Bios/UEFI скрытое счастье.

Discussion in 'Болталка' started by Dark~Angel, 31 Jul 2020.

  1. Dark~Angel

    Dark~Angel Member

    Joined:
    25 Apr 2010
    Messages:
    308
    Likes Received:
    76
    Reputations:
    8
    Кто загружал слив? Что там интерессно?
     
    altblitz likes this.
  2. altblitz

    altblitz Elder - Старейшина

    Joined:
    5 Jun 2009
    Messages:
    3,691
    Likes Received:
    3,145
    Reputations:
    236
    Что такое слив и откуда?

    Блиц, снимает патчи Clear Linux (tm) Intel коммандой
    Code:
    blitz@inode ~/aur/linux-clear/kernel % bsdtar -x -f ../linux-5.7.13-975.src.rpm 
    [​IMG]

    Скоростные патчи Clear Linux clr-xxx.patch - нужные, находятся сразу.

    И затем?
    Тест интерактивности/latency кернела с interbench https://github.com/ckolivas/interbench.
    Which comes up with positive resilts ))

    [​IMG]
     
    #22 altblitz, 8 Aug 2020
    Last edited: 8 Aug 2020
  3. Dark~Angel

    Dark~Angel Member

    Joined:
    25 Apr 2010
    Messages:
    308
    Likes Received:
    76
    Reputations:
    8
    так в сеть слили 20 гигов секретов Intel :D
     
  4. altblitz

    altblitz Elder - Старейшина

    Joined:
    5 Jun 2009
    Messages:
    3,691
    Likes Received:
    3,145
    Reputations:
    236
    Не слышны в заду даже шорохи,
    Всё здесь замерло до утра.

    Что ж ты мужелож, смотришь искоса,
    Низко голову склоня?


    https://software.intel.com/content/www/us/en/develop/home.html

    Ничуть того не бывало!
    У Блиц, персональный аккаунт Intel Dev и он, девственно цел и не тронут.

    И на самом сайте Intel Dev, нет ни одного упоминания о взломе.
    Меньше читать гавно-прессу с сообщениями ублюдков-журналюг ))
     
  5. alexzir

    alexzir Well-Known Member

    Joined:
    29 Oct 2019
    Messages:
    972
    Likes Received:
    2,345
    Reputations:
    25
    @altblitz, а этому источнику верить можно?
    https://www.bleepingcomputer.com/ne...ource-code-internal-docs-from-alleged-breach/
    lassified and confidential documents from U.S. chipmaker Intel, allegedly resulting from a breach, have been uploaded earlier today to a public file sharing service.

    The cache of secret information is 20GB large and comes from an unknown source. It was announced as the first part in a series of Intel leaks.

    According to Tillie Kottmann, a developer and reverse engineer who received the documents from an anonymous hacker, most of the information is supposed to be protected intellectual property. The developer was told that the information was stolen from Intel in a breach this year.

    "They were given to me by an Anonymous Source who breached them earlier this year, more details about this will be published soon," Kottmann says.

    “Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” the developer added.

    Those browsing firmware source code will find comments referring to backdoors, but that could mean anything and does not necessarily mean they can gain access to your computer:

    [​IMG]
    Tillie Kottmann
    An Intel spokesperson replying to our request for comments pointed us to the company's product security policy page, which states that "Intel product development policy and practices prohibit any intentional steps to allow undocumented device access (e.g., “backdoors”), exposure of sensitive device information, or a bypass of security features or restrictions of its products."

    Some of the files in the archive include technical specifications and relate to internal chipset design, including Kaby Lake platform and Intel Management Engine (ME).

    [​IMG]

    This initial release contains documents related to the following:

    • Intel ME Bringup guides + (flash) tooling + samples for various platforms
    • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
    • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
    • Silicon / FSP source code packages for various platforms
    • Various Intel Development and Debugging Tools
    • Simics Simulation for Rocket Lake S and potentially other platforms
    • Various roadmaps and other documents
    • Binaries for Camera drivers Intel made for SpaceX
    • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
    • (very horrible) Kabylake FDK training videos
    • Intel Trace Hub + decoder files for various Intel ME versions
    • Elkhart Lake Silicon Reference and Platform Sample Code
    • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly
    • Debug BIOS/TXE builds for various Platforms
    • Bootguard SDK (encrypted zip)
    • Intel Snowridge / Snowfish Process Simulator ADK
    • Various schematics
    • Intel Marketing Material Templates (InDesign)
    This release has already been dubbed “juicy” but Kottmann believes that future leaks from their source are likely to contain even “juicier” classified documents.
     
    altblitz likes this.
  6. altblitz

    altblitz Elder - Старейшина

    Joined:
    5 Jun 2009
    Messages:
    3,691
    Likes Received:
    3,145
    Reputations:
    236
    > Some of the files in the archive include technical specifications and relate to internal chipset design, including Kaby Lake platform and Intel Management Engine (ME)

    IME, к такому инструментарию удалённого управления компьютерами,
    многим кунам и даже тянам хотелось бы получить доступ ))

    Сказано достаточно ясно:
    > "Intel product development policy and practices prohibit any intentional steps to allow undocumented device access (e.g., “backdoors”), exposure of sensitive device information, or a bypass of security features or restrictions of its products."

    Тот самый микро-код, что разрабатывается в Intel Labs, доступен всем и каждому.

    [​IMG]

    i915-firmware.cpio.xz
    intel-ucode.cpio
    intel-ucode.img

    Берём и дизассемблируем код, что занимается управлением компом на уровне hardware, годен для такого и Borland Turbo Debugger.

    И было ли хоть одно сообщение о замеченной отправке данных с компьютеров?
    Написать можно любой код, в плане и в целях эксперимента, для внутреннего использования,
    но выпускать backdoors в production line for public use - that's totally different case.
     
  7. Dark~Angel

    Dark~Angel Member

    Joined:
    25 Apr 2010
    Messages:
    308
    Likes Received:
    76
    Reputations:
    8
    Это всё хорошо но вот вопрос, как отключить то что мне не надо?
    Интел МЕ?
    Биос гард?
     
  8. altblitz

    altblitz Elder - Старейшина

    Joined:
    5 Jun 2009
    Messages:
    3,691
    Likes Received:
    3,145
    Reputations:
    236
    Умеешь в флешинг / перепрошивку UEFI BIOS?
    Тогда - https://www.google.com/search?q=how+to+disable+intel+me+uefi+bios

    Первый же линк, на Gentoo Wiki.
    Но! Потребуется дополнительное hardware и таки не однозначен факт,
    что сработает на каждой отдельно взятой мама-плате.

    [​IMG]
     
  9. Dark~Angel

    Dark~Angel Member

    Joined:
    25 Apr 2010
    Messages:
    308
    Likes Received:
    76
    Reputations:
    8
    Этот метод сразу же окерпичит мой девайс. У Интел есть проверка целостности МЕ региона и Биоса.
     
  10. altblitz

    altblitz Elder - Старейшина

    Joined:
    5 Jun 2009
    Messages:
    3,691
    Likes Received:
    3,145
    Reputations:
    236
    В cold boot компа, появится выбор сценария загрузки UEFI/BIOS,
    Windows / Linux / UEFI boot v.2
    Можешь видеть, если втыкать в кнопку F12.

    А дальше?
    Меняешь переменные / variables UEFI/ BIOS.
    И не удивляйся, если комп станет вдруг кирпичом.

    Что самое плохое, обратно не восстанавливается работоспособность мамы-платы.
     
  11. Dark~Angel

    Dark~Angel Member

    Joined:
    25 Apr 2010
    Messages:
    308
    Likes Received:
    76
    Reputations:
    8
    разве если перепрошить чип стоковой прошивкой то плата рзве не оживёт ?
     
Loading...