| Aaron Mulder on 6 Jan 2018 10:23:07 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Intel SA-00086 critical BIOS update |
See, for instance, the end of section 1.1:
https://spectreattack.com/spectre.pdf
I didn't see it in here, https://meltdownattack.com/meltdown.pdf ,
though maybe someone else came up with one?
Thanks,
Aaron
On Sat, Jan 6, 2018 at 1:16 PM, Will <staticphantom@gmail.com> wrote:
> I believe that was Meltdown Aaron.
>
> -Will C
>
> On Jan 6, 2018 1:15 PM, "Aaron Mulder" <ammulder@alumni.princeton.edu>
> wrote:
>>
>> Though the Spectre paper included a JavaScript exploit, right? So I
>> would think a laptop would be vulnerable to that much, at least. It
>> seems like browsers are deploying defenses, but it's not clear to me
>> that there couldn't be other remote attack vectors.
>>
>> Thanks,
>> Aaron
>>
>>
>> On Sat, Jan 6, 2018 at 12:57 PM, Michael Lazin <microlaser@gmail.com>
>> wrote:
>> > Thanks, I saw that after the fact. I just panicked when I realized my
>> > laptop is not getting patched anytime soon. I see the exploit only
>> > effects it if someone has physical access, or remote management is
>> > enabled.
>> > I just like to be proactive about security, it's a tinge of paranoia I
>> > suppose, thanks.
>> >
>> > On Sat, Jan 6, 2018 at 12:48 PM, Ronald Guilmet <ronpguilmet@gmail.com>
>> > wrote:
>> >>
>> >> My laptops were automatically patched for me with my updates (Dell and
>> >> HP). I did a cursory read on Intel's site, and it said the attacker
>> >> needs
>> >> physical access to inject the malicious code, so I'm not worried. Given
>> >> that
>> >> the majority of all IT attacks come from published CVEs, you should
>> >> make
>> >> sure it is addressed. If you have cloud servers like Linode, I wouldn't
>> >> be
>> >> concerned. I'm sure they will address those issues. If you have your
>> >> own
>> >> hardware in a data-center you will have to check that yourself. Maybe I
>> >> misread something, but this doesn't seem like anything you need to jump
>> >> out
>> >> of bed and run red lights for.
>> >>
>> >>
>> >> Ron
>> >>
>> >>
>> >> On 1/6/2018 11:29 AM, Michael Lazin wrote:
>> >>
>> >> I ran this on my 3 intel home computers and found that one was
>> >> vulnerable,
>> >> one was not, and one could not be detected. The vulnerable machine is
>> >> an
>> >> older laptop and there is no patch available from the manufacturer at
>> >> this
>> >> time. I did find this article on disabling the the vulnerable engine:
>> >>
>> >>
>> >>
>> >> https://hothardware.com/news/researchers-figured-out-how-to-turn-off-intel-management-engine-11-thanks-to-nsa
>> >>
>> >> I cloned the code from github, but I am loathe to run unverified python
>> >> code as root that might damage hardware. Does anyone else have a
>> >> better
>> >> suggestion on securing an old laptop which runs Ubuntu and does not
>> >> have a
>> >> patch? Thanks.
>> >>
>> >> On Sat, Jan 6, 2018 at 9:52 AM, Lee H. Marzke <lee@marzke.net> wrote:
>> >>>
>> >>> Looks like this issue is related to Meltdown / Spectre exploits in
>> >>> the
>> >>> Intel management engine or trusted platform.
>> >>>
>> >>> There is a downloadable tool for Linux and Windows to test you BIOS
>> >>> for
>> >>> the vulnerability.
>> >>>
>> >>>
>> >>> https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
>> >>>
>> >>> Mostly affects corporate platforms which have remote management or
>> >>> TPM
>> >>> enabled,
>> >>> not home computers. Many older laptops, servers, etc may be
>> >>> un-fixable do
>> >>> to lack of BIOS upgrades.
>> >>>
>> >>> Most attacks may require physical access to computer, or an available
>> >>> remote management cert, so
>> >>> perhaps this isn't as bad as first appears for older computers.
>> >>>
>> >>> Lee
>> >>>
>> >>>
>> >>> --
>> >>> "Between subtle shading and the absence of light lies the nuance of
>> >>> iqlusion..." - Kryptos
>> >>>
>> >>> Lee Marzke, lee@marzke.net http://marzke.net/lee/
>> >>> IT Consultant, VMware, VCenter, SAN storage, infrastructure, SW CM
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>>
>> >>> ___________________________________________________________________________
>> >>> Philadelphia Linux Users Group --
>> >>> http://www.phillylinux.org
>> >>> Announcements -
>> >>> http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> >>> General Discussion --
>> >>> http://lists.phillylinux.org/mailman/listinfo/plug
>> >>>
>> >>
>> >>
>> >>
>> >> --
>> >> Michael Lazin
>> >>
>> >> to gar auto estin noein te kai ennai
>> >>
>> >>
>> >>
>> >>
>> >> ___________________________________________________________________________
>> >> Philadelphia Linux Users Group --
>> >> http://www.phillylinux.org
>> >> Announcements -
>> >> http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> >> General Discussion --
>> >> http://lists.phillylinux.org/mailman/listinfo/plug
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> ___________________________________________________________________________
>> >> Philadelphia Linux Users Group --
>> >> http://www.phillylinux.org
>> >> Announcements -
>> >> http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> >> General Discussion --
>> >> http://lists.phillylinux.org/mailman/listinfo/plug
>> >>
>> >
>> >
>> >
>> > --
>> > Michael Lazin
>> >
>> > to gar auto estin noein te kai ennai
>> >
>> >
>> > ___________________________________________________________________________
>> > Philadelphia Linux Users Group --
>> > http://www.phillylinux.org
>> > Announcements -
>> > http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> > General Discussion --
>> > http://lists.phillylinux.org/mailman/listinfo/plug
>> >
>>
>> ___________________________________________________________________________
>> Philadelphia Linux Users Group --
>> http://www.phillylinux.org
>> Announcements -
>> http://lists.phillylinux.org/mailman/listinfo/plug-announce
>> General Discussion --
>> http://lists.phillylinux.org/mailman/listinfo/plug
>
>
> ___________________________________________________________________________
> Philadelphia Linux Users Group -- http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
>
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug