Spyware at The Hardware Level - Intel ME & AMD PSP
HTML-код
- Опубликовано: 3 окт 2024
- In this video I discuss the Intel Management Engine and AMD's Platform Security Processor, both of which are hardware level spyware embedded into their respective CPU's that have full control over the primary CPU that the user does their computing on. The control these management engines have over the primary CPU include
Ability to read and manipulate the contents of ram
Ability to read and manipulate data stored on your hard drive
a separate dedicated network connection that cannot be blocked with firewall rules
Ability to read and manipulate keystrokes and mouse movements
Ability to read and manipulate images on screen
Subscribe to my RUclips channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. ₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
"Intel Inside" wasn't about the company, it was about the intelligence agencies.
Ooh good point
Makes sense
Yeah like de decepticons that will deceive you
o no shit...right there in plain sight all these years
AMD been good at hiding it
I solve the security problem by storing critical sensitive information in my brain, then forgetting it.
have you read the torture vulnerability CVE?
Underrated thread
@@Walter_ That'll get you nowhere. You'd have better luck giving me drugs.
security by lack of memory
I always write my info down on physical papers in a safe. That way, at least they can't remotely compromise my info. Threat model: creepy companies
To keep your CPUs from spying on you, you just run them over
That's what you do.
they glow in the dark
Wow! It works!
The CPU's glow in the dark
or use computers from before 2008
"Bioluminescent" - Terry A Davis would be proud
Fucking godless glow in the dark CIA joggers
You just run them over.
Thats. What. You. Do.
@@NewCurryofthepast "joggers"
R.I.P 😔😔
RIP The greatest programmer who ever lived.
Pretty sure TempleOS automatically patches this with divine microcoding.
With assembler injections.
Can't hack you remotely if there's no network stack. Big brain time.
@@4.0.4 sure they can, its called jumping an airgap and there's plenty of ways to pick up your signals
a n i m e
n
i
m
e
Leet Trance you’re a close but not quite right there. All the airgap attacks I’ve ever read require to install the malware via USB ports, then extraction comes through different means. To this day (as we know) code can’t be injected over the exfiltration means depicted in those attacks
Intel's security model is actually much more advanced than Security by Obscurity. Their actual security model is called "Trust Me, Bro" and it works like this:
User: Intel, how can I know your system is secure?
Intel: Trust me, bro!
User: Can I see the source, so I can check for myself or let someone I trust check for me?
Intel: Nah, bro, just trust us!
There's actually instructions in Intel CPUs that we have no documentation on and no idea what they do. They were only found by a program designed to fuzz for these hidden instructions. There was a talk done on this at either CCC or Blackhat from what I can recall. If you can find it you should check it out. It's very interesting, and just shows that even the processor itself might have spyware we doing know about.
that reminds me of Saddam in south park
hey relax guy you need a rest
dont think about it, look over here
@@SyphistPrime ruclips.net/video/KrksBdWcZgQ/видео.html might be the video you are talking about. For anyone too lazy to search for it.
@@logistic-bot458 thank you, that looks like what I was talking about.
@Brendon O'Connell III a wild Brendon O'Connell has appeared
When you said “alphabet” I thought you meant Google not CIA, FBI, NSA... then I realized that was a distinction without a difference.
according to snowden files Google is a slave to the NSA due to the NationaSecurity Letter "trick". Its insane that a nation with this type of legal instrument thinks still thinks its a free democracy, but on the otherhand the DDR of germany called themself also "democratic" ;d
😆...
a t f
d e a
@@hyperhektor7733 you may laugh at DDR, but it was probably the most free country in the East block. Many people ever dreamt of visiting the East Berlin.
@@Midaspl i dont i am german, the people who got killed by the DDR never dreamed to stay ;). Sure they killed less, but it wa a full blown socialist county with all its typical downsides.
Poor MINIX, I worry it'll go down in history as "that spy OS used by Intel" despite it's long and proud career as an educational OS.
Oh hello Mr Intelligence agent!
Yeah CIA agent
What you doin here eh?
Minix is good for writing your own operating system
It's a shame, because I really like microkernels.
I mean it's the devs' fault for using a permissive license, now we all get to reap the benefits.
According to libreboot, anything from AMD's 15h architecture (Bulldozer) down should be fine, as they released the source code for them.
Also, I got an ad for a schizophrenia medication at the end of this video. Fancy that.
Is this an old architechture or is it modern?
@@johnnyblack4261 somewhat recent
Johnny Black 2011 and it was really not competitive. They paid out a suit for false advertising related to its performance too.
@@My_Old_YT_Account What about the most recent AMD processor, is the source code released for that?
You mean to say that prescription psychotropic drugs are advertised on youtube. Where can I get mine?
Intel Management Engine and AMD Platform Security runs at Ring -3, the most privileged ring in existence, and they are spywares indeed.
