Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In with OpenID
Advertise on LowEndTalk.com

In this Discussion

MINIX: ​Intel's hidden in-chip operating system

MINIX: ​Intel's hidden in-chip operating system

Buried deep inside your computer's Intel chip is the MINIX operating system and a software stack, which includes networking and a web server. It's slow, hard to get at, and insecure as insecure can be.

http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

Thanked by 3Yura Pwner erkin
«1

Comments

  • NeoonNeoon Member
    edited November 2017

    There are actually multiple operating systems, Google released some stuff about it:

    https://schd.ws/hosted_files/osseu17/84/Replace UEFI with Linux.pdf

    https://osseu17.sched.com/event/ByYt/replace-your-exploit-ridden-firmware-with-linux-ronald-minnich-google

    Interesting to read.

    AMD FX, the old CPU gen does not have such a backdoor, Ryzen does.

    Thanked by 2Yura netomx
  • cunts

  • asterisk14 said: Tagged: microsoft government spying backed-up-by-nsa

  • Pretty sure that the Core2Duo was the last-of-breed that didn't have a way to fuck with the underlying system transparently to the OS.

    This place just isn't the same; You know where to find me if you want me.

  • @WSS said: Pretty sure that the Core2Duo was the last-of-breed that didn't have a way to fuck with the underlying system transparently to the OS.

    As far as Intel is concerned i think you are right. AMD has some "newer" CPUs without the management crap though iirc.

  • I am tagging @Intel

    Thanked by 1bugrakoc
  • And I am tagging @endisnigh

    I am a sarcastic troll and has a fetish in PMS. For kids, PMS means "Premenstrual syndrome" and guys can have PMS.

  • @jesus this is scary

  • rm_rm_ Member
    edited November 2017

    mksh said: AMD has some "newer" CPUs without the management crap though iirc.

    Yep, all the way through the aforementioned 4.0 GHz 8-core FX-8350.

    Probably the FX-9370 and FX-9590 are safe as well, but those are rare, hot and expensive (and are nothing but factory-overclocked, voltage-hiked versions of the 8350).

    Thanked by 1mksh
  • I'm dain bramaged today: is this in the actual CPU itself? Or is this UEFI? If I have a hybrid board and disable UEFI, does this still execute?

    Thanked by 1hostdare
  • Interestingly enough this article comes out right when I was fiddling with me_cleaner...

    puts tinfoil hat on

  • It's like Tannenbaum's revenge. "OK, you won that USENET argument, but now you can't run your precious Linux except on top of my MINIX!"

    My Advice: VPS Advice

    For LET support, please click here.

    Thanked by 3scaveney emg vimalware
  • @raindog308 said: It's like Tannenbaum's revenge. "OK, you won that USENET argument, but now you can't run your precious Linux except on top of my MINIX!"

    Do you remember his shit-talking to Linus way back when- saying a monolithic kernel was a shitty stupid design?

    I do. It was one of the better run-ins. Personally, though, I still prefer the jkh vs deraadt IRC dramas. Those were fucking hilarious.

    This place just isn't the same; You know where to find me if you want me.

  • @Damian said: I'm dain bramaged today: is this in the actual CPU itself? Or is this UEFI? If I have a hybrid board and disable UEFI, does this still execute?

    Both. uefi adds a massive shit layer but much of it is in modern bioses, too. Plus, of course intel amd.

    That said, it's not simply a matter of "intel (somewhat more) and amd (somewhat less) are eeeevil!!".

    Most of that shit has grown over more than a decade and mainly based on two factors, a) large corp clients ("we want centralized remote management!") and b) what I call the "us american model", i.e. an unhealthy mix of incompetence, ignorance, make-shift rather than engineering, and above all profit greed without limits. And hey, it worked and until recently almost nobody complained.

    And don't you worry. Technically the evil inventor is neither intel nor amd. It's arm who invented the "trustzone" cancer which has become the core at intel and amd, too.

