Pages:
Author

Topic: Using Intel CPU and Motherboard ? Your Bitcoins may be in actual danger. - page 3. (Read 5053 times)

hero member
Activity: 672
Merit: 500
I didn't finish reading everything. Can I say I am safe if I use an Intel CPU, non-Intel motherboard and a non-Intel network card? I do not think Intel is after my bitcoin, only hackers are.
legendary
Activity: 3430
Merit: 3080
This is all just fantasy. Until someone actually does it, I won't believe it.

Too late. Look at the AMT Wikipedia article from the OP, it's been demonstrated about 2011 I think (although the specific flaw that team discovered was patched in more recent chipsets).

Really it's not such a different argument from using open source software; any hardware with a privately held design can have that design exploited by those that have access to those details (obtained with consent or not). Having open designs for hardware brings similar benefits to open software, namely a stable base from where something genuinely secure could be built. And there's another exciting possibility too: I think we might be 3D printing our own circuit boards within a decade, easily (possibly already happened, that field is a blur atm). Who knows, maybe we'll be able to do the same with processors within 2 decades.  
legendary
Activity: 2674
Merit: 2965
Terminated.
This is all just fantasy. Until someone actually does it, I won't believe it.
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
publish the sources and private keys
So the malicious hacker out there gets the power to take full control of any average users pc?
Still better than waiting for unknown hacker to steal the key and do the same in secrecy ?

Once sources and keys are published, the AMTs in Intel chipsets can be patched (and disabled) by the Open Source community. Now it is not even possible to fix the problem. Also, we don't really know what the embedded code actually does, since it is not open source.



legendary
Activity: 2087
Merit: 1015
publish the sources and private keys

So the malicious hacker out there gets the power to take full control of any average users pc?
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
This was discussed before and i forgot the relevant information about it.
It has to first be set up before it works like that. That is, if you mean the tool designed for system admins.
To sum it up you're not really in danger.
That is not true.

Any Windows application which contains proper Intel's keys and SGX code can activate the mechanism.

So it is essentially only necessary to make you download an *.exe file, which will activate AMT and install rootkit into it.
It's a beefed-up version of SONY's rootkit. But this time you have no way of detecting, controlling or removing it.

What's even better is that you have really no way of detecting what is inside of the *.exe ! The content of the application is completely encypted ! Isn't it simply beautifully fucked up ?

Source:
http://theinvisiblethings.blogspot.com/2013/09/thoughts-on-intels-upcoming-software.html

Intel has all of us royally screwed over. I would advise against buying *ANYTHING* from Intel, until they publish the sources and private keys or abolish AMT alltogether.

legendary
Activity: 2674
Merit: 2965
Terminated.
This was discussed before and i forgot the relevant information about it.
It has to first be set up before it works like that. That is, if you mean the tool designed for system admins.
To sum it up you're not really in danger. You're actually more likely to get infected by an USB driver due to the vulnerability found on the USB standard (and the chances for this are slim-none).
legendary
Activity: 1470
Merit: 1006
Bringing Legendary Har® to you since 1952
At least we still safe right now if we completely turned off our computers
And is encrypt our files still can protect it ?

Simply encrypting anything won't work. The Intel AMT's processor has full access to everything your normal CPU has. And it has higher privileges !

As previously stated, using a non-Intel network card inserted into PCI/PCIe slot should at least disable the possibility of remote activation.

However, once somebody working for NSA/CIA/FBI/other TLAs stays with your machine in the same room, you have to essentially throw the mainboard away, as there is absolutely no way of either detecting or disabling a rootkit once it is installed in Intel's AMT.

A rootkit can be installed via USB for example. USB is vulnerable - regardless of what operating system you are running.
legendary
Activity: 2087
Merit: 1015
And is encrypt our files still can protect it ?

But, if the computer was on when the files got encrypted then they know the private key! /s
sr. member
Activity: 252
Merit: 251
Knowledge its everything
At least we still safe right now if we completely turned off our computers
And is encrypt our files still can protect it ?

Government always spying us everytime & everywhere Angry
sr. member
Activity: 474
Merit: 500
Or go only online over W-LAN - and plugoff the lancable.
Best regards
Christian
legendary
Activity: 2087
Merit: 1015
Mentally it was not easy to say the least to accept reality... however I found a really simple and positive attitude to handle psychologically the situation... In short Zuckerberg is very close to the truth... why hide? So my simple solution is to consider my computer like a screen in a local market... I write what I think, what I assume when I write it, but the next sec... who knows I may have changed my mind... or it may have been trolling Cheesy. Some people will hate what I write, others will love it... Then as your freedom of speech is guaranteed by the same Faith shared by the USMIIC, those that will stand in your path of expression will discover that their only outcome is their own death.

