Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

Another Flawed Bit of Intel Corp Nonsense, The Active Management Technology Vector →

January 17, 2018 by Marc Handelman in Bombast, Blatant Incompetence, Vulnerabilities, Vulnerability Research, Vulnerable Systems, Information Security, Hardware Security, Hardware Flaws

Reportedly, Harry Sintonen, empolyed at F-Secure as a security researcher, discovered during the course of his labors - a flaw in Intel's Active Management Technology (AMT) firmware. Ooops.

As is typical of Intel Corporation (Nasdaq: INTC) the firm is attempting to shirk responsability for this attack and transfer the blame onto the company's vendors, not to mention the glad-handing exhibited by the company's CEO at CES.

It's time to rein in Intel Corporation's significantly flawed software development practice (as evidenced by the output), as the ramifications for the company's vulnerability touch many - if not all - systems worldwide. Further, what else is flawed in the company's other products (for example, automotive chips, medical device systems where the firm's hardware and software reside)?

'But the latest vulnerability—discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post—is more of a feature than a bug. Notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer—even bypassing BIOS passwords, Trusted Platform Module personal identification numbers, and Bitlocker disk encryption passwords—by rebooting the computer, entering its BIOS boot menu, and selecting configuration for Intel’s Management Engine BIOS Extension (MEBx).' - via Sean Gallagher - writing at Ars Technica

January 17, 2018 /Marc Handelman
Bombast, Blatant Incompetence, Vulnerabilities, Vulnerability Research, Vulnerable Systems, Information Security, Hardware Security, Hardware Flaws

Forbidden Research - Snowden's MIT →

August 01, 2016 by Marc Handelman in All is Information, Cryptography, Espionage, Bombast

Anti-espionage bombast? Nothing more than diatribe-like vaporware? You be the judge...

August 01, 2016 /Marc Handelman
All is Information, Cryptography, Espionage, Bombast