. As a result, processors, compilers, device drivers, operating systems, and numerous other critical components have evolved compounding layers of complex optimizations that introduce security risks. As the costs of insecurity rise, these design choices need to be revisited, and in many cases alternate implementations optimized for security will be required.

Back to the drawing board.

From Jim Stone (http://82.221.129.208/.zm1.html) January 3, 2018:

SANDY BRIDGE/COREVPRO HAS (FINALLY) BITTEN INTEL IN THE BUTT (http://82.221.129.208/.zm1.html)

They produced a porous crappy system on behalf of the NSA that has compromised security at the hardware level (a topic I have brought up repeatedly).

Now that all the NSA hackware got released to the public by various hacker groups, Microsoft and Linux developers have realized just how bad the security flaws are and have started writing their software to circumvent the problems that were an NSA inspired root design feature ever since CoreVpro/Sandy Bridge.

As a result, it is taking an average of 30 percent of the main processor's power to overcome the security problems of the Vpro core and AMD IS KICKING INTEL GOOD NOW AS A RESULT.

My only surprise with this is that software developers actually cared about the processor being a porous piece of crap.

This echoes back a decade now, as it turns out, even though AMD processors trailed Intel by about 10 percent for equivalent models over the last 10 years, now that people realize just how bad the security is on Intel processors, all models of AMD processors are now far more superior to Intel than Intel was ever perceived to be over AMD.

Due to knowing how bad the security was on Intel for the last 10 years, I have not bought Intel since the 90's (AMD was superior until the mid 2000's and when Intel "pulled ahead" they had buggable crap).

At any rate, I have been saying this for years, and now an enormous scandal is out in the open, Programmers now realize INTEL IS CRAP. (https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/) Intel sold out to the NSA and thanks to good hearted hackers it chewed their behinds like a great white.

Thanks Intel!!


Update 2018-01-05

AMD CPU's also affected by bug

Evidently AMD has it's own variant, and neither bug is an admission of the CoreVpro back door (https://community.spiceworks.com/topic/387839-anybody-concerned-about-intel-core-i3-i5-i7-vpro-chips-secret-backdoor). When it is admitted that back door is there, then it will be time to rejoice.

As it turns out, every processor made by AMD, ARM, and INTEL has the same exploitable bug, and you can't tell me that happened as coincidence!

The software "patch" which is supposed to circumvent the hardware bug will be "patched" only after the proper back door for the NSA is put right back into the system a different way.

Apple confirms 'Meltdown' & 'Spectre' flaws affect all Macs and iOS devices (https://www.rt.com/usa/415059-meltdown-spectre-macs-ios/)

RT (https://www.rt.com/usa/415059-meltdown-spectre-macs-ios/)
Fri, 05 Jan 2018 16:32 UTC


https://www.sott.net/image/s15/306912/large/56dd248bc36188ea088b4592.jpg (https://www.sott.net/image/s15/306912/full/56dd248bc36188ea088b4592.jpg)
© Regis Duvignau / Reuters


All Mac systems and iOS devices are vulnerable to the recently discovered security flaws known as Spectre and Meltdown, Apple has confirmed. The tech giant said that mitigations are on the way and some have been already issued.

The flaws, which allow hackers unauthorized access to a computer's memory and sensitive data, were discovered by security researchers at Google Project Zero on Wednesday. Security vulnerabilities called Meltdown and Spectre affect almost all modern CPUs, including those produced by Intel, Advanced Micro Devices (AMD) and ARM Holdings.


Video at link:
https://www.rt.com/usa/415059-meltdown-spectre-macs-ios/

"All Mac systems and iOS devices are affected," Apple acknowledged (https://support.apple.com/en-us/HT208394) in a statement on Thursday, adding that no cases had yet been reported of customers being affected by the security flaws.

Apple has issued updates for the iOS 11.2, macOS 10.13.2 and tvOS 11.2 systems to protect against Meltdown, which the company believes "has the most potential to be exploited." The tech giant added that Apple Watch is not affected by the flaw, which allows hackers to "melt" security boundaries between user applications and the operating system.

Patches to protect users from another vulnerability, Spectre, are expected to be released "in coming days." While the flaw's techniques "are extremely difficult to exploit," it can still potentially affect devices in JavaScript running in a web browser, according to Apple. Spectre can be used by hackers to dissolve the barrier that separates different applications and trick otherwise error-free applications into leaking information stored in their memory.

Both security flaws require a malicious app to be loaded on the device operating on Mac systems or iOS, so the general recommendation from Apple is to avoid downloading software from suspicious sources and use only trusted ones such as the App Store.

 
Interesting timing ... :)

VIA return to the CPU fray against Intel and AMD with Zhaoxin x86 chips



VIA used to be a confident third-place team in the x86 CPU game, but their position has been almost entirely squeezed out of the market as of late due to the engorged bodies of AMD and Intel. Conveniently, however, VIA still hold the relevant licenses required to get a functioning modern CPU into the market, and are getting back in the game through their co-owned semiconductor manufacturer, Zhaoxin. https://www.pcgamesn.com/via-x86-cpu


Old x86 CPU rival and chipset maker VIA still has its old licenses, and will be producing new x86 CPUs as an alternate to Intel and AMD. Their Prime markets is expected to be China and Russia to get away from being forced to use the "West's" engineered processors. One can only imagine why they they have motivation to stop using Intel ... :)




I'm not 100% sold on Jim's take that this is a 100% purposefully engineered backdoor, as the flaw is a result of branch prediction and having data related to that being stored in an unsecured cache, as explained in the "wired" article I linked to above. However I would be inclined to believe that this issue was known long ago and exploited, possibly by letter agencies.

It should be also noted that the bug has three variants, 1, 2, and 3, - 1 being the "spectre" category and 2 and 3 being "meltdown" -- Variant one is the only one that has the possibility of affecting AMD CPUS and only if the kernel is configured in a non-default mode for some reason. Intel CPUS are susceptible to all three and ARM to variant's 2 and 3, I believe. So they don't all have the same issue - the issue with AMD CPUs is quite different. Intel needed to try to throw everyone under the bus equally though in their press release as damage control.

To me this is old news. I have seen the whole upcoming of the computers, from the first 6502 and Z80 processors to the CPU-monsters now. All have backdoors backed on the chip, for "development purposes" ... This topic tells only about CPU's in computers, but many printers and other peripheral equipment is probably affected too. Why? Because it could and would be useful when needed.
(You can run a webserver on a relative old printer, if you are handy enough. Of course no references, maybe on darknet?) :wizard:

vulnerabilities called Meltdown and Spectre affect almost all modern CPUs, including those produced by Intel, Advanced Micro Devices (AMD) and ARM Holdings.


 It should be also noted that the bug has three variants, 1, 2, and 3, - 1 being the "spectre" category and 2 and 3 being "meltdown" -- Variant one is the only one that has the possibility of affecting AMD CPUS and only if the kernel is configured in a non-default mode for some reason. Intel CPUS are susceptible to all three and ARM to variant's 2 and 3, I believe. So they don't all have the same issue - the issue with AMD CPUs is quite different. Intel needed to try to throw everyone under the bus equally though in their press release as damage control.
Type 3 is the one of the types called Meltdown ... it is the most serious ... providing the easiest means for the code running in one process to spy on the data in another process.

I agree with Navigator's post in that my understanding (and apparently the understanding of Linus and those working this on the Linux kernel) is that AMD processors are not vulnerable to Meltdown of the type 3 variant.

I disagree with the above quoted line from the article that Hervé posted, which implies that all 3 vulnerabilities effect all three of Intel x86, AMD, and ARM.

Full disclosure: I am happily running on a Ryzen7 CPU from AMD, so I have some motivation to "defend" AMD processors :).

vulnerabilities called Meltdown and Spectre affect almost all modern CPUs, including those produced by Intel, Advanced Micro Devices (AMD) and ARM Holdings.


 It should be also noted that the bug has three variants, 1, 2, and 3, - 1 being the "spectre" category and 2 and 3 being "meltdown" -- Variant one is the only one that has the possibility of affecting AMD CPUS and only if the kernel is configured in a non-default mode for some reason. Intel CPUS are susceptible to all three and ARM to variant's 2 and 3, I believe. So they don't all have the same issue - the issue with AMD CPUs is quite different. Intel needed to try to throw everyone under the bus equally though in their press release as damage control.
Type 3 is the one of the types called Meltdown ... it is the most serious ... providing the easiest means for the code running in one process to spy on the data in another process.

I agree with Navigator's post in that my understanding (and apparently the understanding of Linus and those working this on the Linux kernel) is that AMD processors are not vulnerable to Meltdown of the type 3 variant.

I disagree with the above quoted line from the article that Hervé posted, which implies that all 3 vulnerabilities effect all three of Intel x86, AMD, and ARM.

Full disclosure: I am happily running on a Ryzen7 CPU from AMD, so I have some motivation to "defend" AMD processors :).


Fully concur; Intel (not unexpectedly) just tried to throw AMD and ARM under the same bus that was freight-training right for them in an attempt to protect their stocks -- their method was obviously to pay for the press and article headlines to not single them out. Notice how they are almost all the same headlines? Unfortunately most people won't be tech savvy enough to understand the actual risks - what Intel is counting on.

AMD's official security statement is here: https://www.amd.com/en/corporate/speculative-execution

For AMD processors Variant 1 (Spectre) has already already been patched (by OS or vendor provided updates) with negligible performance effects (although I will do some benchmarks - I have put the update on hold), Variant two and three do not affect default configured AMD CPUs at all.

ARM has also said that only some of their processors are affected and has made corrective statements to Intel's "paid for" press headlines.



"When F00F bug hit 20 years ago, Intel reacted the same way" https://www.itwire.com/security/81328-when-f00f-bug-hit-20-years-ago,-intel-reacted-the-same-way.html


"One interesting aspect of all this is how well both Intel and Microsoft have mastered the art of damage control via management of on-line bug information. This is really a much more serious bug than the infamous Pentium math bug, but never quite crossed over from geekdom into the public consciousness."

He said both companies had waited "until their more clueful customers' complaints reached an adequate volume ... "

¤=[Post Update]=¤


To me this is old news. I have seen the whole upcoming of the computers, from the first 6502 and Z80 processors to the CPU-monsters now. All have backdoors backed on the chip, for "development purposes" ... This topic tells only about CPU's in computers, but many printers and other peripheral equipment is probably affected too. Why? Because it could and would be useful when needed.
(You can run a webserver on a relative old printer, if you are handy enough. Of course no references, maybe on darknet?) :wizard:

This specific issue isn't really a "backdoor". But your reference certainly applies to the Intel ME. It was never a "bug" until the vulnerability became known - before that it was a "special feature" for high level IT managers and "law enforcement agencies" to utilize :)

Jim Stone concurs re the AMD fake news from Microsoft:

WARNING: RECENT MICROSOFT UPDATE TO PATCH INTEL "PROBLEM" MAY RUIN AMD SYSTEMS - SEE TOP POSTED REPORT BELOW

IN LIGHT OF THE LATEST RUMOR, WHERE THE UPDATE TO FIX THE "MEMORY HOLE" PROBLEM ON INTEL SYSTEMS WRECKS AMD,

IF YOU HAVE AMD DO NOT "FIX" ANYTHING WITH ANY UPDATE FROM MICROSOFT UNTIL OTHER PEOPLE HAVE SUFFERED ON YOUR BEHALF REVEALING WHAT THE PROBLEM WITH IT IS.

FULL REPORT BELOW, UNDER Jan 6

[...]
_________________________________________________________ 6 Jan 2018

WARNING: RECENT MICROSOFT UPDATE TO FIX SECURITY HOLE ON INTEL SYSTEMS MAY WRECK AMD SYSTEMS

IF YOU HAVE AMD, THE RECENT SECURITY PROBLEM IS NOT SERIOUS, WAIT FOR THE DUST TO SETTLE BEFORE DOING ANYTHING

HERE IS THE LATEST ON THIS TOPIC:

AMD user issues stern warning:

UPDATE: THIS NOW APPLIES TO WINDOWS 10 ALSO, THE UPDATE TO FIX THE MEMORY VULNERABILITY MAY BE A TRAP!!!

Windows 7 AMD users:


!*******DO NOT INSTALL KB4056894*******!

This will BSOD your AMD machine.


OR:


BEWARE! This "update" can **** your system, as it has mine.

My user account with admin rights now acts like a standard user account. I cannot login as Administrator in any way. I cannot access many directories (e.g. Documents and Settings). I cannot run CMD as Administrator. I cannot run regedit. I cannot run Setup from the DVD. When I boot to Safe Mode, there is no keyboard nor mouse response.

I had no idea this morning that I would need to wipe my HD and start all over again. Thanks, microjerk, for this wonderful kick to the nutsack.

Does anybody have any suggestions on how to deal with or, even better, remove this POS update? All the standard ways of removal either do not work, or are inaccessible.

IN LIGHT OF THE LATEST RUMOR, WHERE THE UPDATE TO FIX THE "MEMORY HOLE" PROBLEM ON INTEL SYSTEMS WRECKS AMD, IF YOU HAVE AMD DO NOT "FIX" ANYTHING WITH ANY UPDATE FROM MICROSOFT UNTIL OTHER PEOPLE HAVE SUFFERED ON YOUR BEHALF REVEALING WHAT THE PROBLEM WITH IT IS.

UPDATE: THE AMD VULNERABILITY IS A HOAX BY INTEL, THE LATEST BUGS DO NOT AFFECT AMD IN ANY MEANINGFUL WAY WHATSOEVER.

If you have an AMD processor yes, you might somehow have, on rare occasion, a tiny amount of ram hackable for a split second, but with INTEL your @ss is hanging out in it's entirety ALL THE TIME.

It is virtually impossible to exploit AMD to such an extent, no one would bother. Intel on the other hand is an intelligence agency/hacker playground.

Remember that big dump of NSA hackware that happened about six months ago? That is, after all, what this is about - average people getting ahold of NSA tools Intel cooperated in the development of, and now the people the tool was made for are crying because they themselves can be hacked with their own stuff, let alone all the government computers that can be hacked with their own stuff, and yada yada.

I will do NOTHING (zero) to patch my AMD systems. It is not important for AMD (at least in the context of the current problem of the day.) That is not to say AMD does not have an entirely different back door (who would know) but for the current problem, WHATEVER.

As Jim's article above so elegantly stated ... :)

Anyone running Windows 7 and an older AMD processor (Athlon / Turion / Opteron) that installs update KB4056894 could end up with a brick (but I don't think this affects Ryzens - mind you very few are running on Win 7). You may get a "BSOD stop: 0x000000c4" on reboot. Can't rollback an update if you computer won't boot ...

A solution to remove this update has been posted on this Reddit thread for anyone affected: https://www.reddit.com/r/sysadmin/comments/7ode4s/problems_with_windows_7_quality_rollup_kb4056894/

Microsoft forum discussion here: https://answers.microsoft.com/en-us/windows/forum/windows_7-update/stop-0x000000c4-after-installing-kb4056894-2018-01/f09a8be3-5313-40bb-9cef-727fcdd4cd56?auth=1&rtAction=1515190079156

Anyone running Windows 7 and an older AMD processor (Athlon / Turion / Opteron) ...Thanks, Navigator.

Anyone running Windows 7 on an older AMD processor (Athlon / Turion / Opteron) will want (need) to pay close attention to this.

http://www.tomshardware.com/forum/id-1816242/secret-intel-chip-snoops-backdoor-access.html
“Intel actually embedded the 3G radio chip in order to enable its Anti Theft 3.0 technology. And since that technology is found on every Core i3/i5/i7 CPU after Sandy Bridge, that means a lot of CPUs, not just new vPro, might have a secret 3G connection nobody knew about until now,”reports Softpedia.

holy freak ****...turn out to be true after these years that have talked about regarding backdoor spying on people. it as became Conspiracy FACT

Anyone running Windows 7 and an older AMD processor (Athlon / Turion / Opteron) ...Thanks, Navigator.

Anyone running Windows 7 on an older AMD processor (Athlon / Turion / Opteron) will want (need) to pay close attention to this.

Apparently it is patch KB4056892 that is affecting older AMD cpus, not the update first indicated in Jim's response above. MS has halted the update until they get it fixed - has something to do with certain old AMD chipsets not having good enough documentation - at least that is what MS is saying.


UPDATE Microsoft’s fix for the Meltdown and Spectre bugs may be crocking AMD-powered PCs.

A lengthy thread on answers.microsoft.com records numerous instances in which Security Update for Windows KB4056892, Redmond’s Meltdown/Spectre patch, leaves some AMD-powered PCs with the Windows 7 or 10 startup logo and not much more.

Users report Athlon-powered machines in perfect working order before the patch just don’t work after it. The patch doesn’t create a recovery point, so rollback is little use and the machines emerge from a patch in a state from which rollback is sometimes not accessible. Some say that even re-installing Windows 10 doesn’t help matters. Others have been able to do so, only to have their machines quickly download and install the problematic patch all over again …

https://www.theregister.co.uk/2018/01/08/microsofts_spectre_fixer_bricks_some_amd_powered_pcs/

Jim Stone's jubilation:

BUSTED: RECENT INTEL PROCESSOR (MELTDOWN) SCANDAL INVOLVES INTEL PROCESSORS ONLY, THEY ARE TRYING TO DRAG AMD AND ARM INTO THIS, DON'T BUY THE B.S. (http://82.221.129.208/.zk1.html)

Spectre is such a small problem I would not worry about it on an AMD or ARM platform. I would worry about it on an Intel platform though.

They released to the public a lie to cover for the fact that Intel's Vpro core was an intentional back door for the NSA.

The memory vulnerability, (if it exists at all) is a sideshow, and ARM and AMD were back stabbed with claims they had the same problems just to either help Intel, or cover for the fact that the vulnerability was intrinsic to hardware, and specifically the separate Vpro processor that was onboard every Intel chip from Sandy Bridge forward. If you want to be realistic about things, the Spectre bug is simply a no show on AMD and ARM, because it is simply too hard to do to them for it to mean anything, and AMD and ARM are not affected by the Meltdown bug AT ALL.

In 2011 I outlined the problem in a report titled "Is Intel's Sandy Bridge on a road to nowhere?"

I pointed out the problem - a second on-chip processor that was always on, even when the power was turned off, and this processor could clandestinely switch on any part of the computer when it received a remote command. Intel marketed this as "making the administrator's job easier" because an administrator could install updates and get data while all employees were at home asleep, and everyone would simply arrive to work the next day with everything updated because even if their power was turned off, their computers could receive updates anyway.

PROBLEM: All encryption keys - any system had - were held on this second processor, which was not adequately secured AT ALL from the outside world. It allowed a total highway into anyone's system, and I said at that time that the only real reason why this would be done would be to allow intelligence agencies access whenever they wanted, - access no one could stop because the encryption keys were right there for the intelligence agencies to use. Sandy Bridge, and all processors forward, A TOTAL OF 1,487 different models of Intel chips had this, right up to every Intel chip made today.

So everything was fine and dandy, as long as only a few ex NSA people who could be acceptably contained tried to spread the word on sites like this one and no one got the NSA tools that are used to access these processors.

After all, if it was only me blowing the whistle in 2011, they could just blow it off.

PROBLEM: About 8 months ago, someone inside the NSA released all these tools to the public in a "wiki" type release, and now, 8 months later hacker Joe is playing NSA and the NSA simply does not want that.

This is the ONLY REASON, AND I MEAN ONLY reason why the "bug" was "mysteriously found" by some hoax fraud jackass who "read thousands and thousands of pages of Intel processor manuals, and found it".

YEAH RIGHT, BULL****.


http://82.221.129.208/bs.gif


So I knew, from early 2011, that everything from now on had to be AMD. HERE IS PROOF, STATED BY THE MSM 6 YEARS LATER THAN I SAID IT: (https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/)


"For the past seven years, millions of Intel chips have harbored a security flaw that can be potentially exploited to remotely control and infect systems with spyware.

"Specifically, the bug is in Intel's Active Management Technology (AMT), Standard Manageability (ISM) and Small Business Technology (SBT) firmware versions 6 to 11.6. According to Chipzilla, the security hole allows "an unprivileged attacker to gain control of the manageability features provided by these products.

"That means it is possible for hackers to log into a vulnerable computer's hardware - right under the nose of the operating system - and silently tamper with the machine, install virtually undetectable malware, and so on, using AMT's features. This is potentially possible across the network because AMT has direct access to the computer's network hardware.

"These insecure management features have been available in various, but not all, Intel chipsets for nearly a decade, starting with 2010's Intel Q57 (sandy bridge) family, all the way up to this year's Kaby Lake Core parts.

- My [Jim Stone's] insert: Correction: It started with Centrino, long before this but Centrino was not a common platform. -


"Crucially, the vulnerability lies at the very heart of a machine's silicon, out of sight of the operating system, its applications and any antivirus.

"The programming blunder can only be fully addressed with a firmware-level update, and it is present in millions of chips. It is effectively a backdoor into computers all over the world.

"The vulnerable AMT service is part of Intel's vPro suite of processor features. If vPro is present and enabled on a system, and AMT is provisioned, unauthenticated miscreants on your network can access the computer's AMT controls and hijack them. If AMT isn't provisioned, a logged-in user can still potentially exploit the bug to gain admin-level powers. If you don't have vPro or AMT present at all, you are in the clear."
Six years after I said it, it made it into the MSM

Many times I got into arguments with Intel fans, who were thrilled about the passmark scores on their Intel processors, and said AMD just can't stack up to Intel because "equivalent" AMD processors were 10 - 15 percent slower.

I always said it was their loss, because they were hacked full time.

AND NOW I GET THE FINAL TAUNT:
HEY INTEL LACKEYS WHO WERE SO SMART, IT SEEMS INTEL IS ALL FULL OF HOLES. HOW ARE YOUR PASSMARK SCORES LOOKING NOW THAT THE FIX FOR VULNERABILITIES I WARNED YOU ABOUT IS EATING MORE CPU THAN ANY ADVANTAGE YOU PREVIOUSLY HAD WITH INTEL? HOW DO YOU FEEL ABOUT HAVING EVERYTHING RAPED SINCE 2011 ALL THE WHILE I WAS AN IDIOT "CONSPIRACY THEORIST"?

The problem is SO BAD Intel is recommending people ****can any processor they bought in 2016 or earlier because the fix will destroy performance so badly.

HEY ALL YOU BACK STABBERS OUT THERE WHO HAVE TRIED TO DESTROY THIS WEB SITE:

HOW THE * DID I KNOW INTEL HAD THIS PROBLEM IF I WAS NOT NSA? I was always a step ahead of Snowden, and now proof has come out that I smoked him like a pack of Marlboros.

I gotta say, I am not disappointed. Intel knowingly cooperated with the NSA on purpose to rape everyone and for that Intel deserves to die.

The current description for the problem is a lie.

All you have to do to know it, is see what processor series are "most affected". They are:

EVERYTHING SANDY BRIDGE FORWARD, PLUS CENTRINO (not mentioned by anyone) BECAUSE THAT IS WHEN THE BUGS WENT IN.

CENTRINO WAS DESIGNED IN ISRAEL, AND WAS THE BEGINNING OF THE END FOR INTEL. (At the time Centrino came out, not all Intel processors were bugged like this, only Centrino was. Sandy bridge was the turning point.) ALL PROCESSORS SANDY BRIDGE FORWARD GOT AN ENHANCED VERSION OF THE CENTRINO HACK. That's where the root of the problem is, but with anything Sandy Bridge and later, the problem got a heck of a lot worse.

Yeah, yeah, I know about the so-called "memory vulnerability". That's just cover for the real problem. The series of processors involved proves it. Sandy Bridge. Ivy bridge. Sky Lake. Kaby Lake. DING DING DING DING DING. NAILED IT.

If you have an old Intel in the closet that is prior to Centrino, IT IS NOT HACKED THE WAY THEY SAY, THEY JUST WANT YOU TO GET RID OF ANYTHING THAT IS NOT A PLAYGROUND FOR THEM, DO NOT THROW IT AWAY, DO NOT EAT THE BULL****.


Final comments on this topic:
Don't expect links to sources when I was the original whistle blower on this problem. When I was the first to say anything on this topic. And when I am now proven right. They are not being honest about what the real problem is right now, but that matters not, it suffices to know that as I stated, Intel processors are the BIG problem. Arm and AMD basically have nothing wrong with them and were dragged into this for the sole purpose of bull****ting the public about what the real problem is.

If ARM and AMD had similar problems, the fix would hit them with a 50 percent processor downgrade. It has not. There are NO ISSUES AT ALL WITH THEM, which means THEY DID NOT HAVE THE PROBLEM. That alone proves my point.

I knew about purpose built cpu backdoors in 1993, approximately. Custom telecom chips.


I can tell you - that the situation was global. Yes, in the mid 1990's, it was fully global.

This is many times done with many a large scale chip, depending on intended usage. Same for complex software that runs said systems. A single piece of software for a backbone system might have the original programmer's secret back door (which any programmer worth their pay will make for themselves), the corporate backdoor system (which the corporation demanded) and then the NSA purpose built backdoor (that the NSA demanded). Each may be a derivative of the fundamental.

the more complex the chip and software the more likely the backdoor exists and that there may be multiple paths.

The first mistake is to acquire a computer...

The second mistake is to plug it in into the wall outlet...

The third mistake is to switch it on...

... and one is done in to the hilt! Checkmated in three moves.

Jim's Stone vindication:

January 20 2018

BLOCKBUSTER: THIS IS AMONG THE MOST IMPORTANT THINGS EVER POSTED TO THIS WEB SITE. (http://82.221.129.208/.zj8.html)

You have heard this before on this web site (7 years ago to be exact) so why is it important?

Because this post, by an Intel engineer, proves my background and credibility.

This post, by an Intel engineer, proves that I am an order of magnitude past Snowden (and I am, I was way far above his position at the NSA.)

It destroys every troll that ever posted sh*t against my credibility or this web site.

Who else has ever had validation like this SEVEN WHOLE YEARS AFTER BEING THE FIRST TO SAY IT?

Wired and others had somewhat similar posts five years AFTER I said it, and they probably simply re-worded what I posted because that is what happens when anyone is that far ahead.

A few people were skeptical when I said this latest bug was corevpro related and nothing to do with what they claimed, and that it did not affect AMD. And I am right. and did not get it from anywhere other than my background. DEAR TROLLS, READ IT AND WEEP, This was posted to Intel's own web site, by a programmer gone rogue:


http://82.221.129.208/inteladmission.gif


I CAN RIGHTFULLY CLAIM FULL CREDIT FOR BEING THE VERY FIRST WHISTLEBLOWER ON THIS TOPIC. ANYONE WHO BACK STABS MY WORK, OR CLAIMS I AM NOT NSA IS FULL OF ****.

HOW ELSE WOULD I KNOW THIS SO FAR AHEAD OF ANYONE ELSE?

ANYONE WHO HAS KNOWN ABOUT THIS SITE FOR A WHILE HAS SEEN ME POST ABOUT THIS FOR ALL OF THIS DECADE.

HOW THE HELL DID I KNOW?

AND NOW THAT AN INTEL PROGRAMMER HAS SAID IT, LET THERE BE NO DOUBT:

IF YOU HAVE AN I SERIES PROCESSOR, YOU BOUGHT A WEAPON INTENTIONALLY SET UP TO DESTROY YOU, IT BELONGS IN THE TRASH, NOWHERE ELSE, AND THERE IS NOT A SINGLE GOD DAMN OPERATING SYSTEM PATCH THAT WILL EVER, AND I MEAN EVER FIX IT.
Furthermore, ALL Intel processors since Centrino have had their development managed from Israel, and many were developed entirely in Israel. Does that wash right with you?

OK, LET ME GIVE YOU THE SMALL TEXT DETAILS: If you run a large corporation, and you have competitors that are Jewish, they have raped all data on all I series processors your business owns and stolen every last contact, secret, strategy, and tech development your company has ever sent across them.

More importantly, this programmer that just blew the whistle does not know the problem extends to other Intel processors outside the I series (which he was cleared to know about), and includes anything that has Centrino tech that made it into everything, including the lowly Celeron and Core2.

There is a cold hard reason why the Jews have suddenly taken it all over the last decade, and this is exactly it. It is not only the NSA that can rape you, all of the back doors were handed straight to all the Jews who became billionaires and trillionaires, and Israeli intelligence also.

I really hate to tell people this, but if you have ANY Intel processor that is newer than Pentium 4, it is risky, and any Intel processor Core2 forward belongs straight in the trash. You are murdering your business if you use them and you are NOT JEWISH.

This pyramid graphic, done in 2012 is DEAD ACCURATE, it was not just a joke!:


http://www.jimstonefreelance.com/pyramid600.jpg


[Odin's Eye]


The damage Intel inflicted on you goes far beyond the value of the computers you purchased. It includes ALL the work you ever did on them.

Intel needs to be disbanded for this, a class action lawsuit simply can't pay people back the damage done. And yes, now the Jews really do own it all - look it up! and it is NOT because they were "better".

Likes blowing his own trumpet, but that aside I fully believe it.
Also easily dismissed as an anti-semetic rant by a huge swathe of casual grazers.

Likes blowing his own trumpet, but that aside I fully believe it.
[...]
I guess it's a "pressure" release from all the trolling "Blitzkriegs" he suffered - and still is - for over 7 years from his former NSA (http://projectavalon.net/forum4/showthread.php?95892-Vault-7) "colleagues."

Here is his update on that subject:
I am now using a very old AMD laptop. (http://82.221.129.208/.zj8.html)

Read the post about Intel (http://projectavalon.net/forum4/showthread.php?101184-CPU-Security-Holes-affecting-Intel-AMD-and-other-CPUs&p=1203099&viewfull=1#post1203099) and you'll understand why. I am still a little paranoid, but this laptop is a 2009 model and that is going to be better than anything new, even if it is AMD.