101: I don't believe in screen based love. Or you are with or you aren't 101. and they emits electro magnetic field...



but yes a laptop with wifi physically removed + emf shielded + battery charger and then only plug in the battery to the laptop shall do it for a secure cold wallet?
I don't even know what I just read.
full member
Activity: 182
Merit: 123
"PLEASE SCULPT YOUR SHIT BEFORE THROWING. Thank U"
Mentally it was not easy to say the least to accept reality... however I found a really simple and positive attitude to handle psychologically the situation... In short Zuckerberg is very close to the truth... why hide? So my simple solution is to consider my computer like a screen in a local market... I write what I think, what I assume when I write it, but the next sec... who knows I may have changed my mind... or it may have been trolling Cheesy. Some people will hate what I write, others will love it... Then as your freedom of speech is guaranteed by the same Faith shared by the USMIIC, those that will stand in your path of expression will discover that their only outcome is their own death.

101: I don't believe in screen based love. Or you are with or you aren't 101. and they emits electro magnetic field...



but yes a laptop with wifi physically removed + emf shielded + battery charger and then only plug in the battery to the laptop shall do it for a secure cold wallet?
legendary
Activity: 2087
Merit: 1015
Wow this is actually really useful never thought about it! Thanks OP!
What might it be useful, to us, for?
full member
Activity: 129
Merit: 100
Wow this is actually really useful never thought about it! Thanks OP!
legendary
Activity: 1456
Merit: 1010
Ad maiora!
You know...most people are law abiding and harmless, and we expect our govt. to protect us. If NSA CIA etc. would simply show that they can have some positive impact for the regular old honest citizen they might win a few supporters. The Romans had no problem conquering the world because they brought roads and aqueducts and generally improved the quality of life for the nations they took over. Those people loved them for it.

If NSA etc. would simply use their over-reaching rights-smashing powers to do the average joe a little good, like say BUSTING A FEW HACKERS! then they would be heroes overnight. Imagine that hacking becomes an act of terrorism in the law's eyes, and every shitty Russian hacker who steals coins gets busted and thrown into some dark prison for torture and death. also coins returned to victims... I personally would throw up my hands and say "you know what guys, these NSA dudes aren't so bad after all"

I know they have the capabilities to do it. just throw up a 1-800-GOT-HACKED? helpline, retrieve a few stolen BTC and make life miserable for anyone daring to hack anything and people might not mind them quite as much. Nobody complains about cops when they do their fucking job, its only when they start breaking the law themselves, bust innocent people, and ignore real crime that we all get sick.

I guess NSA doesn't need to do anything like this since they already own us and there's nothing we can do about it, but a little help from above would be awful nice. Too bad all they care about is making wars.
Vod
legendary
Activity: 3668
Merit: 3010
Licking my boob since 1970
Most of new Intel chipsets have a deliberately built-in backdoor that allows :
  • Remote access to your machine even when computer is turned off (but plugged to power & network socket).
I use wifi for my internet connection.  That shouldn't be vulnerable, right?[/list]
newbie
Activity: 56
Merit: 0
There are few projects underway for completely open ISA and processor designs.
I think that bitcoiners should be aware of this as hacker mentality is prevalent in this community.

The ISA is called RISC-V, it's very modular and flexible for future extensions:
http://riscv.org/
https://en.wikipedia.org/wiki/RISC-V

The open processor designs based on it are called Shakti and promise to be competitive perf/Watt:
http://rise.cse.iitm.ac.in/shakti.html
http://www.slideshare.net/smadhu2048/shakti-public

There is also a small board project called LowRISC from creators of RaspberryPi
http://www.lowrisc.org/
legendary
Activity: 1143
Merit: 1000
open-source hardware is some years behind the current generation... I've always been thinking about this vPro component on Intel processors, perhaps we should look at Richard Stallman options: https://stallman.org/stallman-computing.html

or just use computers like raspberry pi or intel that does not have vPro to do important tasks till we have a solution.
newbie
Activity: 48
Merit: 0
Should I start to believe in reddit conspiracies or something ?

The simple fact that Reddit is a no free speech zone with heavy censorship and control is NOT new. It has been that way for a very, very long time. It is not surprising that topics like this one get censored from Reddit.

http://somethingsurprising.blogspot.co.uk/2012/02/why-this-might-become-reddit-free-zone.html

https://howgoodisthat.wordpress.com/2012/04/27/political-censorship-and-moderator-bias-on-reddit-com/

http://www.washingtonsblog.com/2013/08/redditors-furious-that-reddit-censors-alternative-media.html

http://www.newscorpse.com/ncWP/?p=10981
Pages:
Jump to: