[clug] Intel Management Engine MINIX

George at Clug Clug at goproject.info
Sun Feb 24 05:23:17 UTC 2019 

Bryan,


I am not that concerned about the security implications of the Intel
Management Engine MINIX.


If your computer is connected to the internet, then I am sure there a
many ways that access can be gained to my computer, if an actor really
saw value in my device/data.



>From my observations of attacks over my IT career, in general people
are attacked, not by sophisticated backdoors resulting from NSA (think
CISCO switches) or other high level vulnerabilities such as Meltdown,
Spectre, UEFI, etc, but from simple, easy to avoid mistakes, such as
falling prey to Phishing emails (about the biggest issue), poor
password practices, using untrustworthy sites, downloading software
from non-professional sites, not applying basic security to their
computer systems (e.g. to modems, web servers or any other type of
server; suitable firewall settings, not checking logs, not configuring
software correctly, not removing old settings that are no longer used.
I am sure the list goes further than my short list.



So in short, keep and eye on the simple things that you do, maintain
good password practices and firewalls, then sleep peacefully at night.
Otherwise you could always disconnect your valuable data from the
internet, never allowing access to it other than from you keyboard.



https://www.csoonline.com/article/3203804/security/know-your-enemy-understanding-threat-actors.html


https://www.beyondtrust.com/blog/entry/difference-between-a-threat-actor-hacker-attacker


	* Threat Actor: According to Tech Target [1], “a threat actor, also
called a malicious actor, is an entity that is partially or wholly
responsible for a security incident [2] that impacts – or has the
potential to impact – an organization's security.” 
	* Hacker: According to Wikipedia [3], “In computing [4], a hacker
is any skilled computer expert that uses their technical knowledge to
overcome a problem. While "hacker" can refer to any computer
programmer [5], the term has become associated in popular culture [6]
with a "security hacker [7]", someone who, with their technical
knowledge, uses bugs [8] or exploits [9] to break into computer
systems. 
	* Attacker: According to Wikipedia [10], “In computer [11] and
computer networks [12] an attack is any attempt to destroy, expose,
alter, disable, steal or gain unauthorized access to or make
unauthorized use of an asset.” Thus, an attacker is the individual
or organization performing these malicious activities. 


https://whatis.techtarget.com/definition/threat-actor
A threat actor, also called a malicious actor, is an entity that is
partially or wholly responsible for an incident [13] that impacts –
or has the potential to impact -- an organization's security. 



George


On Sunday, 24-02-2019 at 14:09 Bryan Kilgallin via linux wrote:


Thanks, George:

> https://fossbytes.com/minix-worlds-most-popular-os-threat/
> “Intel takes the integrity of its products very seriously. Intel
> does not put back doors in its products nor do our products give
Intel
> control or access to computing systems without the explicit
permission
> of the end user,” he wrote in a blog post [1].

Surely if NSA wants a backdoor, it gets a backdoor!

>
https://www.networkworld.com/article/3236064/servers/minix-the-most-popular-os-in-the-world-thanks-to-intel.html
> 
> 
> But here’s the crazy part: That’s not the only operating system
> you’re running.
> 
> 
> 
> If you have a modern Intel CPU (released in the last few years) with
> Intel’s Management Engine [2] built in, you’ve got another
> complete operating system running that you might not have had any
clue
> was in there: MINIX [3].

{Since 2008, most of Intel’s chipsets have contained a tiny
homunculus 
computer called the “Management Engine” (ME).}

https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it

According to Wikipedia, my tower-PC's Intel Core 2 DUO CPU E4700 was 
released in March 2008. And my laptop's Intel Core i5-@%@)M was
released 
in February 2011. So both include the ME.

{There are two places to disable AMT feature
1. In BIOS, Advance chipset Feature ->Intel AMT (Enabled,Disabled)
2.CTRL+P to go AMT Menu(Inte ME Control state(Enabled,Disabled)}

https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/285926

Unfortunately for both computers, I couldn't find that BIOS item, or
get 
control-P to work as above!
-- 
members.iinet.net.au/~kilgallin/

-- 
linux mailing list
linux at lists.samba.org
https://lists.samba.org/mailman/listinfo/linux



Links:
------
[1] http://whatis.techtarget.com/definition/threat-actor
[2]
http://whatis.techtarget.com/definition/security-event-security-incident
[3] https://en.wikipedia.org/wiki/Hacker
[4] https://en.wikipedia.org/wiki/Computing
[5] https://en.wikipedia.org/wiki/Programmer
[6] https://en.wikipedia.org/wiki/Popular_culture
[7] https://en.wikipedia.org/wiki/Security_hacker
[8] https://en.wikipedia.org/wiki/Bug_(computing)
[9] https://en.wikipedia.org/wiki/Exploit_(computer_security)
[10] https://en.wikipedia.org/wiki/Attack_(computing)
[11] https://en.wikipedia.org/wiki/Computer
[12] https://en.wikipedia.org/wiki/Computer_network
[13]
https://whatis.techtarget.com/definition/security-event-security-incident

More information about the linux mailing list