From 97d640a514e5c3e16c7c2854fbc16c9caaea3b1e Mon Sep 17 00:00:00 2001 From: Rohan Kumar Date: Tue, 22 Feb 2022 22:37:53 -0800 Subject: [PATCH] First-party link to Black Hat presentation --- content/posts/floss-security.gmi | 2 +- content/posts/floss-security.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/posts/floss-security.gmi b/content/posts/floss-security.gmi index 8135cba..a943dbd 100644 --- a/content/posts/floss-security.gmi +++ b/content/posts/floss-security.gmi @@ -148,7 +148,7 @@ Skochinsky's and Corna's analysis was sufficient to clarify (but not completely While claims such as "ME is a black box that can do anything" are misleading, ME not without its share of vulnerabilities. My favorite look at its issues is a presentation by Mark Ermolov and Maxim Goryachy at Black Hat Europe 2017: -=> https://papers.put.as/papers/firmware/2017/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine. +=> https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine. In short: ME being proprietary doesn't mean that we can't find out how (in)secure it is. Binary analysis when paired with runtime inspection can give us a good understanding of what trade-offs we make by using it. While ME has a history of serious vulnerabilities, they're nowhere near what borderline conspiracy theories claim.ยนยน diff --git a/content/posts/floss-security.md b/content/posts/floss-security.md index 03787f2..93ad293 100644 --- a/content/posts/floss-security.md +++ b/content/posts/floss-security.md @@ -125,7 +125,7 @@ Unfortunately, some components are poorly understood due to being obfuscated usi Skochinsky's and Corna's analysis was sufficient to clarify (but not completely contradict) sensationalism claiming that ME can remotely lock any PC (it was a former opt-in feature), can spy on anything the user does (they clarified that access is limited to unblocked parts of the host memory and the integrated GPU, but doesn't include e.g. the framebuffer), etc. -While claims such as "ME is a black box that can do anything" are misleading, ME not without its share of vulnerabilities. My favorite look at its issues is a presentation by Mark Ermolov and Maxim Goryachy at Black Hat Europe 2017: [How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine](https://papers.put.as/papers/firmware/2017/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf). +While claims such as "ME is a black box that can do anything" are misleading, ME not without its share of vulnerabilities. My favorite look at its issues is a presentation by {{}} and {{}} at Black Hat Europe 2017: [How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine](https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf). In short: ME being proprietary doesn't mean that we can't find out how (in)secure it is. Binary analysis when paired with runtime inspection can give us a good understanding of what trade-offs we make by using it. While ME has a history of serious vulnerabilities, they're nowhere near what [borderline conspiracy theories](https://web.archive.org/web/20210302072839/themerkle.com/what-is-the-intel-management-engine-backdoor/) claim.[^11]