Postaje sve bolje i bolje:
Prezentacija u decembru:
https://www.blackhat.com/eu-17...n-intel-management-engine-8668
Citat:
How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine
Unfortunately, this changing did not go without errors. In a subsystem change that will be detailed in the talk of Intel ME version 11+, a vulnerability was found. It allows an attacker of the machine to run unsigned code in PCH on any motherboard via Skylake+. The main system can remain functional, so the user may not even suspect that his or her computer now has malware resistant to reinstalling of the OS and updating BIOS. Running your own code on ME gives unlimited possibilities for researchers, because it allows exploring the system in dynamics.
Ako stvarno mogu da nateraju ME podsistem da trci nepotpisan kod bez nekih velikih vratolomija, mislim da ce to napraviti poveci problem kako Intel-u tako i njihovim OEM kupcima i verovatno ce doci do zahteva od strane kupaca da se cela stvar moze iskljuciti, potpuno.
Jedna dobra vest za one koji su propustili, izgleda da ME ima "kill switch" koji se koristi u 'High Assurance' programu (za drzavne sluzbe) i koji su istrazivaci uspeli da pronadju:
http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
Na zalost, ovo nije bas neko siroko primenjivo resenje posto zahteva a) hakovanje opreme, b) moze da dovede do brick-ovanja sistema i c) nije podrzana konfiguracija od strane proizvodjaca.
DigiCortex (ex. SpikeFun) - Cortical Neural Network Simulator:
http://www.digicortex.net/node/1 Videos:
http://www.digicortex.net/node/17 Gallery:
http://www.digicortex.net/node/25
PowerMonkey - Redyce CPU Power Waste and gain performance! -
https://github.com/psyq321/PowerMonkey