Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Are You Afraid Of Minix?


  • Please log in to reply
10 replies to this topic

#1 Rocky Bennett

Rocky Bennett

  • Members
  • 2,259 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Mexico, USA
  • Local time:12:35 PM

Posted 08 November 2017 - 10:34 AM

A new threat to our privacy has been found on all Intel systems, even the ones running Linux.

 

 

http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/


594965_zpsp5exvyzm.png


BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,287 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:01:35 PM

Posted 08 November 2017 - 10:44 AM

More.

 

Louis



#3 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 599 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:35 PM

Posted 08 November 2017 - 12:22 PM

Well that's not going to get exploited at all ...... is it. :rolleyes:

 

I've no doubt that implementing such an exploit will not be easy, but difficulty has never previously prevented vulnerabilities from being exploited.



#4 JohnC_21

JohnC_21

  • Members
  • 20,493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:35 PM

Posted 08 November 2017 - 02:29 PM

https://www.csoonline.com/article/3220476/security/researchers-say-now-you-too-can-disable-intel-me-backdoor-thanks-to-the-nsa.html

 

The researchers discovered an undocumented field called “reserve-hap” and that HAP could be set to “1” for true. Apparently, the NSA wanted to ensure the agency could close off any possible security risk by disabling Intel ME. The researchers wrote, “We believe that this mechanism is designed to meet a typical requirement of government agencies, which want to reduce the possibility of side-channel leaks.”

 

Obviously the NSA will use Minix to their benefit when possible.



#5 JohnnyBeeGood

JohnnyBeeGood

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 08 November 2017 - 06:59 PM

https://www.bleepingcomputer.com/forums/t/660160/bios-and-intel-amt/



#6 The-Toolman

The-Toolman

  • Members
  • 654 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 PM

Posted 08 November 2017 - 09:22 PM

https://www.bleepingcomputer.com/forums/t/662089/interesting-find/


Linux Peppermint 7 (64 Bit) Dell Dimension E521 (06 / 11 / 2007) / Amd Athlon 64 X2 4000+ Processor (2.1 GHz, 1024 KB L2 Cache, rev. G1, Socket AM2) / Samsung Memory DDR2, 4.0 GB, 533 MHz FSB / Nvidia GeForce 6150 LE [C51] Integrated Graphics Adapter.

 

Linux Peppermint 8 (32 Bit) / Dell Optiplex 360 (11 / 28 / 2008) / Intel Core 2 Duo Processor E6300 Conroe (1.86 GHz, 1066 MHz FSB, 2M Cache, LGA 775 Socket) / DDR2 Memory 3.0 GB, 800 MHz FSB / Graphics Card Nvidia GeForce 7300 LE [G72] PCIE.

 

 


#7 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 1,947 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:02:35 PM

Posted 09 November 2017 - 12:09 AM

Andrew S. Tanenbaum looks like he is not pleased by this.

 

http://www.zdnet.com/article/minixs-creator-would-have-liked-knowing-intel-was-using-it/

 

Dont blame him really, I mean seriously MINIX is what gave birth to linux but this is not the way to do this lads.


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

gh8un5-6.png


#8 JohnnyBeeGood

JohnnyBeeGood

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:35 PM

Posted 09 November 2017 - 11:40 AM

A new threat to our privacy has been found on all Intel systems, even the ones running Linux.

 

 

http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

 

From what I've read recently, the issue of the co-processor exists mostly in business computers.

And it's the Intel AMT app (part of Intel's Management Engine installed in Minix)

 

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology

 

that is the problem.

 

Intel posted this back in May:

 

https://www.intel.com/content/www/us/en/architecture-and-technology/intel-amt-vulnerability-announcement.html

 

A firmware update is supposed to fix the vulnerability.

But it doesn't turn off AMT.

 

AMT can be disabled in the bios of most boards that have the co-processor.

 

https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/297931

(6th post down)

 

And the ports it listens to probably ought to be blocked  at your router or external firewall.

 

https://www.intel.com/content/dam/support/us/en/documents/technologies/intel-sa-00075-network-admin-detection-and-mitigation-guide.pdf


Edited by JohnnyBeeGood, 09 November 2017 - 11:43 AM.


#9 Mike_Walsh

Mike_Walsh

    Bleepin' 'Puppy' nut..!!


  • Members
  • 1,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:King's Lynn, UK
  • Local time:07:35 PM

Posted 10 November 2017 - 03:11 PM

Ah, well...

 

All I can say is I'm happy I'm running AMD.....(and my only Intel is at least 15 yrs old; long before all this 'CPU within a CPU' hidden-backdoor, etc., etc. became the norm).

 

I'm glad to be running such 'dinosaurs'..!  :lol:  :lol:

 

 

Mike.  :wink:


If the information given has helped you, please remember to say 'Thanks!'

My Puppy BLOG ~~~  My Puppy PACKAGES

Compaq Presario desktop; Athlon64 X2 3800+, 3 GB RAM, WD 500GB Caviar 'Blue', 32GB Kingspec PATA SSD, Seagate 'Expansion' 1 TB  USB 3.0 drive, ATI Radeon Xpress 200 graphics, Dell 15.1" pNp monitor (1024 x 768), TP-Link PCI-e USB 3.0 card, Belkin PCI USB 2.0 4-port card, self-powered 7-port USB 2.0 hub

Dell Inspiron 1100; 2.6 GHz P4, 1.5 GB DDR1, 64GB KingSpec IDE SSD, Intel 'Extreme' graphics, 2 x 128GB SanDisk Cruzer 'Fit' USB 'external' storage.

 

XQxSFqE.gif

 

 


#10 The-Toolman

The-Toolman

  • Members
  • 654 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:35 PM

Posted 10 November 2017 - 05:25 PM

Ah, well...

 

I'm glad to be running such 'dinosaurs'..!  :lol:  :lol:

 

Mike.  :wink:

Me to!

 

OLD COMPUTERS ROCK!  :guitar:


Linux Peppermint 7 (64 Bit) Dell Dimension E521 (06 / 11 / 2007) / Amd Athlon 64 X2 4000+ Processor (2.1 GHz, 1024 KB L2 Cache, rev. G1, Socket AM2) / Samsung Memory DDR2, 4.0 GB, 533 MHz FSB / Nvidia GeForce 6150 LE [C51] Integrated Graphics Adapter.

 

Linux Peppermint 8 (32 Bit) / Dell Optiplex 360 (11 / 28 / 2008) / Intel Core 2 Duo Processor E6300 Conroe (1.86 GHz, 1066 MHz FSB, 2M Cache, LGA 775 Socket) / DDR2 Memory 3.0 GB, 800 MHz FSB / Graphics Card Nvidia GeForce 7300 LE [G72] PCIE.

 

 


#11 RJNB

RJNB

  • Members
  • 276 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:In front of my laptop
  • Local time:01:05 AM

Posted 11 November 2017 - 01:22 AM

Hello,

 

I wonder whether I have it too-mine is from around 2006 if my memory is right, so I guess I need not worry. Yet, I would like to check once...

 

An OS which you can control is scary enough(thanks to all those vulnerabilities and those who exploit them), so something like that beyond your control running with unlimited power is a serious matter!

 

On the brighter side of things, well, so that makes MINIX, the ancestor of Linux, the most widely used OS! :lol:

 

Happy to be running this old one!

RJ


Edited by RJNB, 11 November 2017 - 01:23 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users