Debian Security ~ Intels' ME and likewise

Here you can discuss every aspect of Debian. Note: not for support requests!

Re: Debian Security ~ Intels' ME and likewise

Postby pylkko » 2017-11-22 18:57

alan stone wrote:Intel crawling out of the closet, dragging its feet...

Intel has released a downloadable detection tool which will analyze your system for the vulnerabilities identified & links to system manufacturer pages concerning the issue. See here.

EDIT: just noticed this information was published in the article provided through the previous post. Anyway, above is the straight link to Intel's burp. Who knows which shenaningans are in this patch. :roll:



OK. So anybody still think that this management engine thing isn't 'bad'?
User avatar
pylkko
 
Posts: 1213
Joined: 2014-11-06 19:02

Re: Debian Security ~ Intels' ME and likewise

Postby sunrat » 2017-11-22 22:30

pylkko wrote:OK. So anybody still think that this management engine thing isn't 'bad'?

Sounds bad but so is Coca-Cola and land mines. The world goes on, somehow.
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!
User avatar
sunrat
 
Posts: 2056
Joined: 2006-08-29 09:12
Location: Melbourne, Australia

Re: Debian Security ~ Intels' ME and likewise

Postby pylkko » 2017-11-23 07:16

Some people opinioned that it isn't a security risk. I'm just saying that if Intel thinks it is, then I'm not convinced it isn't. No comment on the world or coca cola.
User avatar
pylkko
 
Posts: 1213
Joined: 2014-11-06 19:02

Re: Debian Security ~ Intels' ME and likewise

Postby fmp » 2017-11-24 01:10

it can be neutralized, depending on your hardware: https://github.com/corna/me_cleaner

i have also seen people suggest not to use the onboard pci wifi, as somehow the me is programmed to communicate only through the pci. anecdotally, a usb dongle for wifi would be a superior replacement.
(don't know how true that is, I've not tested the theory myself as I don't fully understand the inner workings of the me [just enough to know i don't want it] & I've only seen it mentioned once or twice.. you'd think if such were viable it would be widely spread)

AMD also have their own version of me: https://libreboot.org/faq.html#amdpsp so its inescapable, for now (short of building your own).

purism have also been working to neuter the me: https://puri.sm/learn/avoiding-intel-amt/ (though from my understanding, they're just running the me_cleaner tool on their hardware)
fmp
 
Posts: 26
Joined: 2017-09-09 04:01

Re: Debian Security ~ Intels' ME and likewise

Postby ticojohn » 2017-11-24 18:46

Just checked my motherboard specs (GA-H81M-H rev 2.1) and it indicated that my motherboard does not use vPro, which in part is Active Management Technology. From what I have read, if AMT is not incorporated then the ME vulnerability is low to non-existent. Anybody have thoughts on that assumption?
I'm not irrational, I'm just quantum probabilistic.
User avatar
ticojohn
 
Posts: 713
Joined: 2009-08-29 18:10
Location: Costa Rica

Re: Debian Security ~ Intels' ME and likewise

Postby makh » 2017-11-24 21:11

Hi
Intel seems to have launched their utility. But I want to know that if Debian Developers are going to provide any such utilities, in any way, now or in coming days...?
HP Probook 440 G2: Arch, Debian Stable
Server: none
Past: Debian, Centos, Ubuntu, Opensuse
GUI: Openbox, Cinnamon
Chroot: Debian, Ubuntu, Fedora
VM: Devuan

Employing the best:
Arabic
Debian
Homeopathic

For new: Try Linux Mint
User avatar
makh
 
Posts: 566
Joined: 2011-10-09 09:16

Re: Debian Security ~ Intels' ME and likewise

Postby dotlj » 2017-11-25 09:01

Intel SA 00086 Detection Tool
https://downloadcenter.intel.com/download/27150

The vulnerability only affects more recent Intel procesors. Some manufacturers have started producing updates.
[url]
https://www.bleepingcomputer.com/news/h ... rity-bugs/[/url]

Most of my machines are not affected as the use older third generation Intel processors, only 6th, 7th and 8th generation Intel Core Processor Family and some other recent processors are affected by this vulnerability.
User avatar
dotlj
 
Posts: 512
Joined: 2009-12-25 17:21

Re: Debian Security ~ Intels' ME and likewise

Postby makh » 2017-11-25 11:39

dotlj wrote:...The vulnerability only affects more recent Intel procesors. Some manufacturers have started producing updates...

I am not convinced of this part... :!:
HP Probook 440 G2: Arch, Debian Stable
Server: none
Past: Debian, Centos, Ubuntu, Opensuse
GUI: Openbox, Cinnamon
Chroot: Debian, Ubuntu, Fedora
VM: Devuan

Employing the best:
Arabic
Debian
Homeopathic

For new: Try Linux Mint
User avatar
makh
 
Posts: 566
Joined: 2011-10-09 09:16

Re: Debian Security ~ Intels' ME and likewise

Postby ticojohn » 2017-11-25 15:47

makh wrote:
dotlj wrote:...The vulnerability only affects more recent Intel processors. Some manufacturers have started producing updates...

I am not convinced of this part... :!:

From what I have read it seems to be most dependent on whether the motherboard/system manufacturer implemented the vPro technology in the bios. Some MB's, like mine, have the MEI chipset but vPro was not implemented in the bios. An easy check as to whether your board is susceptible might be to look at the board specs and see if vPro is implemented. No test software required.

UPDATE: Just to verify my assumption I downloaded the referenced test program from Intel. I have two computers. One is a Gigabyte GA H81M-H rev 2.1, the other is and Intel NUC5i5RYH. Specifications for both systems indicate that the vPro technology is not implemented. I ran the test on both systems and the results for both indicate that the system is not vulnerable. So, either they really aren't vulnerable or the test is lying. Given the grief that Intel is getting over this issue I would like to believe that they have not created a test that gives false results. Besides, the article that I read saying that the key is whether vPro is implemented was from a respected non-intel source. Take it as you will.
I'm not irrational, I'm just quantum probabilistic.
User avatar
ticojohn
 
Posts: 713
Joined: 2009-08-29 18:10
Location: Costa Rica

Re: Debian Security ~ Intels' ME and likewise

Postby n_hologram » 2017-12-01 19:04

sunrat wrote:
pylkko wrote:OK. So anybody still think that this management engine thing isn't 'bad'?

Sounds bad but so is Coca-Cola and land mines. The world goes on, somehow.

A classic "apples-to-landmines" comparison.
The better comparison is if coffee, tea, and juice all started shipping with carbonated water and high-fructose corn syrup.
Bottled water would be an alternative, but it contains its own proprietary substances that are embedded into the water molecules.
Then you might say, "well I could just replace fluids with raspberry pies", but there are small landmines that are set to self-destruct based on an unexplored, proprietary algorithm.
...what were we originally talking about again?

fwiw, I ran me_cleaner on a spare laptop and it worked fine.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
n_hologram
 
Posts: 256
Joined: 2013-06-16 00:10

Previous

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 4 guests

fashionable