|
ok cool but do are you denying that when present IME poses a significant threat of compromise and can provide persistence to malware in its default state? if you arent then prove otherwise or gently caress off i guess? no one has time for bs semantics
|
# ? May 2, 2017 18:35 |
|
|
# ? Jun 8, 2024 07:14 |
|
i'm denying that ime is active in systems where both components are not present, which is what bangersinmyknickers claimed
|
# ? May 2, 2017 18:42 |
|
infernal machines posted:i'm denying that ime is active in systems where both components are not present, which is what bangersinmyknickers claimed
|
# ? May 2, 2017 18:44 |
|
infernal machines posted:i'm denying that ime is active in systems where both components are not present, which is what bangersinmyknickers claimed ok cool good luck proving a negative. someone post something interesting to clear the air pls? all ive got is apparently krebs has found a SaaS outfit which is accidentally exposing their customer list via their sitemap: https://twitter.com/briankrebs/status/859430935711887360 Pile Of Garbage fucked around with this message at 18:48 on May 2, 2017 |
# ? May 2, 2017 18:46 |
|
anthonypants posted:because it looks like you're saying that ime is inactive even when the operation system sees that the devices exist because the OS says those devices exist even when the CPU does not support IME. how is this not coming across? the claim you guys are making is that if either (but not both) of the two components required for a functional IME are present, then it's exploitable. i've not seen any evidence of that and none of the linked sources appear to suggest that. but yes, this is surprisingly tedious. if an exploit comes out i'll test it on the i3 box and reply with my findings infernal machines fucked around with this message at 19:05 on May 2, 2017 |
# ? May 2, 2017 18:50 |
|
removed. sorry, I think it turned out to be a joke?
AARP LARPer fucked around with this message at 19:44 on May 2, 2017 |
# ? May 2, 2017 19:05 |
|
no way.
|
# ? May 2, 2017 19:06 |
|
dont doxx me and my employer. e: lol now my post makes zero sense because war dogs edited theirs! Pile Of Garbage fucked around with this message at 19:54 on May 2, 2017 |
# ? May 2, 2017 19:06 |
|
infernal machines you might just want to stop before you're too far back for you to catch up
|
# ? May 2, 2017 19:50 |
|
Migishu posted:infernal machines you might just want to stop before you're too far back for you to catch up okay, if anyone comes up with proof that IME is active and exploitable when only one of the two required components is present, please post it. i'll apologize unreservedly
|
# ? May 2, 2017 19:52 |
|
RIP infernal machines, thought of IME and died
|
# ? May 2, 2017 19:55 |
|
infernal machines posted:okay, if anyone comes up with proof that IME is active and exploitable when only one of the two required components is present, please post it. i'll apologize unreservedly
|
# ? May 2, 2017 20:14 |
|
anthonypants posted:you went from "sure it's supported on cpus but it's NOT supported on motherboards" to "ok it's supported on motherboards but that DOESN'T mean it's supported by the cpu" yeah, there are both. there are two scenarios where one but not both of the required components for IME may be present. the original claim was that this was irrelevant and it was exploitable regardless. a bunch of people here posted screenshots of device manager on boards that do support it. there are boards that do not support IME and don't have that device. you can still install an i5 or an i7 that has vPro support in them. likewise you can install a celeron, pentium, or i3 that does not support vpro in one of those boards they took the screen shots from. in either case, IME should not be active because it requires both chipset and cpu support. this is not difficult
|
# ? May 2, 2017 20:25 |
|
like, i really don't get what's so contentious about this. IME is used as a differentiating feature on both platform and CPU skus. some don't have it and you can mix and match those components, but according to intel you need both for it to work. if the ones that don't have it actually do, and it's exploitable then fine, but i'd like to see someone demonstrate that.
|
# ? May 2, 2017 20:30 |
|
Infernal Machine Engine infernal machine's enigma idk that's all i got
|
# ? May 2, 2017 20:33 |
|
infernal machines posted:yeah, there are both. there are two scenarios where one but not both of the required components for IME may be present. the original claim was that this was irrelevant and it was exploitable regardless. the issue is that going by what other people are saying the board support is very common which would imply that a hell of a lot of consumer systems with i5 and i7 processors are vulnerable, maybe even most of them, not the relative rarity you're making it out to be
|
# ? May 2, 2017 20:57 |
|
i'll concede that point, i've sold plenty of systems without it, but it appears to be included on many q/x/z series chipset boards, especially in the enthusiast range. it looks like the management engine device is present even in cases where they don't actually support amt as well e: looks like the ME pci device component was made a standard part of the intel chipset in 2015, previously it was optional i'm curious how intel defines "Intel-based consumer PCs" now Also whoa hey: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr posted:
infernal machines fucked around with this message at 21:22 on May 2, 2017 |
# ? May 2, 2017 21:00 |
|
|
# ? May 2, 2017 21:34 |
|
worth posting the actual site here too http://www.randomsanity.org/quote:How it Works i definitely trust a http website written by a bitcoin man to verify my crypto has enough crypto in it
|
# ? May 2, 2017 21:46 |
|
how to bytes "look random" what does random look like?
|
# ? May 2, 2017 21:52 |
|
bytes presumably "look random" by just meeting some minimum amount of entropy, which is fairly trivial to determine
|
# ? May 2, 2017 21:56 |
|
this is a joke
|
# ? May 2, 2017 21:59 |
|
monkey chease
|
# ? May 2, 2017 21:59 |
|
Meat Beat Agent posted:bytes presumably "look random" by just meeting some minimum amount of entropy, which is fairly trivial to determine quote:The service will return ‘true’ if it those bytes look random and nobody else has submitted the same stream of bytes; otherwise it will return ‘false’. quote:// Best-effort "have we ever seen this array of bytes before?" ah well maybe it can do a basic entropy tes-- quote:$ curl https://rest.randomsanity.org/v1/q/A55AA55AA55AA55AA55AA55AA55AA55AA55A the fun part is that you can't reliably link any examples because anybody trying to test the same observation will see "false"
|
# ? May 2, 2017 22:09 |
|
i am literally angry laughing over here
|
# ? May 2, 2017 22:22 |
|
Zamujasa posted:the fun part is that you can't reliably link any examples because anybody trying to test the same observation will see "false" see? it's just getting more secure every time you use it
|
# ? May 2, 2017 22:36 |
|
neat, they return a never-before-seen value as an X-Entropy header:Python code:
|
# ? May 2, 2017 22:39 |
|
Dex posted:neat, they return a never-before-seen value as an X-Entropy header: Incase you forgot what you sent and lose all hope of ever recovering your once in a lifetime and officially verified random string.
|
# ? May 2, 2017 23:03 |
|
lol i entered "Weedlord Bonerhitler" in hex and got true
|
# ? May 2, 2017 23:07 |
|
so is this dashlane thing any good?
|
# ? May 2, 2017 23:32 |
|
they have a whitepaper on their security model https://www.dashlane.com/download/Dashlane-Security-Whitepaper-V2.8.pdf evidently created in word
|
# ? May 2, 2017 23:36 |
|
Meat Beat Agent posted:bytes presumably "look random" by just meeting some minimum amount of entropy, which is fairly trivial to determine Hint: You can't
|
# ? May 3, 2017 00:59 |
|
re: web site push notification chat from a couple days ago I think they may be supercookies. There's a unique per-subscription URL involved and a unique client-generated ECDH keypair.
|
# ? May 3, 2017 01:55 |
|
pseudorandom name posted:re: web site push notification chat from a couple days ago are those ones you have to click ok to twice?
|
# ? May 3, 2017 01:58 |
|
ate poo poo on live tv posted:How do you determine "some minimum amount of entropy" in a byte stream that you do not know the source of? code:
|
# ? May 3, 2017 02:03 |
|
Dex posted:worth posting the actual site here too http://www.randomsanity.org/ i really don't understand how the bitcoin protocol hasn't been completely destroyed yet with morons like this as core devs. it's got to be outright dumb luck.
|
# ? May 3, 2017 02:21 |
|
ate all the Oreos posted:
lol (the example looks familiar) https://www.npmjs.com/package/string-entropy posted:
|
# ? May 3, 2017 02:24 |
|
"disable the ME" isn't a sensible phrase for a few years now, as tenuous as it was before that point
|
# ? May 3, 2017 02:25 |
|
minivanmegafun posted:i really don't understand how the bitcoin protocol hasn't been completely destroyed yet with morons like this as core devs. it's got to be outright dumb luck. most of the really obvious problems with the protocol itself got fixed in the first few years before it got big. now all of the problems left will never get fixed because miners will try to block it, but they're mostly things that don't break the protocol, just things that make bitcoin suck to use
|
# ? May 3, 2017 02:26 |
|
|
# ? Jun 8, 2024 07:14 |
flakeloaf posted:ME was a mistake I'm sure your parents love you and are proud of you regardless of the circumstances of your birth
|
|
# ? May 3, 2017 02:27 |