Using Intel CPU and Motherboard ? Your Bitcoins may be in actual danger.

[Carlton Banks]

One thing I'm struggling with here: Intel AMT is a part of the motherboard chipset for laptops as well as desktops and servers. The typical server could get some pretty significant utility out of AMT: remote power cycling might not get used every day, but that capability would be highly valuable if or when it was needed.

So, who leaves their laptop behind them someplace, ethernet connected to a router, just in case they need to remotely flash a new BIOS revision in an emergency!? It just can't wait till you get back to do it, and of course you're not taking the laptop (read: portable computer...) with you, despite the danger that you'll desperately need to power it off and change the boot order of your disks? Can anyone think of a realistic usage for this technology in a laptop?

[oyvinds]

Should I start to believe in reddit conspiracies or something ?

The simple fact that Reddit is a no free speech zone with heavy censorship and control is NOT new. It has been that way for a very, very long time. It is not surprising that topics like this one get censored from Reddit.

http://somethingsurprising.blogspot.co.uk/2012/02/why-this-might-become-reddit-free-zone.html

https://howgoodisthat.wordpress.com/2012/04/27/political-censorship-and-moderator-bias-on-reddit-com/

http://www.washingtonsblog.com/2013/08/redditors-furious-that-reddit-censors-alternative-media.html

http://www.newscorpse.com/ncWP/?p=10981

[Reynaldo]

open-source hardware is some years behind the current generation... I've always been thinking about this vPro component on Intel processors, perhaps we should look at Richard Stallman options: https://stallman.org/stallman-computing.html

or just use computers like raspberry pi or intel that does not have vPro to do important tasks till we have a solution.

[VectorChief]

There are few projects underway for completely open ISA and processor designs.
I think that bitcoiners should be aware of this as hacker mentality is prevalent in this community.

The ISA is called RISC-V, it's very modular and flexible for future extensions:
http://riscv.org/
https://en.wikipedia.org/wiki/RISC-V

The open processor designs based on it are called Shakti and promise to be competitive perf/Watt:
http://rise.cse.iitm.ac.in/shakti.html
http://www.slideshare.net/smadhu2048/shakti-public

There is also a small board project called LowRISC from creators of RaspberryPi
http://www.lowrisc.org/

[Vod]

Most of new Intel chipsets have a deliberately built-in backdoor that allows :

• Remote access to your machine even when computer is turned off (but plugged to power & network socket).
  

I use wifi for my internet connection.  That shouldn't be vulnerable, right?[/list]

[gogxmagog]

You know...most people are law abiding and harmless, and we expect our govt. to protect us. If NSA CIA etc. would simply show that they can have some positive impact for the regular old honest citizen they might win a few supporters. The Romans had no problem conquering the world because they brought roads and aqueducts and generally improved the quality of life for the nations they took over. Those people loved them for it.

If NSA etc. would simply use their over-reaching rights-smashing powers to do the average joe a little good, like say BUSTING A FEW HACKERS! then they would be heroes overnight. Imagine that hacking becomes an act of terrorism in the law's eyes, and every shitty Russian hacker who steals coins gets busted and thrown into some dark prison for torture and death. also coins returned to victims... I personally would throw up my hands and say "you know what guys, these NSA dudes aren't so bad after all"

I know they have the capabilities to do it. just throw up a 1-800-GOT-HACKED? helpline, retrieve a few stolen BTC and make life miserable for anyone daring to hack anything and people might not mind them quite as much. Nobody complains about cops when they do their fucking job, its only when they start breaking the law themselves, bust innocent people, and ignore real crime that we all get sick.

I guess NSA doesn't need to do anything like this since they already own us and there's nothing we can do about it, but a little help from above would be awful nice. Too bad all they care about is making wars.

[L3G1T]

Wow this is actually really useful never thought about it! Thanks OP!

[bitspill]

Wow this is actually really useful never thought about it! Thanks OP!

What might it be useful, to us, for?

[BitMos]

Mentally it was not easy to say the least to accept reality... however I found a really simple and positive attitude to handle psychologically the situation... In short Zuckerberg is very close to the truth... why hide? So my simple solution is to consider my computer like a screen in a local market... I write what I think, what I assume when I write it, but the next sec... who knows I may have changed my mind... or it may have been trolling . Some people will hate what I write, others will love it... Then as your freedom of speech is guaranteed by the same Faith shared by the USMIIC, those that will stand in your path of expression will discover that their only outcome is their own death.

