[tor-talk] Intel ME / AMT + NSL vs Tor Nodes

Ivan Markin twim at riseup.net
Fri Dec 23 02:23:00 UTC 2016


podmo:
> I'm going to rely on Intel not wanting to sabotage their own company but
> still wish they would provide better documentation and while I'm at it, an
> easily accessible jumper or BIOS switch to disable it. Meanwhile, I'll
> focus on standard security practices such as OS hardening, network
> firewalling, sandboxing, etc. I'm fully prepared to retract this if actual
> evidence shows up but at this point all of these have a better ROI against
> attackers than chasing shadows or worrying about FUD.

They won't deliberately add backdoor whatsoever. This is just a
proprietary hypervisor:

Roman Mamedov:
> it's still a separate computer in your CPU, running proprietary
> code, and having full read/write access to your RAM. It can mess with
> your apps, OS and security in all sorts of interesting ways, and you
> can NOT be absolutely certain that it doesn't.

And it has bugs that can be exploited. Remotely. By anyone (there is no
such a thing as NOBUS). If they're exploited then *ALL* your
firewalls/sandboxes/whatever are meaningless. This won't seize to be a
problem if you focus on other problems. Both should be solved.

--
Ivan Markin


More information about the tor-talk mailing list