With Knoppix (http://projectavalon.net/forum4/showthread.php?100764-Tip-For-Computers-Exhibiting-Symptoms-of-Having-a-Mind-of-Their-Own) I can't notice any performance issues. I picked it up "broken" for cheap. Knoppix automatically determines what is wrong and boots anyway, it seems to run perfect.

Update from Jiim Stone (http://82.221.129.208/.zj6.html):

January 22 2018

EFFECTIVE IMMEDIATELY: INTEL WARNS EVERYONE TO NOT INSTALL MELTDOWN FIXES (http://82.221.129.208/.zj6.html)

Gee, I wonder why. Perhaps because there is no legit fix so why bother!

I am not going to link the article because it ends with a hideous lie. However, the article at least reveals
ALL PATCHES ARE FIRMWARE PATCHES, NOT SOFTWARE PATCHES, WHICH PROVES WITHOUT QUESTION I WAS RIGHT ALL ALONG - INTEL GOT BUSTED FOR VULNERABILITIES RELATED TO ITS VPRO CORE AND ANYTHING THAT HAD CENTRINO TECH ROLLED INTO IT, WHICH MEANS CORE2, I SERIES, AND ANYTHING ELSE (EVEN THE ATOM AND CELERON) RELEASED AFTER 2008. THIS BUG IS NOW IN PRACTICALLY EVERYTHING iNTEL.
Software patch? MY ***!!!

None of the fixes can possibly work, because they are like trying to attach a fifth piston in a 4 cylinder engine.

Intel processors are designed to function fully subservient to the NSA and now that they got busted for it, there is nothing they can do to fix it!

The "patch", which has now been revealed to try to fix the problem by tweaking the BIOS (and not the operating system, that was a lie all along and I said that all along because I knew it all along) causes the computers that get them to behave like they are drunk, with random crashes, reboots, and total general instability and for some reason, once the "patch" is applied, it cannot be undone because it screws the BIOS. CUTE.

To summarize, from Jim Stone (http://82.221.129.208/.zj4.html):
January 22/23 2018

After this latest processor debacle, I backed up to using a 10 year old AMD laptop to do this web site. It works GREAT with Knoppix, I am not having any performance issues at all, not even with graphics creation. I never got any dirt on AMD but am being careful anyway.

I am going to quickly go over the real reason Intel is having problems (again) for those who do not know.

I have mentioned numerous times over the last 7 years how Intel intentionally put back doors, for the NSA, into all their processors.

Problem:
Someone inside the NSA did a job 500X worse than Snowden, and released all the hackware that exploits these back doors to the general public 8 months ago.

I did a short report on it and left it at that. The media stayed predominantly silent because it was not any sort of snowden game, it was real damage. All the world's hackers have these tools now, and the "wrong people" are now getting hacked.

So a huge stupid reason that blamed all processors for the "problem" was made up and a dream story about some idiot reading "thousands of pages of Intel processor manuals" and finding the bug was made up.

But I knew that was a lie (intrinsically simply knew) because I knew about the prior enormous breach at the NSA and know how much American intelligence lies and back stabs. They'll drag AMD and ARM into this just to cover up a pet project they had going with Intel. I was waiting for this to happen, because it had to.

Low and behold, through a screwed up press release, they admitted that the problem was not how the processors write to memory WHEN THEY STATED THE FIX MADE CHANGES TO THE BIOS THAT [is] NOW CAUSING ENORMOUS PROBLEMS WITH INTEL PROCESSORS THAT RECEIVED THE PATCH.

If it was a memory caching issue, that would be handled by a patch to operating systems (as the original lie stated), NOT THE BIOS (which the "fix" actually ended up being for.)

By modifying the bios they can instruct parts of the computer to not work, (thereby "fixing" the problem,) but the holes in the system are so huge that the processors can't properly cope with closing them.

As it is beginning to turn out, the problem is not fixable, and any server, desktop or laptop anywhere can be raped on a whim.

It will never be possible for me to secure the message window, Ebay can't secure their stuff, NOTHING can be secured and the world is now at the mercy of not only the intelligence agencies, but now also random hackers. Th[is] report (http://projectavalon.net/forum4/showthread.php?101184-CPU-Security-Holes-affecting-Intel-AMD-and-other-CPUs&p=1203099&viewfull=1#post1203099) explains how, and what the real solution to the problem is.

The real solution to a permanent fix:


BECAUSE I HAVE ALWAYS BEEN A STEP AHEAD WITH THIS, I WILL NOW, AHEAD OF EVERYONE ELSE, ON JANUARY 22 2018 ANNOUNCE A GENUINE FIX FOR INTEL'S PROBLEM:


http://82.221.129.208/hammertimefix.jpg Obviously, you'll have your AMD machine ready with all your files before you implement the fix. I'd mothball the Intel or give it to the kids. You can still take parts out of it if you don't smash it.

Now, for a little corroboration from Linus Torvalds:

Linux creator blasts Intel over 'garbage' fix for critical CPU bug (https://www.rt.com/news/416712-intel-bug-fix-problems/)

RT (https://www.rt.com/news/416712-intel-bug-fix-problems/)
Tue, 23 Jan 2018 18:36 UTC


https://www.sott.net/image/s22/446459/large/5a66d381fc7e93bd658b4569.jpg (https://www.sott.net/image/s22/446459/full/5a66d381fc7e93bd658b4569.jpg)
© Ralf Hirschberger / Global Look Press


Patches released by Intel Corp. to fix highly malicious Spectre and Meltdown vulnerabilities affecting its CPUs turned out to be faulty, the company admitted, urging customers to stop installing them until further notice.

Earlier this month, security researchers at Google Project Zero disclosed that data processed by the majority of modern CPUs, be they desktop computers or smartphones, could be vulnerable to critical exploits they called 'Spectre' and 'Meltdown.' Tech companies reportedly had months to prepare, and since the public announcement of the vulnerabilities, Intel released at least three patches - before discovering that their fix led some PCs to reboot unexpectedly.

On Monday, Intel announced (https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr) that it "identified" the"root cause" of the problem and will soon send out another patch to fix the faulty fix. The technology giant also provided (https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/) a list of Intel-based platforms that are impacted by the issue.

"We have now identified the root cause for Broadwell and Haswell platforms, and made good progress in developing a solution to address it," Intel Executive Vice President Navin Shenoy said in a blog post, adding that the company already provided the patch to its partners to check if the solution was found (https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/). "We will make a final release available once that testing has been completed."

In the meantime, the company advised "OEMs, cloud service providers, system manufacturers, software vendors and end users" to stop using the available versions of the patch, "as they may introduce higher than expected reboots and other unpredictable system behavior."

The inability to properly fix the problem for weeks after the security researchers released documentation of critical vulnerabilities in modern processors used in practically every computer and smartphone around the world, has sparked major criticism in the high tech industry. Linus Torvalds, who pioneered the Linux family of operating systems, could not contain his anger. He believes Intel has not done enough to shield its users from Meltdown and Spectre hardware-based bugs that could potentially allow hackers to steal any data, including passwords, personal photos, and emails.
"As it is, the patches are COMPLETE AND UTTER GARBAGE," Torvalds said in a message posted to the Linux kernel mailing list on Sunday.

"All of this is pure garbage. Is Intel really planning on making this sh*t architectural?" he asked. "Has anybody talked to them and told them they are f*cking insane? Please, any Intel engineers here - talk to your managers."
Torvalds said that the best possible solutions for the company would be to recall two decades worth of products and to give everyone free CPUs. But instead, Intel is trying to avoid huge losses and further damage to its reputation, and intends to continue shipping flawed hardware with software protection which will be turned off by default, he explained.
"The whole IBRS_ALL feature to me very clearly says 'Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks,'" Torvalds wrote.

"So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint."

Some fallouts from that Intel world invasion, from Jim Stone:

Jan 24 2018

We are probably all in much worse trouble than we think (http://82.221.129.208/.zj3.html)

What happened yesterday was very strange

I don't know if we can win.

The breach in Intel processor security is so complete, and very evil people are exploiting it on countless servers everywhere.

Here's what happened yesterday, probably as a result of the breach, and this is not a guess, it happened:
Alex Jones got the real FISA memo, which would put Clinton & Co in jail.

He tried posting it, and got more than one computer fried. I don't know exactly how many, I just know it was more than one. But he did manage to get it put up.

Then I tried to access it, and this computer shut down.

I got it started again and everything was scrambled - only parts of what the computer was supposed to do worked (for example, it booted but with system monitor I could not look at bandwidth, it was gone, I could not look at open processes, they were gone, and I could not do screen captures, that did not work . . . .

And I tried to access the Fisa document again and BOOM, shut down.

I tried a couple more times, and then something on the side of the computer burned me. I realized the flash drive with Knoppix on it was now getting so hot it could burn. If that was a real hard drive (from whatever they did to get it to get so hot) there's little question it would have fried.

So finally, after about 40 minutes of getting shut down and rebooting I managed to get back to the Fisa memo again and it worked without a hitch, and was old outdated crap I saw the day before. Someone switched it. Alex probably does not have the real document anymore but it is a damn safe bet he did. Today, there's not jack squat out there, Fisa is not being discussed anywhere on social media. Obviously blown off the web by AI

The flash drive survived, but ran hot the rest of the day yesterday. Today everything is normal.
So it is obvious that even if the FISA memo does get released, the shadow state, which owns everything now, probably won't let it be read. I don't consider what happened to this computer yesterday to be any sort of actual breach, because when you hit things on the web you are at the mercy of whatever you bring in. There is no way to avoid that.

Wow... Linus Torvalds is actually swearing!

I like the hammer solution. Who says violence doesn't solve anything? ;-)

Recent AMD CPUs are apparently also wired to call home...

From Jim Stone (http://82.221.129.208/.zi5.html):
About this old AMD laptop - (http://82.221.129.208/.zi5.html)

This is actually important.

It appears the older AMD cpu's use far less bandwidth online than the new ones do. This would strongly indicate that the newer ones are bugged, but I never got information to prove it.

Here's the scenario:

Since the Fukushima report, I worked on the same AMD A6 I bought in 2011 right when I discovered that the Fukushima report resulted in permanent disaster. I took the cash I had on hand and bought a decent laptop to get me through it. Finally, after almost 7 years of being an absolute battleship, it gave symptoms of instability so I figured I'd replace it.

I bought an AMD A8 that was in the same quality range. I figured I'd give the Microsoft OS a chance, but quickly discovered it was eating 300+ megs a day.

THAT was a problem.

So I switched it over to Mint, and it still ate just as much bandwidth. The old A6 never ate that much bandwidth. So then I switched to Knoppix, and the bandwidth usage dropped by about 40 percent. I figured I probably solved the problem with Knoppix.

Evidently I did not.

Two weeks ago for some reason I walked into a pawn shop that had gotten ahold of the garbage totally non functioning computers a company abandoned, and they had a few old AMD laptops in the mix. I bought one for about $15 USD, and discovered that the mother board needed to be baked. That's iffy, so I figured I'd go back and get another one so I'd have two chances. The second one was alive, with no hard disc. So I put one of the Knoppix live flash drives in it and BOOM, IT WORKED PERFECT. So I have been using that.

This is VERY IMPORTANT:

This AMD laptop is from 2010, and with Knoppix on it, it is eating less than half the bandwidth as the new AMD laptop purchased in 2017, doing the exact same work.
How important is that? All you need to do to get the answer is ask one simple question:
For what possible reason would the EXACT SAME OS use twice as much bandwidth on one computer as it does on another, when there is absolutely no perceivable difference in performance?
I am not using less "because the new one is slow," it is NOT slow. I can't tell the difference between the new one and this old one. Why would the old one be eating a lot less internet?

Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.

PROBLEM:

When you are like me, on a limited connection, having the expertise to actually monitor what the * is going on, it is PRETTY DAMN OBVIOUS.
So I'll get a stack of those computers and start baking motherboards . . . . .

^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything. and if he has the expertise he said he would be describing exactly what is happening. There's tools to monitor port activity, what processes are having activity, what they are accessing / controlling, etc, and can provide pretty good detail to exactly what would be going on ... I wish he could actually do this, as this is what is really needed to draw proper conclusions.

All the "A" series APUs from AMD are at an end, they are now replaced by the Zen based mobile and desktop APUs which is a 100% completely different architecture - not even close to the same as the "bulldozer based" APUs (A-series - which appear to have been potentially susceptible to meltdown and var2, unlike the Zen processors). Did AMD give up their back door for the Zen based processors? Tune in next week for more! :)

^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything.
What Jim Stone wrote on this seemed clear enough to me. He's on a metered cell data plan, and pays close attention to how many bytes he downloads each month, in order to keep within his monthly data limits. Running the same software (Knoppix (http://knoppix.net/), a variant of Linux) on an older AMD platform ate up less of his data allotment than running it on newer hardware platforms.

What I can't tell, nor can Jim tell, is whether that difference is due to some adaptive kernel or background service software in his Knoppix install, or due to covert backdoors in the underlying hardware on newer platforms. Certainly, there are select bits and pieces of software running in any such Linux, Windows or MacOS installation that are aware of the processor type and speed, and of the memory size and speed, and that may choose to adapt their running based on some of those details.

If I didn't have other things to do with my time (a blatantly false premise) then I might connect a variety of such devices, new and old AMD and Intel systems, all running perhaps Knoppix or other such minimalist software through a separate configurable firewall system that I could setup to track and record the data traffic volumes, per IP and protocol. Then I could identify and track down what differences there might be.

Personally, I'd prefer a lean Gentoo (https://www.gentoo.org/) system over Knoppix, with the Gentoo configured to have no SystemD, and no Display Manager either. However, building such custom variants of Gentoo is rather like deciding you want to drive to work or to the store, but don't like any of the pre-built cars available, so first you build your own car, out of parts you have laying around, or buy at the car parts store, or machine yourself, or find at the junk yard. This is not for the faint of heart.


http://www.qownnotes.org/var/bekerle/storage/images/media/images/gentoo-linux/3646-1-eng-GB/gentoo-linux.jpg
Personally, and presently, I am at least as worried about the insidious nature of SystemD, which is in Knoppix, since Knoppix is Debian based, and Debian adapted SystemD some three to four years ago now.

Knoppix is an operating system based on Debian designed to be run directly from a CD / DVD (Live CD) or a USB flash drive (Live USB) [Ref. Wikipedia for Knoppix (https://en.wikipedia.org/wiki/Knoppix)].


http://www.knopper.net/pics/knoppix-logo.gif
I've spent many, many hours rebuilding my home PC to not use SystemD (http://www.zdnet.com/article/linus-torvalds-and-others-on-linuxs-systemd/). But at the same time, in the summer of 2017, an upgrade of CentOS, the operating system used on our Avalon Forum web server, forced SystemD on to ProjectAvalon.net. One step forward, one step backward.


https://i.warosu.org/data/g/img/0612/32/1499272443925.png
However my SystemD concerns probably don't explain what Jim Stone is observing, since he's running the same Knoppix, with I presume the same SystemD, on different hardware, and getting different results. I said "probably", because of the possibility, noted above, that (1) something in his Knoppix installation is adapting to running on older, slower, AMD hardware in a way that reduces network traffic, and (2) that something is dependent on or a part of SystemD.