101: I don't believe in screen based love. Or you are with or you aren't 101. and they emits electro magnetic field...



but yes a laptop with wifi physically removed + emf shielded + battery charger and then only plug in the battery to the laptop shall do it for a secure cold wallet?

[bitspill]

Mentally it was not easy to say the least to accept reality... however I found a really simple and positive attitude to handle psychologically the situation... In short Zuckerberg is very close to the truth... why hide? So my simple solution is to consider my computer like a screen in a local market... I write what I think, what I assume when I write it, but the next sec... who knows I may have changed my mind... or it may have been trolling . Some people will hate what I write, others will love it... Then as your freedom of speech is guaranteed by the same Faith shared by the USMIIC, those that will stand in your path of expression will discover that their only outcome is their own death.

101: I don't believe in screen based love. Or you are with or you aren't 101. and they emits electro magnetic field...



but yes a laptop with wifi physically removed + emf shielded + battery charger and then only plug in the battery to the laptop shall do it for a secure cold wallet?

I don't even know what I just read.

[Christian1998]

Or go only online over W-LAN - and plugoff the lancable.
Best regards
Christian

[sandykho47]

At least we still safe right now if we completely turned off our computers
And is encrypt our files still can protect it ?

Government always spying us everytime & everywhere

[bitspill]

And is encrypt our files still can protect it ?

But, if the computer was on when the files got encrypted then they know the private key! /s

[ShadowOfHarbringer]

At least we still safe right now if we completely turned off our computers
And is encrypt our files still can protect it ?

Simply encrypting anything won't work. The Intel AMT's processor has full access to everything your normal CPU has. And it has higher privileges !

As previously stated, using a non-Intel network card inserted into PCI/PCIe slot should at least disable the possibility of remote activation.

However, once somebody working for NSA/CIA/FBI/other TLAs stays with your machine in the same room, you have to essentially throw the mainboard away, as there is absolutely no way of either detecting or disabling a rootkit once it is installed in Intel's AMT.

A rootkit can be installed via USB for example. USB is vulnerable - regardless of what operating system you are running.

[Lauda]

This was discussed before and i forgot the relevant information about it.
It has to first be set up before it works like that. That is, if you mean the tool designed for system admins.
To sum it up you're not really in danger. You're actually more likely to get infected by an USB driver due to the vulnerability found on the USB standard (and the chances for this are slim-none).

[ShadowOfHarbringer]

This was discussed before and i forgot the relevant information about it.
It has to first be set up before it works like that. That is, if you mean the tool designed for system admins.
To sum it up you're not really in danger.

That is not true.

Any Windows application which contains proper Intel's keys and SGX code can activate the mechanism.

So it is essentially only necessary to make you download an *.exe file, which will activate AMT and install rootkit into it.
It's a beefed-up version of SONY's rootkit. But this time you have no way of detecting, controlling or removing it.

What's even better is that you have really no way of detecting what is inside of the *.exe ! The content of the application is completely encypted ! Isn't it simply beautifully fucked up ?

Source:
http://theinvisiblethings.blogspot.com/2013/09/thoughts-on-intels-upcoming-software.html

Intel has all of us royally screwed over. I would advise against buying *ANYTHING* from Intel, until they publish the sources and private keys or abolish AMT alltogether.

[bitspill]

publish the sources and private keys

So the malicious hacker out there gets the power to take full control of any average users pc?

[ShadowOfHarbringer]

publish the sources and private keys

So the malicious hacker out there gets the power to take full control of any average users pc?

Still better than waiting for unknown hacker to steal the key and do the same in secrecy ?

Once sources and keys are published, the AMTs in Intel chipsets can be patched (and disabled) by the Open Source community. Now it is not even possible to fix the problem. Also, we don't really know what the embedded code actually does, since it is not open source.

[Lauda]

This is all just fantasy. Until someone actually does it, I won't believe it.

[Carlton Banks]

This is all just fantasy. Until someone actually does it, I won't believe it.

Too late. Look at the AMT Wikipedia article from the OP, it's been demonstrated about 2011 I think (although the specific flaw that team discovered was patched in more recent chipsets).

Really it's not such a different argument from using open source software; any hardware with a privately held design can have that design exploited by those that have access to those details (obtained with consent or not). Having open designs for hardware brings similar benefits to open software, namely a stable base from where something genuinely secure could be built. And there's another exciting possibility too: I think we might be 3D printing our own circuit boards within a decade, easily (possibly already happened, that field is a blur atm). Who knows, maybe we'll be able to do the same with processors within 2 decades.