    As for Tanenbaum/Minix vs linus/linux: Tanenbaum has already forgotten more about OSs than linus could ever hope to learn. When Tanenbaum talks I listen, when linus talks I laugh. So, while that fame is somewhat smelly I'm very pleased to see that Tanenbaums work is used in by far more systems than linus' funny computer game.

    My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

  • @bsdguy said: preferred payment: vague promises of rich great-grand-children supported by a mod.

    What? You don't take miners built in PHP that need to be executed as root anymore!?

    This place just isn't the same; You know where to find me if you want me.

  • @WSS said:

    @bsdguy said: preferred payment: vague promises of rich great-grand-children supported by a mod.

    What? You don't take miners built in PHP that need to be executed as root anymore!?

    Bullshit! Of course I do. It's just that I enhanced sakkurity by putting the whole thing into a browser plugin, you clueless cunt.

    My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

  • If you don't stop calling me cunt, I'm going to send @ricardo to live with you.

    This place just isn't the same; You know where to find me if you want me.

  • @WSS said: If you don't stop calling me cunt, I'm going to send @ricardo to live with you.

    Miguel is still alive?

    Dont'TalkAboutLetClub @WSS is funny and articulated.

    upto32.com Retro at it's best

  • @AuroraZ said: Miguel is still alive?

    As is custom, someone else took over the dormant account. Squaturd rights, and all.

    This place just isn't the same; You know where to find me if you want me.

  • @WSS said:

    @AuroraZ said: Miguel is still alive?

    As is custom, someone else took over the dormant account. Squaturd rights, and all.

    Ahhh gotchas.

    Dont'TalkAboutLetClub @WSS is funny and articulated.

    upto32.com Retro at it's best

  • How goes the pooping? Had some fruit today, so I'm pretty pleased with myself. Didn't even leave a ring around the grundies.

    This place just isn't the same; You know where to find me if you want me.

  • Mostly the same of course need to eat to poop so.......there's that

    Dont'TalkAboutLetClub @WSS is funny and articulated.

    upto32.com Retro at it's best

  • but if you eat the poop then can you crap out food?

    This place just isn't the same; You know where to find me if you want me.

  • WSS said: but if you eat the poop then can you crap out food?

    Intel seems to think so.

    Thanked by 2WSS scaveney
  • Hmm... so Intel installs backdoor into people's PCs and you can't do much about it without risking the chance of bricking the system... Well.... you learn something new everyday!

    Powered by: Virmach - LEB30 for 30% off! // Gullo's Hosting - NAT VPS for $2/yr! CA DE BG

  • @Edmond said: Hmm... so Intel installs backdoor into people's PCs and you can't do much about it without risking the chance of bricking the system... Well.... you learn something new everyday!

    Or, you know, ten years ago..

    This place just isn't the same; You know where to find me if you want me.

  • Meanwhile AMD EPYC has Secure Memory Encryption and Secure Encrypted Virtualization. They still have an ARM TrustZone though I believe but that's to be expected I suppose.

  • Black Friday 2017 winner: Veesp.com

  • @WSS said: If you don't stop calling me cunt, I'm going to send @ricardo to live with you.

    Inacceptable. You are much more handsome than him; he's not even a cunt, cunt!

    My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

  • WSS said: Pretty sure that the Core2Duo was the last-of-breed that didn't have a way to fuck with the underlying system transparently to the OS.

    I'm curious if you have any more details like that, or a link. I just put together a new Tor box and deliberately used an Intel Pentium 4 511 on a 915GEV mother board. That's probably safe and it certainly is plenty powerful for secure communication and basic browsing.

  • @WSS said:

    @Edmond said: Hmm... so Intel installs backdoor into people's PCs and you can't do much about it without risking the chance of bricking the system... Well.... you learn something new everyday!

    Or, you know, ten years ago..

    K, probably have known but didn't really care enough to try and hope I don't brick my PC. Happy now?