^^ unfortunately that is not a very scientific test at all. "eating megs" isn't IT terminology at all for anything.
What Jim Stone wrote on this seemed clear enough to me. He's on a metered cell data plan, and pays close attention to how many bytes he downloads each month, in order to keep within his monthly data limits. Running the same software (Knoppix (http://knoppix.net/), a variant of Linux) on an older AMD platform ate up less of his data allotment than running it on newer hardware platforms.


Thanks for the extra details. I would still prefer "scientific" over "clear". ;) I would have liked to see the extra work that you indicated to parse out more of the variables. If there is something to this, at some where in the process we should be able to have good repeat-ability. If there really is a "back door" that just starts sending data out at will, with modern IT tools, it shouldn't be that hard to find, and consistently.

Hmmm... what's not "scientific" about empirical data collected, a theory/hypothesis derived from the observed data and which can be verified/falsified by any experimenter the world round?

That's different than all the technical data of the size and thread specifications of the nuts and bolts included in patent submissions.

Addendum from Jim:


[...]

Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.

PROBLEM:
When you are like me, on a limited connection, having the expertise to actually monitor what the * is going on, it is PRETTY DAMN OBVIOUS.

So I'll get a stack of those computers and start baking motherboards . . . . .

Here is my new computer recommendation:
Though it appears the old A6 did not have back doors, due to the fact that it is quite obvious some A series computers are bugged, to keep it simple, here it is:

Any AMD system produced prior to Amd's A series that at least has a 64 bit processor, 2 gigs of ram, and Knoppix.

SECONDARY:
Most likely, due to experience with this, any of the original A series computers that were produced up until definitely mid 2012, and probably through 2013.

I have no information on when the bugs went into the AMD processors, but it is obvious that they are there with the newer processors because the bandwidth usage I am seeing with an up to date processor proves it.

It took the perspective of using an identical OS with a new one and an old one to prove it.

SAME FLASH DRIVE, SAME OS, DOUBLE THE BANDWIDTH USAGE WITH THE NEW PROCESSOR.

Fortunately, since Knoppix has no stifleware (it does not get crippled with so called "updates",) old computers run extremely well with it, so well I can't tell the difference, not even with graphics production.

Thanks for the extra details. I would still prefer "scientific" over "clear". ;) I would have liked to see the extra work that you indicated to parse out more of the variables. If there is something to this, at some where in the process we should be able to have good repeat-ability. If there really is a "back door" that just starts sending data out at will, with modern IT tools, it shouldn't be that hard to find, and consistently.
I would suggest that we not reject honest reports (which I take Jim's reports here to be) because they are not as complete, consistent and scientific as can be imagined.

Do not ask others, nor yourself, to be silent unless they can be experts on whatever they report.

Rather welcome honest reports of matters also of interest to ones self, and together we will improve our awareness and understanding.

You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

This is pretty important.


How can this hypothesis be tested?
Are there any other hypotheses?

That would be scientific.

For a background of Jim's history with his struggle to keep his expensive bandwidth cost, low; check this thread:

Tip For Computers Exhibiting Symptoms of Having a Mind of Their Own (http://projectavalon.net/forum4/showthread.php?100764-Tip-For-Computers-Exhibiting-Symptoms-of-Having-a-Mind-of-Their-Own)

You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

This is pretty important.


How can this hypothesis be tested?
Are there any other hypotheses?

That would be scientific.

Those are of course legitimate questions. I don't believe I said anything to the contrary, rather I believe I pursued just such analysis in my earlier reply to Navigator.

I try to accept observations from non-expert witnesses, so long as they are more or less coherent and honest in reporting, in their own terms, what they observed, and I sometimes consider as interesting (before sometimes dismissing as unlikely) their conjectures as to what was behind what they observed.

In this case I further considered, in an earlier post of mine above, other possible explanations for what Stone observed, such as something in his Knoppix software installation that I could imagine could also account for what he observed.

But I don't reject Stone's reported observations because his analysis of possible causes was likely incomplete or even incorrect. Navigator's comments that he found Stone's comments "unfortunate" and that he found Stone's "eating Megs" to not be "IT terminology at all for anything", seemed to me to be disparaging not only Stone's analysis, but even his observations. I disagreed, and continue to disagree, with that aspect of Navigator's criticism of Stone's observations.

My best guess is that Stone's analysis ("the new AMD processors have back doors in them") is correct, but I also figured that there were other possible explanations, involving software behaving differently, depending on whether or not its running on some old, slow, AMD hardware.

You know, I can understand what Navigator is saying. Jim's [honest!] report says he's suddenly incurring twice as much bandwidth. His hypothesis (his ONLY hypothesis) to explain this is that his processor is sending back a lot of data to the intel agencies.

This is pretty important.


How can this hypothesis be tested?
Are there any other hypotheses?

That would be scientific.

this is VERY easy to verify

use wireshark (https://www.wireshark.org/), capture the ALL the traffic coming in and leaving... ridiculously easy to prove that his postulations are incorrect.

This is a part of my work description (network forensics), nothing like what he says is happening; there's no way people like me would miss it during incident response cases..... it's low information/understanding paranoia with out solid evidence to back it up.

I do not like it when people speak in absolutes about things they do not fully understand, it's a form of manipulation and dishonest..... rubs me the wrong way.

Why does everyone have to be a corey goode these days? the master of everything always? I'm so tired of alt personalities....

I would suggest that we not reject honest reports (which I take Jim's reports here to be) because they are not as complete, consistent and scientific as can be imagined.
...


I believe Jim to be honest about his speculation as well. Without further scientific method it is merely a very rough and very questionable speculation. Not good enough for me to agree with him that that "because X bandwidth is consumed in my anecdote without proper controls, therefore CPUs have backdoors". Especially when developing a protocol that is repeatable to prove this to be true would be so very easy for everyone to be able to test themselves and prove to everyone this, then watch the lawsuits fly.

I'm just saying this rough speculation doesn't cut it for me. I didn't reject it, per se, I called it inadequate to derive any real conclusion - particularly the one he gave.

Intel inside, from Jim Stone (http://82.221.129.208/.yx6.html):

8 NEW INTEL SECURITY HOLES FOUND (http://82.221.129.208/.yx6.html)

My [Jim Stone's] pre-comment:

Gee, if processor performance was reduced by 40 percent after patching the first two, after these 8 get patched, maybe everyone WILL be interested in a Nut-Yahoo TRS-80 seminar! (http://www.jimstone.is/pages/nutbasic1.jpg)

Also, below this top feature, the real problem with Intel CPU's will be posted.

The real problem is that all Intel processors ship with MINIX as a root operating system that always runs in the background and it is custom tailored to allow the NSA in, no matter what, and can be flashed with updates (not by the user) the WHOLE 9 YARDS.

This problem is also in every cell phone CPU, and even in your microwave.

The NSA data rape was total. As for the new Spectre and Meltdown type problems, The Germans have the report, and it is English. (https://www.heise.de/ct/artikel/Exclusive-Spectre-NG-Multiple-new-Intel-CPU-flaws-revealed-several-serious-4040648.html)The following is just a small snip.


"New flaws and even more patches "Spectre Next Generation" is just around the corner. According to information exclusively available to c't, researchers have already found eight new security holes in Intel processors.

"The vulnerabilities known as Spectre and Meltdown shook the IT world to its foundations: researchers proved that there is a fundamental design flaw in all modern processors with serious repercussions for system security (see c't issue 3/2018). After several patches were released, it seemed everything would be fine after all, although some experts warned that more revelations could follow. But the hope remained that the manufacturers could solve the problem with a few security updates.

"As it turns out, we can bury that hope. A total of eight new security flaws in Intel CPUs have already been reported to the manufacturer by several teams of researchers. For now, details on the flaws are being kept secret. All eight are essentially caused by the same design problem - you could say that they are Spectre Next Generation.

"c't has exclusive information on Spectre-NG, which we have been able to verify in several ways - we double and triple checked all the facts. Nonetheless, we will not publish technical details as long as there is still a chance that manufacturers will get their security updates ready before the details of the flaws become public. However, we will use our information to report about future releases of patches and provide background information.

"Eight new security flaws
Each of the eight vulnerabilities has its own number in the Common Vulnerability Enumerator (CVE) directory and each requires its own patches. It is likely that each vulnerability will receive its own name. Until then, we will jointly call these flaws Spectre-NG in order to distinguish them from the previously uncovered issues.

So far we only have concrete information on Intel's processors and their plans for patches. However, there is initial evidence that at least some ARM CPUs are also vulnerable. Further research is already underway on whether the closely related AMD processor architecture is also susceptible to the individual Spectre-NG gaps, and to what extent.

"Intel is already working on its own patches for Spectre-NG and developing others in cooperation with the operating system manufacturers. According to our information, Intel is planning two waves of patches. The first is scheduled to start in May; a second is currently planned for August.

"Knowing that Google Project Zero discovered one of the Spectre-NG flaws gives us an idea of when to expect the first patch. Googles elite hackers are scrupulous about observing the 90 day deadline that is meant to give companies time to address flaws after they have been notified - but they have no qualms about going public when the deadline ends, even if a patch has yet to be released. Time will run out on May 7 - the day before the next Windows patch day. Intel itself expects that information about a second flaw could be published any day now. Therefore, we can expect to see patches for these two vulnerabilities sooner rather than later."

Here is the real problem with Intel CPU's

Surprisingly, ZD Net (https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/) had the guts to publish this

Maybe you're not paranoid. Maybe they are out to get you. Ronald Minnich, a Google software engineer, who discovered a hidden MINIX operating system inside "kind of a billion machines" using Intel processors, might agree with this. Why? Let's start with what Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that:

"Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME."
In May, we found out that AMT had a major security flaw, which had been in there for nine -- count 'em -- nine years.

"Fixing this requires a system firmware update in order to provide new ME firmware (including an updated copy of the AMT code)," Garrett wrote. "Many of the affected machines are no longer receiving firmware updates from their manufacturers, and so will probably never get a fix," he said. "Anyone who ever enables AMT on one of these devices will be vulnerable."
Quick! How many of you patched your PC or server's chip firmware? Right. Darn few of you. That's bad. It's not every processor, but if you or your hardware vendor has "explicitly enabled AMT", your machine is still vulnerable to attack.

The Electronic Frontier Foundation (EFF) has called for Intel to provide a way for users to disable ME. Russian researchers have found a way to disable ME after the hardware has initialized, and the main processor has started. That doesn't really help much. ME is already running by then.

But Minnich found that what's going on within the chip is even more troubling. At a presentation at Embedded Linux Conference Europe, he reported that systems using Intel chips that have AMT, are running MINIX.

If you learned about operating systems in the late '80s and early '90s, you knew MINIX as Andrew S Tanenbaum's educational Unix-like operating system. It was used to teach operating system principles. Today, it's best known as the OS that inspired Linus Torvalds to create Linux.

So, what's it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don't know exactly what version or how it's been modified since we don't have the source code. We do know that with it there:


Neither Linux nor any other operating system have final control of the x86 platform (https://schd.ws/hosted_files/osseu17/84/Replace%20UEFI%20with%20Linux.pdf)

Between the operating system and the hardware are at least 2.5 OS kernels (MINIX and UEFI)
These are proprietary and (perhaps not surprisingly) exploit-friendly.
And the exploits can persist, i.e. be written to FLASH, and you can't fix that


MY [Jim Stone's] COMMENT:
During the recent attacks on my hardware, this is what was affected. Permanent bugs were put in the systems, and I could not get rid of them because:

"the exploits can persist, i.e. be written to FLASH, and you can't fix that"
These are NSA exploits that got lost to the general public in 2016 when someone in the NSA walked right out of the facility with the exploit software, which was then put on the web. This has been reported on this site several times. The software was up long enough for hackers to get it, and is now sold in shady system hacking suites you can find on the web.

The NSA is a total asshole for keeping the loss of their software secret, because they just can't give up their ability to totally transparently rape "over a billion cpu's". They'd prefer to have random Joe screwing everyone the way they can than give up their toy.

Guess what happens to the CPU manufacturers who don't implement an NSA backdoor...

From Jim Stone (http://82.221.129.208/.yv9.html):
Speculation: ZTE bowed to the NSA, Huawei did not (http://82.221.129.208/.yv9.html)

The main point of this particular report is speculative, but I bet I nailed it. First, what is not speculative:

In early 2016 another "Edward Snowden" (who was a hell of a lot worse than Snowden) smuggled ultra classified NSA spy software out of an NSA facility and dropped it on the dark web. This software uses hardware based back doors to allow itself to become permanently embedded in a system. I'll explain how it does this.

Every device you use has three different operating systems, running in layers. The layer you see is the OS the device sells with - Windows, Android, etc. Immediately below this top layer everyone sees is the bios layer, which in devices such as phones allows you to re-flash the device with "firmware updates". When you update "firmware", this is the layer you are working with. Most people think that's the root layer of any device. It is not. There is a layer below this that as it turns out, is specifically for the NSA. In all processors now, the bottom layer, which you cannot see, uses the MINIX operating system which is physically burned into the processor itself, and has a second processor you never know is there (but has ultimate control over the main processor). This second processor has approximately as much power as a 486DX2-66 processor. We may scorn that particular processor nowadays, but it is actually quite powerful, and more than enough to rape the main processor.

This second processor has flashable writable space that can be written to by the NSA for the purpose of planting bugs on a system that will not affect it's performance at all, because the bugs are executed by a processor the end user is not even aware exists. And even lowly devices, such as burner phones and other throwaway trash now have this second processor in them.

In early 2016, the software the NSA uses to exploit this second processor was dropped on the dark web, and hackers got it. You can still get illegal copies of this software, that is marketed as spy tools and phone location trackers that can be planted without whoever the bug was planted on ever knowing it. I had two such products posted on this site a couple months ago. The NSA knows this software was lost. The NSA does not want to tell anyone this happened, and is instead simply attempting to track down anyone who got ahold of this software, because they don't want to give up their toy. They are failing at this because the software is still available. And they don't care enough to warn people and plug the holes because they are pricks, who want to keep on raping people the same way the hackers that got their stuff are now doing.

Everything written to this point is CERTIFIED FACT. Take it to the bank, this has been reported "on the lower left hand side of page 52" by even mainstream publications such as Wired, but was not put front page for obvious reasons. I have also had those articles linked here before.


