Using Intel CPU and Motherboard ? Your Bitcoins may be in actual danger.

[ShadowOfHarbringer]

This is probably one of these "Elephant in the room" topics.
Everybody knows it, but nobody talks about it.

Most of new Intel chipsets have a deliberately built-in backdoor that allows :

• Remote access to your machine even when computer is turned off (but plugged to power & network socket). Intel's AMT is actually active when computer's power button is OFF.
• Hiding code of some apps & malware from the running system using sophisticated DRM scheme
• Installing a rootkit / trojan that cannot be removed even if the disk, RAM memory and BIOS are all wiped out clean.
• Run signed JAVA code outside of CPU !

What's more:

• It works outside of the control of CPU, system and BIOS
• It's closed source (obviously)
• Intel doesn't want to say how it works
• Intel (so NSA & US govt too) has secret keys, using which they can totally control your machine with totally no way of you detecting it
• It cannot be turned completely OFF (there is a BIOS switch, but as proven - it does not work fully)

Please upvote me on reddit:
http://www.reddit.com/r/Bitcoin/comments/2ri5a9/if_you_are_using_newer_intel_mainboard_with_intel/ (reddit thread got silently mod-removed again !)

Sources:
http://en.wikipedia.org/wiki/Intel_Active_Management_Technology
https://www.fsf.org/blogs/community/active-management-technology
http://theinvisiblethings.blogspot.com/2013/08/thoughts-on-intels-upcoming-software.html
http://theinvisiblethings.blogspot.com/2013/09/thoughts-on-intels-upcoming-software.html

Related:
Discussion on polish Bitcoin forum:
https://forum.bitcoin.pl/viewtopic.php?f=16&t=16562
One of polish biggest IT news sites:
http://www.dobreprogramy.pl/Komputery-z-procesorami-Intela-sa-kontrolowane-przez-Intela,News,60132.html
https://twitter.com/rosyna/status/550702351703875584

PS.
Intel has been working on this technology for over 15 years, so their hands are deep in shit. They cannot be trusted (unless they publish the private keys and the source of the binary blobs they built in their systems).
Proof:
http://en.wikipedia.org/wiki/Trusted_Computing
http://www.theregister.co.uk/2002/06/25/why_intel_loves_palladium/
http://www.bluehaze.com.au/unix/palladium.html

(Yeah, this stuff is REALLY old, they have been working on screwing us over together with Microsoft for a looooooooong time)

EDIT:
Apparently for the remote control to work, you also need to have Intel network card, so not using any Intel network hardware should keep you safe - at least from remote attack.

[1714684382]

1714684382

[1714684382]

1714684382

[1714684382]

1714684382

[1714684382]

1714684382

[GreekBitcoin]

How do we know that AMD doesnt have something similar?

What can one do since it is a monopoly?

[erre]

How do we know that AMD doesnt have something similar?

What can one do since it is a monopoly?

Pen and paper


...or build your own CPU

[ShadowOfHarbringer]

How do we know that AMD doesnt have something similar?

We don't. But apparently, even if they have something, it is nowhere near the level of complexity and sophistication of Intel's technology.
Intel has a goddamn separate CPU that you can run apps (think rootkits) on.

And this special CPU has higher priority when it comes to control of the system than normal CPU. This is disgusting.

[NeuroticFish]

Make sure that you have a router with ARM CPU, linux and configured by yourself. Then you are at least safe when the computer is closed.


Of course, the safest is to keep it unplugged or at least not connected to internet

[ShadowOfHarbringer]

For remote access, a cooperating network interface is required: Intel ethernet adapters, Intel WiFi adapters, and certain 3G modems are supported. If you can, replace Intel-made network interfaces with ones made by a different manufacturer, that do not support AMT.

Apparently for the remote control to work, you also need to have Intel network card, so not using any Intel network hardware should keep you safe from remote attack.

[erre]

I am not tech-savy enough for all this stuff, but I hate to have gov/companies backdoors on my devices.

Are smartphone/tablets supposed to be secure? I rarely turn on my pc nowdays..

[siameze]

And this special CPU has higher priority when it comes to control of the system than normal CPU. This is disgusting.

It is, rather like Sony secretly installing rootkits as part of their DRM program. Upvoted you on reddit good Sir.

[ShadowOfHarbringer]

My reddit thread got silent-removed even though i had like 50 upvotes ?
How the hell does reddit moderation work ?

Should I start to believe in reddit conspiracies or something ?

[Carlton Banks]

My reddit thread got silent-removed even though i had like 50 upvotes ?
How the hell does reddit moderation work ?

Should I start to believe in reddit conspiracies or something ?

I don't think it's any secret that reddit has long had corporate backers, but without knowing why the mods removed the thread, it's total speculation. Either way, it makes a mockery of the whole upvote/downvote system, reddit needs a decentalised/uncensorable FOSS clone to supersede the compromised original.

[cakir]

There's always risks of course, They always want MOAR data about us.
I'm using an offline old computer (pentium 4 cpu and runs original XP-not cracked) to save my BTC
I'm thinking to build a mobile&secure wallet with open source hardwares.

[siameze]

My reddit thread got silent-removed even though i had like 50 upvotes ?
How the hell does reddit moderation work ?

Should I start to believe in reddit conspiracies or something ?

I don't think it's any secret that reddit has long had corporate backers, but without knowing why the mods removed the thread, it's total speculation. Either way, it makes a mockery of the whole upvote/downvote system, reddit needs a decentalised/uncensorable FOSS clone to supersede the compromised original.

+1 to a decentalised/uncensorable FOSS clone. reddit is definitely not what it was in the "good ole days".

[MarketNeutral]

I wish I had something encouraging to say about this, but I don't. Nevertheless, I am incredibly thankful to ShadowOfHarbringer for bringing this horror to more people's attention. The implications are staggering.

[erre]

No one will care until its too late.

I care, but i'm the average Joe,  what can I do?

[Christian1998]

AMD-User ^^
But why dont plug-off the computer / laptop ?!

Best regards

[Carlton Banks]

But why dont plug-off the computer / laptop ?!

Have you heard of power-over-ethernet?

[jl2012]

But why dont plug-off the computer / laptop ?!

Have you heard of power-over-ethernet?

Use an external laptop battery charger so your off-line laptop will never connect to the power socket.

And don't forget to wrap the laptop and your head with tinfoil

[Carlton Banks]

But why dont plug-off the computer / laptop ?!

Have you heard of power-over-ethernet?

Use an external laptop battery charger so your off-line laptop will never connect to the power socket.

And don't forget to wrap the laptop and your head with tinfoil

Not ethernet-over-power, power-over-ethernet. It's called grammar: the order in which words are placed determines their meaning. Give it a try sometime.   

[siameze]

AMD-User ^^
But why dont plug-off the computer / laptop ?!

Best regards

Wake-On-LAN (WOL) can  be used to turn on/off devices remotely. I can't remember where the links are, but a few DELL servers had this auto enabled from the factory.

[newIndia]

The Q is, how Intel will get to know which machine is to attack ? Moreover, all online bank accounts and credit or debit cards are also exposed to this vulnerability.