    Powered by: Virmach - LEB30 for 30% off! // Gullo's Hosting - NAT VPS for $2/yr! CA DE BG

  • Puri.sm is the newest breed of manufacturer that got Intel ME disabled. So, I believe they could save us. Or go with good old T400 laptops and Libreboot and a free/libre OS on top of it.

  • JarryJarry Member
    edited November 2017

    It seems there is already working attack on Intel ME. This one is local (over usb), but it is just a matter of time when similar attack over eth appears...

    http://securityaffairs.co/wordpress/65327/hacking/intel-management-engine-flaw-hack.html

    https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5689

  • Get a chrome book, these run on ARM and google runs there own solution on there, put Debian on, problem solved.

    But no idea how good this performs.

  • rm_rm_ Member
    edited November 2017

    Neoon said: Get a chrome book, these run on ARM and google runs there own solution on there

    Nah, as said above:

    Technically the evil inventor is neither intel nor amd. It's arm who invented the "trustzone" cancer which has become the core at intel and amd, too.

    Modern ARM contains TrustZone, which is a small separate CPU in a CPU, running proprietary secret code. Who knows which backdoors it might contain. Maybe ARM is not worse than Intel, but it's not any better either.

  • So, we are doomed, crap. Go and buy AMD FX.

    Thanked by 1netomx
  • @Neoon said: So, we are doomed, crap. Go and buy AMD FX.

    Oh, that's just the part (tip of the iceberg) that happened to be discovered...

    My favourite prime number is 42. - \forall cpu in {intel, amd, arm}: cpu->speed -= cpu->speed/100 x irandom(15, 30) | state := hacked

    Thanked by 1netomx
  • NeoonNeoon Member
    edited November 2017

    I am waiting for the moment, when they use the Network exploit and open Servers and Desktops like tin cans.
    Thats gonna be fun

    Thanked by 1netomx
  • Such exploit might exist already...

  • @Jarry said: Such exploit might exist already...

    I am sure that it already exists, just the question of time when it goes BIG.

    Thanked by 2default netomx
  • Black Friday 2017 winner: Veesp.com

    Thanked by 2netomx mrTom
  • @Ole_Juul said:

    WSS said: Pretty sure that the Core2Duo was the last-of-breed that didn't have a way to fuck with the underlying system transparently to the OS.

    I'm curious if you have any more details like that, or a link. I just put together a new Tor box and deliberately used an Intel Pentium 4 511 on a 915GEV mother board. That's probably safe and it certainly is plenty powerful for secure communication and basic browsing.

    Sure.

    This place just isn't the same; You know where to find me if you want me.

  • If only we could use routers with MIPS, as desktops and servers.

    Black Friday 2017 winner: Veesp.com

  • default said: MIPS, as desktops

    MIPS is not in the best state right now, but still there is some MIPS hardware powerful enough to be used as a light desktop.

  • @rm_ said: MIPS is not in the best state right now, but still there is some MIPS hardware powerful enough to be used as a light desktop.

    2018 will be known as the year of OpenWRT on the desktop.

    This place just isn't the same; You know where to find me if you want me.

  • WSS said: 2018 will be known as the year of OpenWRT on the desktop.

    It supports Debian, thanks.

    Thanked by 1netomx
  • @rm_ said:

    WSS said: 2018 will be known as the year of OpenWRT on the desktop.

    It supports Debian, thanks.

    apt-get install luci-ssl

    This place just isn't the same; You know where to find me if you want me.

    Thanked by 1netomx
  • scaveneyscaveney Member, Provider

    fwiw they only started using MINIX recently. It was ThreadX RTOS for years until they changed to MINIX. Much smaller attack surface.

    Premium SSD KVM at https://anynode.net/ ~ starting at $12.50/yr for 256MB ~ three locations available

    Thanked by 1vimalware
  • I can't wait for iTron to make a comeback.

    This place just isn't the same; You know where to find me if you want me.

Sign In or Register to comment.