NOW FOR THE SPECULATIVE PART, and I bet it is BANG ON:
Hardware manufacturers in China also got the software and reverse engineered it because they actually care about their customers. Most likely Huawei and ZTE plugged the holes this software rips open, and got rid of the exploits. It was only after this happened that suddenly the U.S. government started ripping Chinese products. HEY, GUESS WHAT? IT WAS ALSO ONLY AFTER THIS SOFTWARE GOT OUT THERE TO BE REVERSE ENGINEERED AND PATCHED THAT THE GOVERNMENT STARTED RIPPING KASPERSKY ALSO.

And here is my bet: I'd bet Trump only started talking happy with ZTE, promising to "make China great again" by getting their products back into the U.S. market after they got shunned and banned out of it due to "security concerns with chinese products", because ZTE buckled under economic pressure, and agreed to put the NSA ass rapes right back into their products.

You see, you have to understand how the minds of criminals work. Any privacy on the part of the people the criminals exploit will allow good people to do things the criminals don't know about, and THAT amounts to "a security breach".

Fat chance the NSA is actually worried about the Chinese getting into American's business via their own spying. That is clearly not what "the security problems with Chinese products" are. The NSA could actually care less about that, if any American thinks agencies such as the FBI and NSA actually care about them, they need their head examined, these agencies are enemies on American soil AND THEY PROVED IT, BY NEVER ALLOWING ANY HOLES TO BE PLUGGED AFTER KNOWN CRIMINALS GOT AHOLD OF THEIR STUFF.

The writing is on the wall. WHY did American intelligence suddenly tell people to stop buying ZTE and Huawei, and to get rid of Kaspersky ALL AT ONCE and ONLY AFTER the NSA's hacking tools got released into the wild? Why was the timing like THAT? Answer: Because Apple, Microsoft, Google, Norton and all the other "big evils" are in bed with the NSA, and happily continued allowing their customers to be reamed by them, as well as be bare butt naked against hackers and crapware that can be had by anyone, and will rape people wholesale. After all, if the bug is so embedded the end user does not know it is even there why would Norton have to care? Their customers would not know their antivirus totally failed.

The good companies, like Huawei, ZTE, and Kaspersky said NO WAY. There is such a thing as ethics, and we are not going to be a part of this. And for that they got punished.

Securing cybernetic intelligence:


From Jim Stone (http://82.221.129.208/.yu3.html):
IMPORTANT: I have not clicked a mail for three weeks or more, and never on any of the systems in this particular cyber cafe, which means the only way I could be having to deal with this is via Israel's second processor embedded into every CPU now, all they have to do is bug the server so it tells them whenever I log in, and then they can feed me their crap.

I found a video that explains this problem very well. If anything I have said regarding the processor bugging is confusing, anyone can understand this particular video. He only makes one error, the OS is Minix, not Linux. If you want a short, succinct explanation of what is going on with these processors and who is doing it, and what it all means, SEE THIS. (https://www.youtube.com/watch?v=myYZfLhtOZc) If this is not answered to by good people, we are all TOAST.


http://www.jimstone.is/pages/intelmanage.JPG (https://www.youtube.com/watch?v=myYZfLhtOZc)


They mess with me so much that I occasionally get to see a treat when their crap glitches, like pages I never opened. I have yet to get into their e-mail but today was close, and if I ever do that will be enormous fun because it won't be a secret, I will know how it happened and will milk it to the MAX.


myYZfLhtOZc



HOW ISRAEL HARDWARE BACKDOORED - EVERYTHING

https://yt3.ggpht.com/a-/ACSszfHK6EZvmYJxNY26XK9m6QWCxe9fP3SvW4yCOA=s88-mo-c-c0xffffffff-rj-k-no (https://www.youtube.com/channel/UCFRV23uUZAf7l3tyq1CAoMA)Brendon O'Connell (https://www.youtube.com/channel/UCFRV23uUZAf7l3tyq1CAoMA)
Published on Apr 13, 2018

The Intel Management system. Or, the Israel Management System. This extract is 2.32 minutes long. Perfect for today's busy IT housewife as she breastfeeds, makes dinner and runs her corporate level business in red high heels waiting for hubby to get home from the office.

Taken from the excellent mini doco - "Israeli Drones World Wide".
https://www.youtube.com/watch?v=U4ce3N1lAjg

Israel's Secret Weapon - The Talpiot Program
https://www.youtube.com/watch?v=rYE9UgmVrfU

A tiny "Arc Processor" sitting within the Intel CPU with it's own custom version of Linux (Minix) operating beyond the software level - completely transparent to the end user. Does not matter if you're using Windows, Linux or Apple iOS...you are toast and THIS is how Israel does it. All part of The Talpiot Program. No one is safe - no one.

AMD has the exact same system - Platform Security System - and that is now totally owned and run by China.

The ENTIRE worlds "Cloud Based" Internet system is backdoored by Israel. THIS is a national security disaster. Disaster is spelt D-I-S-A-S-T-E-R.

[...]

AMD has the exact same system - Platform Security System - and that is now totally owned and run by China.

The ENTIRE worlds "Cloud Based" Internet system is backdoored by Israel.
But ... but ... China is not Israel :).

Is my nice AMD Ryzen system backdoored by China, or by Israel?

"The Intel Management system. Or, the Israel Management System. This extract is 2.32 minutes long. Perfect for today's busy IT housewife as she breastfeeds, makes dinner and runs her corporate level business in red high heels waiting for hubby to get home from the office. "

2.32 minutes for "extraction"? Internet, or computer/motherboard/drive speed apparently is not a factor ... ? That makes no sense. And what is even meant by the term "extraction"? Extraction of ... what info exactly? (If the video explains this and someone watched it they can explain, perhaps, but I don't understand exactly what is meant by this)

IT professionals have access to a vast range of tools for seeing exactly what is connecting, when, which port, and can snoop the data; this is the job of network security experts - its what they get paid to do. I am still waiting to hear from someone at this level of expertise to say anything about this.

It all has to travel through the network hardware and internet -- this is where the monitoring would occur. What happens inside a computer is irrelevant - what travels into and out of the computer and how is relevant. While I do agree that there are more exploitable "features" not yet "discovered" and that are used by hackers - government or corporation paid or not, if this was very widely used against every single PC and server - it would be known.

All of these types of stories (not specifically related to the OP, but rather to the "full access to everything all the time" stories) are full of big gaping holes ... I will acknowledge the filling of them though if someone can do that satisfactorily.

It all has to travel through the network hardware and internet -- this is where the monitoring would occur. What happens inside a computer is irrelevant - what travels into and out of the computer and how is relevant.
If end to end encryption is used, then what travels over the network is encrypted and if that encryption is strong enough, such data is impossible to decode with any practical effort, unless the decryption keys are also somehow exposed.

In such a case, any agency intending to collect such data from various targets, without the risk and expense of having to send human operatives out to plant bugs directly in each target's computers, requires pre-planted hooks deep inside the system, that can be remotely activated to capture data before it is encoded, or after it is decoded.

It is not, in my estimation and speculation, just the main processor architectures that have such pre-planted deep hooks, but also most of the larger, more widely used software platforms.

For example, I find it almost certain that Windows (https://www.microsoft.com/en-us/windows), MacOS (https://www.apple.com/macos), Linux (https://www.linux.com/), iOS (https://www.apple.com/ios/ios-11/), Android (https://www.android.com/), and Systemd (https://www.linux.com/learn/understanding-and-using-systemd) have "zero-day" bugs (https://www.techrepublic.com/article/zero-day-exploits-the-smart-persons-guide/), known to various intelligence agencies, that can be remotely exploited to exfiltrate sensitive data from the systems of targeted individuals.

Thus, to summarize, electronic data collection occurs by such means as:

As bulk collection of unencrypted data crossing the Internet or by signals intelligence.
As similar bulk collection of encrypted data, which might have its decryption keys exposed at another time.
As targeted collection of sensitive data from systems using Intel, AMD, and ARM CPU security holes.
As targeted collection of sensitive data from systems using major software packages (OS, System or App software).
As targeted collection of sensitive data crossing the Internet or by signals intelligence.
As collection of sensitive data using specially compromised devices provided to targeted individuals.

It all has to travel through the network hardware and internet -- this is where the monitoring would occur. What happens inside a computer is irrelevant - what travels into and out of the computer and how is relevant.
If end to end encryption is used, then what travels over the network is encrypted and if that encryption is strong enough, such data is impossible to decode with any practical effort, unless the decryption keys are also somehow exposed.

In such a case, any agency intending to collect such data from various targets, without the risk and expense of having to send human operatives out to plant bugs directly in each target's computers, requires pre-planted hooks deep inside the system, that can be remotely activated to capture data before it is encoded, or after it is decoded.

It is not, in my estimation and speculation, just the main processor architectures that have such pre-planted deep hooks, but also most of the larger, more widely used software platforms.

For example, I find it almost certain that Windows (https://www.microsoft.com/en-us/windows), MacOS (https://www.apple.com/macos), Linux (https://www.linux.com/), iOS (https://www.apple.com/ios/ios-11/), Android (https://www.android.com/), or Systemd (https://www.linux.com/learn/understanding-and-using-systemd) have "zero-day" bugs (https://www.techrepublic.com/article/zero-day-exploits-the-smart-persons-guide/), known to various intelligence agencies, that can be remotely exploited to exfiltrate sensitive data from the systems of targeted individuals.

Thus, to summarize, electronic data collection occurs by such means as:

As bulk collection of unencrypted data crossing the Internet or by signals surveillance.
As similar bulk collection of encrypted data, which might have its decryption keys exposed at another time.
As targeted collection of sensitive data from systems using Intel, AMD, and ARM CPU security holes.
As targeted collection of sensitive data from systems using major software packages (OS, System or App software).
As collection of sensitive data using specially compromised devices provided to targeted individuals.


Right, but you didn't address my main point ...

... any security expert could easily see that encrypted data is being sent / received when it shouldn't be (assuming every computer is being tracked or targeted). Where's the hordes of IT security experts demanding to know why all these mysterious encrypted connections are transferring data? Whether the data is encrypted or not holds no relevance to my point.

Targeting has to be incredibly specific, and there has to be very little in the way of protection on the target machine. If it was ubiquitous, it would have been noticed looong ago.

There has to be a sudden switch for it to be noticed by large firms, else it all goes under "normal traffic":



Recent AMD CPUs are apparently also wired to call home...

From Jim Stone (http://82.221.129.208/.zi5.html):
About this old AMD laptop - (http://82.221.129.208/.zi5.html)

This is actually important.

It appears the older AMD cpu's use far less bandwidth online than the new ones do. This would strongly indicate that the newer ones are bugged, but I never got information to prove it.

Here's the scenario:

Since the Fukushima report, I worked on the same AMD A6 I bought in 2011 right when I discovered that the Fukushima report resulted in permanent disaster. I took the cash I had on hand and bought a decent laptop to get me through it. Finally, after almost 7 years of being an absolute battleship, it gave symptoms of instability so I figured I'd replace it.

I bought an AMD A8 that was in the same quality range. I figured I'd give the Microsoft OS a chance, but quickly discovered it was eating 300+ megs a day.

THAT was a problem.

So I switched it over to Mint, and it still ate just as much bandwidth. The old A6 never ate that much bandwidth. So then I switched to Knoppix, and the bandwidth usage dropped by about 40 percent. I figured I probably solved the problem with Knoppix.

Evidently I did not.

Two weeks ago for some reason I walked into a pawn shop that had gotten ahold of the garbage totally non functioning computers a company abandoned, and they had a few old AMD laptops in the mix. I bought one for about $15 USD, and discovered that the mother board needed to be baked. That's iffy, so I figured I'd go back and get another one so I'd have two chances. The second one was alive, with no hard disc. So I put one of the Knoppix live flash drives in it and BOOM, IT WORKED PERFECT. So I have been using that.

This is VERY IMPORTANT:

This AMD laptop is from 2010, and with Knoppix on it, it is eating less than half the bandwidth as the new AMD laptop purchased in 2017, doing the exact same work.
How important is that? All you need to do to get the answer is ask one simple question:
For what possible reason would the EXACT SAME OS use twice as much bandwidth on one computer as it does on another, when there is absolutely no perceivable difference in performance?
I am not using less "because the new one is slow," it is NOT slow. I can't tell the difference between the new one and this old one. Why would the old one be eating a lot less internet?

Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.

PROBLEM:

When you are like me, on a limited connection, having the expertise to actually monitor what the * is going on, it is PRETTY DAMN OBVIOUS.
So I'll get a stack of those computers and start baking motherboards . . . . .

Right, but you didn't address my main point ...

... any security expert could easily see that encrypted data is being sent / received when it shouldn't be (assuming every computer is being tracked or targeted). Where's the hordes of IT security experts demanding to know why all these mysterious encrypted connections are transferring data? Whether the data is encrypted or not holds no relevance to my point.

Targeting has to be incredibly specific, and there has to be very little in the way of protection on the target machine. If it was ubiquitous, it would have been noticed looong ago.

Right, but you in turn might not have addressed my main point ... :).

Bulk collection of "secret" data (e.g. encryption keys), exfiltrated via encrypted data streams that might raise the suspicions of "hordes of IT security experts", need NOT occur.

Rather only the means to remotely initiate targeted exfiltration need to be in place, through such hooks as exist in CPU's, Operating Systems, and major system and application software platforms.

===

Also, I suspect that you overestimate the ability of "hordes of IT security experts" to identify most security compromising, but (intentionally or otherwise) obfuscated, data streams in most any ordinary Internet traffic data stream.

Similarly, software experts cannot identify most security compromising, but (intentionally or otherwise) obfuscated bugs in large software systems.

Such experts are such because they can find what they are looking for, not because they fully or even substantially understand the "rest of it". For example, there are 100's of thousands of new or changed lines of code in each Linux kernel release. No one understands more than some small portion of it, in their area of expertise. I am confident that the situation is even worse with Windows and Systemd.

Analyzing network traffic from any device that is hosting a multitude of applications and drivers is not done by identifying and understanding all the data, but rather by figuring out a way to filter out the particular data relevant to the problem at hand.

Right, but you didn't address my main point ...

... any security expert could easily see that encrypted data is being sent / received when it shouldn't be (assuming every computer is being tracked or targeted). Where's the hordes of IT security experts demanding to know why all these mysterious encrypted connections are transferring data? Whether the data is encrypted or not holds no relevance to my point.

Targeting has to be incredibly specific, and there has to be very little in the way of protection on the target machine. If it was ubiquitous, it would have been noticed looong ago.

Right, but you in turn might not have addressed my main point ... :).

Bulk collection of "secret" data (e.g. encryption keys), exfiltrated via encrypted data streams that might raise the suspicions of "hordes of IT security experts", need NOT occur.

Rather only the means to remotely initiate targeted exfiltration need to be in place, through such hooks as exist in CPU's, Operating Systems, and major system and application software platforms.

===

Also, I suspect that you overestimate the ability of "hordes of IT security experts" to identify most security compromising, but (intentionally or otherwise) obfuscated, data streams in most any ordinary Internet traffic data stream.

Similarly, software experts cannot identify most security compromising, but (intentionally or otherwise) obfuscated bugs in large software systems.

