Serious vulnerabilities in Intel CPUs make millions of PCs vulnerable to hacks

system · 2017-11-23 01:43:05 UTC

Originally published at: https://www.myce.com/news/serious-vulnerabilities-intel-cpus-make-millions-pcs-vulnerable-hacks-83054/

Researchers have found multiple vulnerabilities in firmware used by recent Intel CPUs. The problem affects both CPUs for consumer PCs as CPUs used in enterprise servers. Intel has confirmed the issues on its website.

coolcolors · 2017-11-23 15:17:29 UTC

All the more Rzyen will just fill the holes and take over again. This is what happens when iNtel has to rush the CPU out because Rzyen is now eating iNtel breakfast, lunch, dinner now. iNtel for all its bullying now has to do catch-up and fix their debacle now. This just insure people and corporations start to look at Rzyen saying we can get it for less and not have your security remote access holes. This is something iNtel will loose money.

TSJnachos117 · 2017-11-27 06:58:25 UTC

Gee, who would have thought that putting a full web server on every machine that the users can’t really control would be bad? I would have thought that including software that no one is allowed to examine that could compromise an entire system in ways that are virtually impossible to detect would be a good thing. Who could have known that something like this would be a TERRIBLE idea. Oh, wait… I did.

TSJnachos117 · 2017-11-27 07:22:13 UTC

Hold on there. AMD isn’t really a good alternative as far as proprietary blackbox chips go. Intel’ s decision to force IME down our throats was a stupid idea, but that doesn’t mean AMD is any better.

In fact, AMD has there own IME-like technology called AMD Platform Security Processor. According to this LibreBoot article:

The PSP is an ARM core with TrustZone technology, built onto the main CPU die. As such, it has the ability to hide its own program code, scratch RAM, and any data it may have taken and stored from the lesser-privileged x86 system RAM (kernel encryption keys, login data, browsing history, keystrokes, who knows!). To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM “features” to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.

It’s worth giving the entire section on AMD processors a good read (I only quoted part of it), because this is important.

So yeah, AMD’s CPUs, including their new Ryzen processors, are just as untrustworthy as Intel’s. PS: Did I mention that ARM processors also tend to have similar “features”? In other words, the tech industry is working hard to make sure big brother is always watching.

coolcolors · 2017-11-27 14:23:47 UTC

Put this way iNtel was on the top for so long they didn’t invest in making the CPU better in the long run instead they just putted around and Scalped the prices until Rzyen cam around and to iNtel surprise not only did they face loosing sales but forgot that they never updated their Chip security for all this time. This is poor excuse from iNtel after all this time saying how good it was failed to even keep their chip security up to date at least that much. Only one to blame is iNtel for lack of tech update and if AMD hadn’t brought in Rzyen I can say for sure iNtel could care less about this flaw that exposes more that iNtel cares about BottomLine then BetterProduct. Rzyen will have it fault but AMD brought in new Product and New Line. While iNtel just tweaks and tweaks but can never get the 10nm they claim to have but still use 14nm and after all this talk can’t still deliver which means they never intended to make 10nm only to rake in much cash as possible but once AMD came back iNtel is in a rush now. Just goes to show their mindset has become Stale like bread old and crusty and can’t think past their BottomLine only.