Such experts are such because they can find what they are looking for, not because they fully or even substantially understand the "rest of it". For example, there are 100's of thousands of new or changed lines of code in each Linux kernel release. No one understands more than some small portion of it, in their area of expertise. I am confident that the situation is even worse with Windows and Systemd.

Analyzing network traffic from any device that is hosting a multitude of applications and drivers is not done by identifying and understanding all the data, but rather by figuring out a way to filter out the particular data relevant to the problem at hand.



"ordinary internet traffic" - well, what you are connecting to should be fairly obvious ... If one connects to a specific website, these tools can tell you which server, IP, and if you snoop the data you can tell if its encrypted or not. Not as easy to obfuscate as you say. It could easily be detected (admittedly not by laymen though, I'm taking about people who spend 40 hours a week doing expert level network security). You need a process that is doing the commanding -- it's either a known and welcome process or it is suspicious. If its suspicious, it gets investigated deeply and or removed outright. If it is a known process, and it is somehow suddenly sending encrypted data to odd looking destinations, it then becomes a suspicious (hijacked or modded) process and is investigated.

Everything still needs to start with a process doing the commanding (admittedly Intel (Management Engine) and maybe AMD have processors that continue to run as long as the mobo has power) - and ultimately everything needs to go through a network card. To hide such active "back doors" from a reasonably well experienced network specialist would have to indicate a completely compromised system -- not just a hidden backdoor. It wouldn't be that hard to determine whether such a system was compromised or not.

I am not speaking from the POV of the general public - I agree most people wouldn't have the know how to determine a compromised system unless it was really bad. Is the average joe really a target of the Israeli or Chinese government? Not likely.

So still the attacks would have to be extremely targeted and to remain unseen have to be executed on an already well compromised system.

Again, the only point I am arguing are the claims that this is ubiquitous and everyone is being spied on all the time. Since everyone already uses the internet for almost everything they do, the logical route of data capture is the internet itself -- hence the hooks the NSA, CIA, CSIS etc. have into the internet and social media platforms - since this is where 99% of the data you would want (me being nefarious elite or whatever) this is the platform you would use, and we know is used -- this makes sense for mass spying ... CPU backdoors do not.

CPU backdoors are useful for very specific targeted attacks on people who wouldn't know better - but then there has to be motivation for spying on that person in the first place.

This is VERY IMPORTANT:

This AMD laptop is from 2010, and with Knoppix on it, it is eating less than half the bandwidth as the new AMD laptop purchased in 2017, doing the exact same work.

How important is that? All you need to do to get the answer is ask one simple question:

For what possible reason would the EXACT SAME OS use twice as much bandwidth on one computer as it does on another, when there is absolutely no perceivable difference in performance?

I am not using less "because the new one is slow," it is NOT slow. I can't tell the difference between the new one and this old one. Why would the old one be eating a lot less internet?

Obviously the new AMD processors have back doors in them, and the NSA does not give a crap about how much they increase bandwidth usage because they are assuming things are so fast now anyway that no one will notice.
Running the same Knoppix software on two different systems, and seeing one of the systems use twice the bandwidth of the other, does not necessarily mean that the NSA is using backdoors that are creating the additional bandwidth usage.

It could well be some innocuous adaption of something (app, driver, ...) running on both of the systems, to differences in the hardware configuration (amount of memory, speed of CPU, peripherals attached, ...) that is causing the differences between the two systems bandwidth usage.

Of course, conspiracy theory tin-foil-hat nutcases, such as Jim Stone or myself, will suspect that NSA or similar as the most likely consumer of the extra bandwidth.

:)

"ordinary internet traffic" - well, what you are connecting to should be fairly obvious ... If one connects to a specific website, these tools can tell you which server, IP, and if you snoop the data you can tell if its encrypted or not. Not as easy to obfuscate as you say. It could easily be detected (admittedly not by laymen though, I'm taking about people who spend 40 hours a week doing expert level network security). You need a process that is doing the commanding -- it's either a known and welcome process or it is suspicious. If its suspicious, it gets investigated deeply and or removed outright. If it is a known process, and it is somehow suddenly sending encrypted data to odd looking destinations, it then becomes a suspicious (hijacked or modded) process and is investigated.
This I am disagreeing with.

The amount, variety and diversity of "stuff" flowing over a network connection from most any network connected server, desktop or handheld computer or phone running an ordinary variety of applications is too great to make the sort of analysis you describe practical, in most cases, even by experts.

What's more, the very situations must likely to employee the best trained and equipped experts will be just those situations likely to have the greatest volume and diversity of traffic.

What's even more, there's a good chance that the usual network traffic monitoring tools used by such experts have "blind spots", known to some intelligence agencies, which enable some traffic to pass unnoticed, and/or that the "experts" providing these high end IT services are themselves compromised (e.g. - Awan brothers (https://www.reddit.com/r/conspiracy/comments/60l4pu/the_awan_brothers_compromised_at_least_80/)).


Everything still needs to start with a process doing the commanding (admittedly Intel (Management Engine) and maybe AMD have processors that continue to run as long as the mobo has power) - and ultimately everything needs to go through a network card. To hide such active "back doors" from a reasonably well experienced network specialist would have to indicate a completely compromised system -- not just a hidden backdoor.
I disagree :).


So still the attacks would have to be extremely targeted and to remain unseen have to be executed on an already well compromised system.

Again, the only point I am arguing are the claims that this is ubiquitous and everyone is being spied on all the time.
And the primary point that I am making is that some forms of monitoring are not ubiquitous, but rely on covert facilities, such as buried in the CPU's, being enabled on the devices of targeted individuals.

CPU backdoors are useful for very specific targeted attacks on people who wouldn't know better - but then there has to be motivation for spying on that person in the first place.
Anyone known or suspected to have special knowledge of or to be dealing with or influencing sensitive operations or information is a likely candidate for such targeting. This could easily include people who should "know better", and also those who are provided high quality information processing and communication services (such as, for example, the members of the US House of Representatives provided custom "secure" cell phones by the Awan brothers (https://www.reddit.com/r/conspiracy/comments/60l4pu/the_awan_brothers_compromised_at_least_80/).)

===

My key points, which I hope are not buried in our back and forth:

In most cases, there is enough traffic of various sorts traveling over any point in the Internet that a little more traffic can be easily hidden, even from expert monitoring, unless the expert already has a pretty good idea what they are looking for, or unless they are both quite lucky and quite persistent.

The expert monitoring itself, personnel, institutions, infrastructure, and tools, is also sometimes compromised.

Hooks buried deep in the CPU do not need to be broadcasting most of the time, from most devices using that CPU, to be quite useful. Rather such hooks can provide quite useful tools to enable semi-automated increased surveillance of fairly sizable sub-groups of people, while remaining more or less silent for most people, most of the time.

I have a long, albeit modest, history of network analysis, going back to contributing to the initial Network General Sniffer development, prior to its release in 1988. I am certain that I would NOT be able to identify all the network traffic coming out of the PC that I am typing on now, even though I have spent 100's, if not 1000's of hours and much expertise in choosing and limiting what software runs on this Linux PC, and even though I have considerable expertise in significant portions of that software. There is way too much "stuff" flowing across the wires these days.

... <trim> ...


Everything still needs to start with a process doing the commanding (admittedly Intel (Management Engine) and maybe AMD have processors that continue to run as long as the mobo has power) - and ultimately everything needs to go through a network card. To hide such active "back doors" from a reasonably well experienced network specialist would have to indicate a completely compromised system -- not just a hidden backdoor.
I disagree :).


So still the attacks would have to be extremely targeted and to remain unseen have to be executed on an already well compromised system.

Again, the only point I am arguing are the claims that this is ubiquitous and everyone is being spied on all the time.
And the primary point that I am making is that some forms of monitoring are not ubiquitous, but rely on covert facilities, such as buried in the CPU's, being enabled on the devices of targeted individuals.

CPU backdoors are useful for very specific targeted attacks on people who wouldn't know better - but then there has to be motivation for spying on that person in the first place.
Anyone known or suspected to have special knowledge of or to be dealing with or influencing sensitive operations or information is a likely candidate for such targeting. This could easily include people who should "know better", and also those who are provided high quality information processing and communication services (such as, for example, the members of the US House of Representatives provided custom "secure" cell phones by the Awan brothers (https://www.reddit.com/r/conspiracy/comments/60l4pu/the_awan_brothers_compromised_at_least_80/).)

===

My key points, which I hope are not buried in our back and forth:

In most cases, there is enough traffic of various sorts traveling over any point in the Internet that a little more traffic can be easily hidden, even from expert monitoring, unless the expert already has a pretty good idea what they are looking for, or unless they are both quite lucky and quite persistent.

The expert monitoring itself, personnel, institutions, infrastructure, and tools, is also sometimes compromised.

Hooks buried deep in the CPU do not need to be broadcasting most of the time, from most devices using that CPU, to be quite useful. Rather such hooks can provide quite useful tools to enable semi-automated increased surveillance of fairly sizable sub-groups of people, while remaining more or less silent for most people, most of the time.

I have a long, albeit modest, history of network analysis, going back to contributing to the initial Network General Sniffer development, prior to its release in 1988. I am certain that I would NOT be able to identify all the network traffic coming out of the PC that I am typing on now, even though I have spent 100's, if not 1000's of hours and much expertise in choosing and limiting what software runs on this Linux PC, and even though I have considerable expertise in significant portions of that software. There is way too much "stuff" flowing across the wires these days.

Fair enough .... except that you seem to be claiming to disagree that the communication doesn't need to go through the network card ... huh? :confused: (maybe I applied the position of your "I disagree" to the wrong part?)

My key point:
Mass surveillance happens at the internet level, not via "backdoors" as many are claiming.

I think we've mostly whittled down to some base agreements.

Fair enough .... except that you seem to be claiming to disagree that the communication doesn't need to go through the network card ... huh? :confused: (maybe I applied the position of your "I disagree" to the wrong part?)
There are many ways to exfiltrate data from a computer; the network is the most common, but certainly not the only way.


My key point:
Mass surveillance happens at the internet level, not via "backdoors" as many are claiming.

It's not an either-or situation. Backdoors play an important role, but not the only role.

Fair enough .... except that you seem to be claiming to disagree that the communication doesn't need to go through the network card ... huh? :confused: (maybe I applied the position of your "I disagree" to the wrong part?)
There are many ways to exfiltrate data from a computer; the network is the most common, but certainly not the only way.

Please explain how data can leave a computer remotely, by not traveling through the peripheral that is physically the part that attaches to the internet.

Please explain how data can leave a computer remotely, by not traveling through the peripheral that is physically the part that attaches to the internet.

Sneakernet (someone copies data to say a thumb drive and walks out - ask Seth Rich about that one - oops you can't - he's dead).
Blinking lights or pulsing power by a computer that is offline, read by a nearby computer.
Border guard forces you to open your smart phone so they can browse what's on it.
Swat team confiscates your computer and examines its contents.
Other forms of electronic communication, besides the Internet, such as HAM radio.

Here's some more such ideas: How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs (https://thehackernews.com/2018/04/bitcoin-wallet-keys.html).

There are also a variety of Steganographic techniques (https://en.wikipedia.org/wiki/Steganography) for "hiding data in plain site", which could be used to exfiltrate data over an openly monitored Internet connection without it being evident, even to an expert observer, that data was being sent out.

Please explain how data can leave a computer remotely, by not traveling through the peripheral that is physically the part that attaches to the internet.

Sneakernet (someone copies data to say a thumb drive and walks out - ask Seth Rich about that one - oops you can't - he's dead).
Blinking lights or pulsing power by a computer that is offline, read by a nearby computer.
Border guard forces you to open your smart phone so they can browse what's on it.
Swat team confiscates your computer and examines its contents.
Other forms of electronic communication, besides the Internet, such as HAM radio.

Here's some more such ideas: How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs (https://thehackernews.com/2018/04/bitcoin-wallet-keys.html).

There are also a variety of Steganographic techniques (https://en.wikipedia.org/wiki/Steganography) for "hiding data in plain site", which could be used to exfiltrate data over an openly monitored Internet connection without it being evident, even to an expert observer, that data was being sent out.

Ok, lol, ... but you went way off topic. I asked about, and this whole thread is about remote connection via the internet through a backdoor - I assumed you were referring within the context. My mistake.

For a moment there I thought you were going to explain some new type of exotic psychotronic mind meld with alien technology where the contents of a drive could be read remotely via a psychic interface, or something like that. ;)

Ok, lol, ... but you went way off topic. I asked about, and this whole thread is about remote connection via the internet through a backdoor - I assumed you were referring within the context. My mistake.
I answered your question, which was:
Please explain how data can leave a computer remotely, by not traveling through the peripheral that is physically the part that attaches to the internet.
In other words, there are many ways to exfiltrate data out of a computer, unbeknownst to, and/or without the permission of, the owner of the computer or of the data on the computer.

There are also ways to exfiltrate data out over the Internet, using the ordinary network connections, without being noticed. Given the amount and variety of data, much of it encrypted end-to-end, and the variety of website URL's that an ordinary web page might send requests to in order just to load, where perhaps all these requests are encrypted using https, it doesn't even take fancy steganographic techniques to hide in all the noise.

Hence, back to the primary point of this thread, CPU security holes can be an essential element in exfiltrating secret data from targeted computers, by capturing the critical data when it is not encrypted.

After which, there are a variety of means by which the data can be exfiltrated, and even going "over the wire (or wireless)" to the Internet is easily made almost undetectable.

For example, I just now loaded "yahoo.com" in another tab of my browser, and watched the traffic generated. It issued encrypted https requests to some 69 various URL's, just to load that one page. It would have been totally easy to hide some nefarious traffic in that traffic.

Ok, lol, ... but you went way off topic. I asked about, and this whole thread is about remote connection via the internet through a backdoor - I assumed you were referring within the context. My mistake.
I answered your question, which was:
Please explain how data can leave a computer remotely, by not traveling through the peripheral that is physically the part that attaches to the internet.
In other words, there are many ways to exfiltrate data out of a computer, unbeknownst to, and/or without the permission of, the owner of the computer or of the data on the computer.

There are also ways to exfiltrate data out over the Internet, using the ordinary network connections, without being noticed. Given the amount and variety of data, much of it encrypted end-to-end, and the variety of website URL's that an ordinary web page might send requests to in order just to load, where perhaps all these requests are encrypted using https, it doesn't even take fancy steganographic techniques to hide in all the noise.

Hence, back to the primary point of this thread, CPU security holes can be an essential element in exfiltrating secret data from targeted computers, by capturing the critical data when it is not encrypted.

After which, there are a variety of means by which the data can be exfiltrated, and even going "over the wire (or wireless)" to the Internet is easily made almost undetectable.

For example, I just now loaded "yahoo.com" in another tab of my browser, and watched the traffic generated. It issued encrypted https requests to some 69 various URL's, just to load that one page. It would have been totally easy to hide some nefarious traffic in that traffic.

Then you rather ignored the word "remotely" in my query - as indicated by your response. I did put that there on purpose to indicate that I was referring within context. So it was your mistake, I was just being polite. you're forgiven. :)

You're rather running the conversation away from all my key points and obfuscating the intent of the discussion by adding in way out of context responses that don't even pertain the discussion topic or the topic of this thread. At the end of the day, if you can just monitor the internet data from a computers connection after it leaves the computer, no one can detect it. This is far easier and than trying to gain access to someone's computer, so why pick the hard, potentially risky way if you don't have to? If you need specific data say off of someone's drives, then it makes sense to use backdoor tools for a specifically targeted attack.

Anyway the conversation is getting weak, time to sign out from this discussion. Till next time ... :)

Then you rather ignored the word "remotely" in my query - as indicated by your response.
Any means of exfiltration can end up going remotely, perhaps via several steps. Seth Rich's exfiltration of some US Democratic National Committee's data ended up on Wikileaks, across the pond, without ever (so far as we know) traversing the Internet on its way there.


You're rather running the conversation away from all my key points and obfuscating the intent of the discussion by adding in way out of context responses that don't even pertain the discussion topic or the topic of this thread.
I just explained in my previous post, yet again, how getting data out of a CPU, before it's end-to-end encrypted, or when it's not even intended to be transmitted outside the computer at all, is the first critical step in exfiltrating secret data. The CPU Security Holes that this thread considers are exactly a useful means for doing that.


At the end of the day, if you can just monitor the internet data from a computers connection after it leaves the computer, no one can detect it.

An increasing portion of the data traversing the Internet, in this time of increasing https dominance and other popular encrypted messaging schemes, is end-to-end encrypted while it traverses the Internet. "Just monitoring" won't get that data. Nor will it get data (such as private crypto keys) that was never intended to be sent in the first place.

That's why CPU Security Holes are valuable. You can get data that you might not otherwise be able to get, and you can usually exfiltrate it (given all the noise on the Internet) without being noticed, even by eagle-eyed security experts.

Good time to end this discussion - agreed :).

Brendon O'Connell- Israel Has Back Door on All Microsoft Devices (https://www.henrymakow.com/2019/04/brendon-oconnell-israel-has-b.html)

by Brendon O'Connell (henrymakow.com)
April 20, 2019

https://www.henrymakow.com/upload_images/talpiot.jpg


With Microsoft's move to Israel, Israel now has full and total access to all home, business, corporate, and soon, military computers - The Pentagon Cloud Contract (JEDI).

A sick, psychotic racial and religiously supremacist state with an ultra-right-wing extremist at the helm has the planet at its fingertips.


---------------------------------------


by Brendon O'Connell
(henrymakow.com)

Microsoft Windows 10 is now fully coded in Israel:


The Windows Security Center.



Updates.



R&D.

It's all done in Israel.

The NSA has to mess about to get their malware implanted in 90% of the world's computers. Not Israel, they just include it with a forced update.

It's official, Windows is now officially fully malware in its own right.

But it gets worse.

The Intel hardware backdoor is not limited to the "Management Engine." There are dozens of "God Mode" registry entries that give access to the DEC - Deeply Embedded Core. The Goldman Sachs funded "Arc Processor". This means a simple entry such as "0f3f" in machine code at the command line level will give full access to a system with full administrator privileges. Cybersecurity specialists are full time searching for these computational entries and there are potentially millions.

All of these dozens of software and hardware backdoors were implanted from around 2006 and on, when Intel moved to Israel.

The ramifications are catastrophic in nature.

Israel is now deeply in bed with China and Russia on the massive Belt & Road project. No one is pulling up Israel and it's massive technology theft out of the United States and elsewhere.

A sick, psychotic racial and religiously supremacist state with an ultra-right-wing extremist at the helm has the planet at its fingertips.

Now you know how Israel is so powerful.

Can they be stopped?

This is the most pressing and urgent issue...ever.

1 - ISRAELS SECRET WEAPON THE TALPIOT PROGRAM
How Israel totally dominates cybersecurity and has planted high-level corporate spys all over the world via their Talpiot Program run under Israeli military intelligence. https://www.youtube.com/watch?v=babgv2qRf4k&t=1s


babgv2qRf4k
2 - ISRAELI DRONES WORLD WIDE
1. How Russia China & Israel work together for the One Belt One Road Project.
2. How Israel steals US technology and passes on to China, Russia and Iran.
3. How this is impacting on the Middle East.
4. I ring Homeland Security to make a complaint about Jewish Zionist spying in America - it a good one hour watch. https://www.youtube.com/watch?v=hfHYJPebq4c

hfHYJPebq4c
3 - BI BI'S GOT A KILL SWITCH AND HE LIKES TO USE IT
Israel has kill switched the entire planets critical infrastructure. From banking to hospitals to power grids to the Internet of Things and Military Industrial Complex of the United States. Israel is a cyber technology juggernaut. https://www.youtube.com/watch?v=C0Sw-4MsGQI


C0Sw-4MsGQI
4. KOMPRAMAT | HOW ROGER STONE WORKED WITH ISRAELI & RUSSIAN INTELLIGENCE
Detailing how Roger Stones worked with A Wall Street sex worker to compromise targets of interest for the Israeli and Russian state intelligence apparatus. https://www.youtube.com/watch?v=UnPNotP5PHU


UnPNotP5PHU
5. DID RUSSIA & ISRAEL "RE-SHAPE" THE MIDDLE EAST FOR THE BENEFIT OF THE BELT & ROAD INITIATIVE?
The Oded Yinon plan was first postulated in the 1970s as a way to "re-shape the Middle East" for the benefit of Israel.

What it was really about is long term Soviet-era strategic planning to "re-shape" the Middle East for the benefit of The Belt & Road economic development under the CFR (Communism For Rothschild) and other Round Table Groups? The East India Trading Company writ large.

911 was meant to happen in 1992-3. The Israeli company lost the security contract in 1988. And 911 was over ten years behind schedule along with the Belt & Road Initiative. All praise to the New York Port Authority employee who spotted war criminal Avraham Shalom Bender and Zvi Malkin.

Israel should be called "Soviet Israel". https://www.youtube.com/watch?v=R7sjnGtzodY


R7sjnGtzodY
6. CHINA & RUSSIA STEAL U.S TECHNOLOGY VIA ISRAEL
The B.I.R.D, the B.I.R.D, the B.I.R.D is the word.

The Bi-national Industrial Research & Development Foundation.

The greatest security penetration...ever...is so funny you have to laugh. Its the only way to cope.

This is a catastrophe for the United States and it is in full view.

Russia got Israel to set up the Bi-national Science Foundation (B.S.F) in 1973 under Nixon and Henry Kissinger.

The B.I.R.D was set up in 1978, around the same time they set up The Talpiot Program.

And then they have the B.A.R.D - Bi-national Agricultural Research & Development Foundation.

Here it is...no one will talk about it. http://uscode.house.gov/view.xhtml?req=%28title:42%20section:17337%20edition:prelim%29So, when you see BiBi bragging about how clever Israeli scientists are, what he's really saying is his Russian immigrant scientists are very good at stealing US technology. https://www.youtube.com/watch?v=ZuW0vhn-J9g


ZuW0vhn-J9g
-----

Related - Microsoft Unveils Two Secret Data Centers for Classified US Government Data (https://www.defenseone.com/technology/2019/04/microsoft-unveils-two-secret-data-centers-built-classified-government-data/156397/?oref=d-river)

----------

First Comment from Peter in Australia-

Glad to hear that Brendon, whom I call facetiously Australia's greatest anti-semite in exile, is still alive and onto it.

I've also followed Jim Stone on these types of topics for some time now - see https://web.archive.org/web/20121014103629/http://jimstonefreelance.com/corevpro.html

Purchasing a new laptop this year, I went for AMD , even though they too like Intel are probably compromised since A6, being made in China (https://www.productfrom.com/products/CN/0/PC-Processors/1). And the HP brand I bought is everpresent in Israel corralling the apparently doomed Palestinians.

The thing with these new laptops is that it won't work without an EFI part of the drive which is linked inexorably with the UEFI/BIOS of the motherboard. It, therefore, cannot be run without the Windows component lurking ( see https://threatpost.com/microsoft-mistakenly-leaks-secure-boot-key/119828/ as to why this is a bad idea), even though I would like to wipe it all out and go just with Linux. Not that anything recent does not have Israel inside with back door chips as Brendon outlines.

Short of the Samson option, Israel will no more likely be held to account than the original Hollywood moguls were 'persecuted' for stealing all their gear from Edison and heading off to the wild west to subvert culture as the world's greatest victims.

Brendon O'Connell- Israel Has Back Door on All Microsoft Devices (https://www.henrymakow.com/2019/04/brendon-oconnell-israel-has-b.html)

by Brendon O'Connell (henrymakow.com)

...
With Microsoft's move to Israel, Israel now has full and total access to all home, business, corporate, and soon, military computers - The Pentagon Cloud Contract (JEDI).

A sick, psychotic racial and religiously supremacist state with an ultra-right-wing extremist at the helm has the planet at its fingertips.

...
Microsoft Windows 10 is now fully coded in Israel:

...
A sick, psychotic racial and religiously supremacist state with an ultra-right-wing extremist at the helm has the planet at its fingertips.

Now you know how Israel is so powerful.

Can they be stopped?

This is the most pressing and urgent issue...ever.

1 - ISRAELS SECRET WEAPON THE TALPIOT PROGRAM
2 - ISRAELI DRONES WORLD WIDE
3 - BI BI'S GOT A KILL SWITCH AND HE LIKES TO USE IT
4. KOMPRAMAT | HOW ROGER STONE WORKED WITH ISRAELI & RUSSIAN INTELLIGENCE
5. DID RUSSIA & ISRAEL "RE-SHAPE" THE MIDDLE EAST FOR THE BENEFIT OF THE BELT & ROAD INITIATIVE?
6. CHINA & RUSSIA STEAL U.S TECHNOLOGY VIA ISRAEL

My hunches are that:

Some more superficial threats are overly dramatized above.
Underlying, far more serious challenges to humanity are hidden.
China's becoming the dominant technical and economic power of this century.
The Taming of the Human Spirit proceeds on many fronts.
Israel is a "cat's paw", a useful tool of higher powers.

Brendon O'Connell- Israel Has Back Door on All Microsoft Devices (https://www.henrymakow.com/2019/04/brendon-oconnell-israel-has-b.html)

by Brendon O'Connell (henrymakow.com)
In a couple of the videos you provide, it seems to me that Brendon O'Connell is pursuing a very aggressively anti-Israel agenda.

So when he presents facts or evidence that supports his apparent agenda, and if those details are not something I already knew or can readily accept as true, then I have to take those presented facts or evidence with a grain of salt ... to they support a true and balanced perspective on affairs, or is Brendon O'Connell cherry picking and massaging the evidence, to better support his apparent agenda.

An interesting open letter from Andrew S. Tanenbaum's website https://www.cs.vu.nl/~ast/intel/:

An Open Letter to Intel

Dear Mr. Krzanich,

Thanks for putting a version of MINIX inside the ME-11 management engine chip used on almost all recent desktop and laptop computers in the world. I guess that makes MINIX the most widely used computer operating system in the world, even more than Windows, Linux, or MacOS. And I didn't even know until I read a press report (https://www.networkworld.com/article/3236064/servers/minix-the-most-popular-os-in-the-world-thanks-to-intel.html) about it. Also here (https://www.techpowerup.com/238514/intel-cpu-on-chip-management-engine-runs-on-minix) and here (https://hexus.net/tech/news/software/111857-intel-management-engine-runs-minix-3-os/) and here (http://blog.ptsecurity.com/2017/08/disabling-intel-me.html) and here (https://liveatpc.com/widely-used-os-world-least-known/) and here (http://webwereld.nl/security/101772-het-populairste-besturingssysteem-ter-wereld-is---minix) (in Dutch), and a bunch of other places.

I knew that Intel had some potential interest in MINIX several years ago when one of your engineering teams contacted me about some secret internal project and asked a large number of technical questions about MINIX, which I was happy to answer. I got another clue when your engineers began asking me to make a number of changes to MINIX, for example, making the memory footprint smaller and adding #ifdefs around pieces of code so they could be statically disabled by setting flags in the main configuration file. This made it possible to reduce the memory footprint even more by selectively disabling a number of features not always needed, such as floating point support. This made the system, which was already very modular since nearly all of the OS runs as a collection of separate processes (normally in user mode), all of which can be included or excluded in a build, as needed, even more modular.

Also a hint was the discussion about the license. I (implicitly) gathered that the fact that MINIX uses the Berkeley license was very important. I have run across this before, when companies have told me that they hate the GPL because they are not keen on spending a lot of time, energy, and money modifying some piece of code, only to be required to give it to their competitors for free. These discussions were why we put MINIX out under the Berkeley license in 2000 (after prying it loose from my publisher).

After that intitial burst of activity, there was radio silence for a couple of years, until I read in the media (see above) that a modified version of MINIX was running on most x86 computers, deep inside one of the Intel chips. This was a complete surprise. I don't mind, of course, and was not expecting any kind of payment since that is not required. There isn't even any suggestion in the license that it would be appreciated.

The only thing that would have been nice is that after the project had been finished and the chip deployed, that someone from Intel would have told me, just as a courtesy, that MINIX was now probably the most widely used operating system in the world on x86 computers. That certainly wasn't required in any way, but I think it would have been polite to give me a heads up, that's all.

If nothing else, this bit of news reaffirms my view that the Berkeley license provides the maximum amount of freedom to potential users. If they want to publicize what they have done, fine. By all means, do so. If there are good reasons not to release the modfied code, that's fine with me, too.

Yours truly,
Andrew S. Tanenbaum

Note added later: Some people have pointed out online that if MINIX had a GPL license, Intel might not have used it since then it would have had to publish the modifications to the code. Maybe yes, maybe no, but the modifications were no doubt technical issues involving which mode processes run in, etc. My understanding, however, is that the small size and modular microkernel structure were the primary attractions. Many people (including me) don't like the idea of an all-powerful management engine in there at all (since it is a possible security hole and a dangerous idea in the first place), but that is Intel's business decision and a separate issue from the code it runs. A company as big as Intel could obviously write its own OS if it had to. My point is that big companies with lots of resources and expertise sometimes use microkernels, especially in embedded systems. The L4 microkernel has been running inside smartphone chips for years. I certainly hope Intel did thorough security hardening and testing before deploying the chip, since apparently an older version of MINIX was used. Older versions were primarily for education and newer ones were for high availability. Military-grade security was never a goal.

Second note added later: The online discussion got completely sidetracked from my original points as noted above. For the record, I would like to state that when Intel contacted me, they didn't say what they were working on. Companies rarely talk about future products without NDAs. I figured it was a new Ethernet chip or graphics chip or something like that. If I had suspected they might be building a spy engine, I certainly wouldn't have cooperated, even though all they wanted was reducing the memory footprint (= chip area for them). I think creating George Orwell's 1984 is an extremely bad idea, even if Orwell was off by about 30 years. People should have complete control over their own computers, not Intel and not the government. In the U.S. the Fourth Amendment makes it very clear that the government is forbidden from searching anyone's property without a search warrant. Many other countries have privacy laws that are in the same spirit. Putting a possible spy in every computer is a terrible development.
Back to my home page (http://www.cs.vu.nl/~ast)

An interesting open letter from Andrew S. Tanenbaum's website https://www.cs.vu.nl/~ast/intel/:

An Open Letter to Intel

Dear Mr. Krzanich,

Thanks for putting a version of MINIX inside the ME-11 management engine chip used on almost all recent desktop and laptop computers in the world. I guess that makes MINIX the most widely used computer operating system in the world, even more than Windows, Linux, or MacOS. ...
Yes - Tanenbaum's open letter came out in late 2017: https://www.techpowerup.com/238677/minix-creator-andrew-tanenbaum-sends-open-letter-to-intel-over-minix-drama

There's another "OS" inside Intel and AMD CPU's - the UEFI. Back in about the year 2000, when I was working on developing computers using not yet announced Intel processors, I was involved with adapting my company's operating system to the new EFI firmware inside that Intel processor. It was quite obvious to me at the time that Intel's EFI (Extensible Firmware Interface) was a re-write of Microsoft's DOS, with a FAT-like file system, command line prompt, simple editor, executable files, and batch file scripting. EFI's command options and conventions were quite familiar to someone who already knew DOS.

The pretty (well, prettier than the old BIOS) UEFI screen that comes up on all modern X-86 (Intel and AMD) systems these days is basically a GUI application running in this miniature operating environment.

Like Minix in the Management Engine, UEFI also presents a potentially rich attack surface to compromise any of our laptop, desktop or server systems.

Yup, a bogus update on a compromised system could put just about anything down in here:
~$ sudo ls -1F /boot/efi/EFI
BOOT/
debian/
refind/
tools/

How Intel wants to backdoor every computer in the world | Intel Management Engine explained (https://www.youtube.com/watch?time_continue=451&v=Lr-9aCMUXzI&feature=emb_logo)

Apr 7, 2019


Lr-9aCMUXzI

https://yt3.ggpht.com/a/AATXAJzuPoT_2M54dus-P2qXgnbY0MPxbkzvwv3muxQn=s48-c-k-c0xffffffff-no-rj-mo (https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q) The Hated One (https://www.youtube.com/channel/UCjr2bPAyPV7t35MvcgT3W8Q)

Intel embeds Management Engine into all of its computers since 2008.

Intel Management Engine has been criticized for its security risks and has been called a backdoor with rootkit possibilities by many security experts and researchers. This is Intel Management Engine. A subsystem microprocessor that’s operating inside every Intel CPU platform made from 2008 onward. Despite its name and some basic functions, we don’t know anything about what Intel Management really does.

What we do know is that this microcontroller works completely independently from the main CPU. It can’t be manually removed or disabled. Even if the main computer is powered off, as long as it is plugged in to the mains or the battery, IME will continue to run. Intel Management Engine is a computer within a computer. It is running it’s own operating system, called Minix, and is installed by default on every modern computer with an Intel CPU. This probably makes Minix the most widely used operating system in the world. But unlike Windows, Mac OS or Linux, Minix is completely outside of user control. It cannot be scanned by an antivirus or malware detection software. It can bypass any firewall configuration and has a dedicated network connection that can circumvent the main CPU and the main operating system.

Sources and further reading
https://www.slideshare.net/codeblue_j... (https://www.youtube.com/redirect?redir_token=QUFFLUhqa3N3RjdlQmo1cUFJVW1lOWJrZFFSc2dmNTdpUXxBQ3Jtc0trQTQwWV9aZzFmZFpsV3pMUHJ hc2F1bGZ3TFVJeWVpVmtMTWtLY0JkbzZOWTdQbVdpOXVIeG1KR0FyUEN4RXlvZ1NWN3VLM2NDMHBOYl9SR3Q1M0VISUhKQjlnb0Q 3TjJ2RFlJWGdjemZQYlYwQndPaw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.slideshare.net%2Fcodeblue_jp%2Figor-skochinsky-enpub%2F17)
https://www.howtogeek.com/334013/inte... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbDJkcG5lU0JlWVpucUg5cnoyQ2NXU0duYnZJd3xBQ3Jtc0trQVhVbnF1cmRXQXA0Tm5tdXV CTkZsRzRpZWxLU1Z3aS1QQUVrX2tuNjVab0p1MjYyUWstNmJqSTZKY0xWZWxzLUhPdFpnZXdFLTV6UnpVZVhhcEhRZlJPZThRaDB JbU82Z0NfRVRJc1U4ZFowZlZYQQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.howtogeek.com%2F334013%2Fintel-management-engine-explained-the-tiny-computer-inside-your-cpu%2F)

Intel Management Engine security problems
https://boingboing.net/2016/06/15/int... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbk43WFl5UnJBMVoxNHM5TWZwZm5HT3pUT3JGZ3xBQ3Jtc0tseDdPU0U5WGExVkFhZEVxYjR jbG5OZ2JOS2ZjMENzQlQ3aE1kb0dPZjRPS3l4bGJpV1F2dG1VUHdOcWZyaFM4ZTFWSGdZWXBEZlVmU0FRNTVYZmVLQm1uQzh0NEZ aT3p1STREaEdJRXlabDdGcTdoVQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fboingboing.net%2F2016%2F06%2F15%2Fintel-x86-processors-ship-with.html)
https://www.csoonline.com/article/322... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbUQwcDQ1NmxkNW9tUkNGVFpScXljY3ZzaGhrQXxBQ3Jtc0tsSXFXM29HUXFBcTJfTlNwT3V ibFRPRTZDTjNMTG8yM3kxR01uNTQ3a29aQlR1dGRSRDdPRlBPVkFtallWZWxaLVktWGdzZ0hfbGpPaXZCOERoNzBFYkp0VUZZaDF tZlFhVlBfVVh3T3kzcUVFUWo0RQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.csoonline.com%2Farticle%2F3220476%2Fresearchers-say-now-you-too-can-disable-intel-me-backdoor-thanks-to-the-nsa.html)
https://www.techrepublic.com/blog/it-... (https://www.youtube.com/redirect?redir_token=QUFFLUhqa2ZTOFhYamM0MWM0WUhJaFd3akVjWnpPVU9ad3xBQ3Jtc0ttR25jVE9PMVNpbTlzVU5QazN OdXNueDIxN2tpZHZUSm15UF9QVi1rcjVKaVB3QjZXb3B4WnAwVkRLMjVxV1Fxb1BUakZyNUlvdGR0WW9iTDhpQUJWUlFpY1RjcC1 0bWpON3pYS0hlTjBtTVRoTHJ1aw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.techrepublic.com%2Fblog%2Fit-security%2Fresearchers-create-nearly-undetectable-hardware-backdoor%2F)
https://www.zdnet.com/article/intel-w... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbkVmTTBNYUdyTFFlT2ZEcl8tS0Q1M3hUS2hOZ3xBQ3Jtc0tuZDVJYzRUOHBmbmtmOWtUNkZ 2dWZrSWJXRUpzQi1PSlpHaDVnZ29IOGoyZE9kQVktWl92MDc5MmQzMDF6QXVob1VRYzYxZ1IzbW8yRHROUUw3cnRwTnBkemtfMHc zdkRVWlVyWGk3cEdxY0NXaVFnNA%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fintel-weve-found-severe-bugs-in-secretive-management-engine-affecting-millions%2F)
https://www.eff.org/deeplinks/2017/05... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbWNDczJNTUp2NS1UMktHSDZ5dGFMZlVkY3NKd3xBQ3Jtc0tuT09tYXRPWGlXM2d5MVhWQjZ 1MWotQWVqNjBSVHExY0l3bW5NLVA5X3k5T1FTMk5vV1pJVXFPZy1hMjB2UkZuRzRIMjV4UGlUVWl6b3NwV2F0X3dGaE1hdTZxZ3R 4LXJfZjBXMVc2TW1VdjluMVhJQQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.eff.org%2Fdeeplinks%2F2017%2F05%2Fintels-management-engine-security-hazard-and-users-need-way-disable-it)
https://mjg59.dreamwidth.org/48429.html (https://www.youtube.com/redirect?redir_token=QUFFLUhqbDFsSjdhN3pURFV0MGoyeEQwNlBMNjVpVVROUXxBQ3Jtc0traldGSjZFLUZXYldtTklZQmx JOHlBNXplelZuNXo0dHYwbkJkbW0zSGswdkFTejlTTEF3bFlVNFFjbkFwN1ZvRlZwSERmSG1oU0kzVklrR0J3LVpveUVSaEhVSG9 teGlkYzFFMVNPckJ6V2hTRVhlcw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fmjg59.dreamwidth.org%2F48429.html)
https://www.wired.com/story/intel-man... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbjR6akt4MVRkZjE4SVpyTjFKQlljRXZPSWNWd3xBQ3Jtc0treVZaYjFWRWJVa1VaLWdtR1d vaXlEOXBtZDVDbVJ0RHJfc2lKcWNWdlNJdFh2SHBFWVdYZkd3c1BuV1puSlB6WXJWVlMwQkdnRnlHVWdrbnFVMGk2YTA4b21YbTM 5Ni1ET0pQUzdYMmVScFFvS1R5TQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.wired.com%2Fstory%2Fintel-management-engine-vulnerabilities-pcs-servers-iot%2F)
https://www.zdnet.com/article/compute... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbkVyWm9Tb1ZFN0tGVjNaLVpIS0V0Z213QnJBd3xBQ3Jtc0ttVXNGOHVvV01JZDNQWWQtSHJ EN3p4SWQtMjUwT2FDSWNsbnZ5emJKRXpqaEE5TG0zT0x1d0d1VEVfOHloSG1sbXJlZVdLd20zODd2Q3Zvd0dPMFBRNFk3WndXM3M 5TDZ0VU5aRExCaGlJanJCaFd1aw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fcomputer-vendors-start-disabling-intel-management-engine%2F)
https://www.zdnet.com/article/minix-i... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbUd4cEFQRFI3TVduUkFnQklsVmhFSWh5dHJRQXxBQ3Jtc0ttNXRCcm1uZ2piakhJXzZ6d0o 2RkUyQXZhbjBjVnN1QWs2anRvYkthYTRrZF9qd0dwckdtZ1lRWGVkOGpRWEVQQ29TTS1xbEdsT0lFQ196WGlTa2Rwdi1ZaEozYzQ yT0EtV2FmRTFtVjVuSzlXcEhMRQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fminix-intels-hidden-in-chip-operating-system%2F)
https://www.networkworld.com/article/... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbjlKYjBRaktORzRZbFF4RDZKNEdHUEVtRGZKZ3xBQ3Jtc0trQXpsbmt3UHUxNHB1ZTVLUU8 2MWtSb3N6SDg1WXZMcjlYc0pud3pNejRON2R1VV8xQm5VRS04MHdEWThheHlWWGUwUFVGZGVrd21KLUhqdGNyOTlvOVFRTlVybXk zQ29WanlKTTN1UHZrTFMzQnYzOA%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.networkworld.com%2Farticle%2F3236064%2Fminix-the-most-popular-os-in-the-world-thanks-to-intel.html)
https://www.fsf.org/blogs/sysadmin/th... (https://www.youtube.com/redirect?redir_token=QUFFLUhqa3ZaT2JOd19IMWZkWXFQY2RTYS1kbXJ6ekJCUXxBQ3Jtc0ttbWw3MFRoV1pHbDdoTk02d1h lczEtSUR5enY1d255UTNBYTJaLXJqalpidVdNcV85OERmdlJla0RhRkpQbzBBcHlfTlVuTWFUdGRjSENsSGlqN2pNT2tWMDMtdFV JZzZnSTRkTDlEZjZoUG1BaEpyZw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.fsf.org%2Fblogs%2Fsysadmin%2Fthe-management-engine-an-attack-on-computer-users-freedom)
https://www.fsf.org/blogs/licensing/i... (https://www.youtube.com/redirect?redir_token=QUFFLUhqa0NWRUJETkZCV3hxRnBRa2FoNVJzQlY1UWlBUXxBQ3Jtc0trRjVtSnh4cW5oTms0M3JVeEF zY0JfZGQzTE5KbUlWN3JFX0drRTF1MDdSSlY1cDBlUUdkY28yYjBCakZ5LXRtRExmZWVaVmo0SWE1eVVvV2thYkhreWluYWhSVnV EVmpJLTNheXM5RG1KTzlfajlKNA%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.fsf.org%2Fblogs%2Flicensing%2Fintel-me-and-why-we-should-get-rid-of-me)
https://www.zdnet.com/article/researc... (https://www.youtube.com/redirect?redir_token=QUFFLUhqa3FpZjM5N3VXZ2FCRURLUXpZamZWQTZ4QU1YUXxBQ3Jtc0trQkdodlVWcl9kMWt1U3pJNmN 6TWswdnBiNlRvZy1lek0yLVNnSGR5amxqVGVUbTBVTXQ3a1N5MEVhWVNaSmhsSGgybnp2cEE0RldRNnktcVVmMWtsdHVqYXhucjM 3aktTRERHMlM4VzVVMkFhZkh5QQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fresearchers-say-intels-management-engine-feature-can-be-switched-off%2F)

Purism's approach to Intel ME
https://puri.sm/learn/intel-me/ (https://www.youtube.com/redirect?redir_token=QUFFLUhqbWR1bjZxaDJ6SGx2MlVEQVRLWkUzQzBsRmdyUXxBQ3Jtc0tsX0lxTnQ5X1g5MlZ1Y0JHSTB MSl9pRnpoU0dTaXBXRk5QcGlDZHNWUTJTUERXS3dIZnNhLWFRdzI2c2JXc1dOSmZBcE5PamtuQ3JKRkhsYTNTekdmN1VnUUxsR0Z EbUV1cko1VExxZ2c5QUhqci1Haw%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fpuri.sm%2Flearn%2Fintel-me%2F)
https://puri.sm/posts/deep-dive-into-... (https://www.youtube.com/redirect?redir_token=QUFFLUhqbjlldkFXOHdwTW9MNVhvNVBfNEsxdXJhcDNJd3xBQ3Jtc0ttOE1Kc3FhTW9VT25sZjB2ajh QNGt0SndlakhMZ3c3QkgtcW1XSkVBekZQWlphdVpJMDZtdlE3ZnBSS0NwVHBRa0lJOHVoSjFQY2tiZlFhenJwU3BvODNkdTZ5REJ 4VEEwU1NIbjc5SzBlTHlQaWo5RQ%3D%3D&event=video_description&v=Lr-9aCMUXzI&q=https%3A%2F%2Fpuri.sm%2Fposts%2Fdeep-dive-into-intel-me-disablement%2F)