This should be made illegal
@@mycelia_owTrue that!
@@mycelia_ow The people that make things illegal are also the ones that made this happens.
rest in peace, terry. our greatest programmer.
Why?
Oniruddho Alam why what?
wait, is he dead?!
@@VeryVeryBlackGuy since 2018
@@VeryVeryBlackGuy he was run over by a train
Builds a truly "libre" computer; installs Windows 10.
Installs Google Chrome
@@QoraxAudio Installs the Epic Games launcher
@Mialisus Installs Microsoft Office
installs minecraft
connects to the internet
We're living in a 60s sci-fi writer's worst nightmare.
Yeah Such as george orwell 1984
1984 is nothing compared to the level of surveillance what you have today
Not quite. It's not compliance through force or fear, but rather through comfort and convenience.
Yep, Huxley's Brave New World fits better.
@@halphantom2274 its a mix of both
USA : accusing tiktok for collecting users data
Also USA : **looks away**
the us government is a very big hypocrite if you see their moves
Honestly I’m not that bothered with the feds monitoring google or whatever. Bad opinion, I know, but from what I understand about courts, they can’t use what they find by monitoring your internet in courts, as they weren’t obtained with a warrant. All they can really do is just watch. Besides, the FBI and NSA are _terrible_ at acting on intelligence. The CIA were monitoring the 9/11 hijackers, and still did nothing with info that would have stopped a war. They don’t care. Unless your working for foreign intelligence or are an internationally wanted criminal, they’re probably going to ignore you. Again though, I understand why people are upset, and I’m not saying that the anger they feel is wrong, but more that your data will be secure with them due to the sheer mass of drunk texts and disturbing pHub searches they have to sift through before hand.
@@boss_boy_ facts
@@boss_boy_ bold of you to assume they wanted to stop an event that got them more authority and money.
@@boss_boy_ They also brazenly prosecute innocents and fabricate, or at the very least frame evidence.
My grandpa worked for some part of his life in an encryption center for my country. He talked to me about stuff like this, I only vaguely remember it. I wish I was paying more attention back then.
The West has been doing this for decades. I think your grandfather was talking about Crypto AG which had a backdoor built into its encryption machines, so that the US, UK and West Germany could read top-secret messages of other countries.
I remember reading somewhere, that some guy managed to get an Intel processor to run with a modified BIOS that lacks the Management Engine microcode needed for it to run; the CPU was working flawlessly, except for ANY kind of IP functions not working in any OS. I think this alone tells everything you need to know about this thing.
IP as in the IP addresses?
IP stands for “Internet Protocol”
@@sylv512 I thought he meant "Intellectual Property".
@@NawidN DRM
That's scary. I'm glad I'm using an AMD machine.
"There isn't much you can do about it"
Reminds me if that line where a recalcitrant computer is threatened with a fire axe "I'll give you a reprogramming you won't forget".
Almost anyone can disable IME.
The clever thing is to disable it without disabling the rest of the CPU
@@idiosyncraticname h2o
@@idiosyncraticname Desolder it and throw it in the trash can
You wrote the one who didn't understand the original comment, don't be rude to the guy clearing up for you
@@GladiusTR ...I think we were all joking around? At least that's how I took it
It was Zaphod Beeblebrox using that reprogramming threat to Eddy, the shipboardcomputer of the starship Heart of Gold.
Yes, I know my classics 😊👍🏻🤝🏻🇳🇱
Protection Ring:
3: User Mode
2: Drivers
1: Drivers
0: Kernel
-1: Hypervisor (virtual machine)
-2: System Management Mode (operating system in the CPU)
-3: Intel Management Engine (remote administration in intel cpu's)
-4 matrix
@@tejassingh5344 please shut up
-7: its 7 because its hidden behind 7 proxies
@@tejassingh5344 -8 obama bin laden in a cave
-9 who let the dogs out
Aw man, time to build a room sized transistor computer out of soldered logic gates to run linux and avoid getting spied.
Jokes aside, great video
not a bad idea
“Siri logic gates put in room with solder how?”
DO IT. DO IT YOU COWARD (encouraging)
This takes the word "intel" to a whole new level.
Indeed.
"Bioluminescent"
10/10
I do believe one noted difference between Intel's ME and AMD's PSP, is that many of Intel's vulnerabilities were remotely exploitable where as AMD's required physical access. That is not an insignificant difference.
AMD motherboards, like Intel motherboards can still be compromised mid shipping
@@UnitAlir My point was about the discovered vulnerabilities in the platforms, not about in transit compromise.
I was wondering that. Because recording stuff isn't the same as transmitting stuff. The idea of every computer having a black box is different from a backdoor. Though it could be both.
@@UnitAlir I mean, if someone can manage that. I think that a compromised CPU is the least of your concerns.
Like, if someone has the ability to access a shipment and literally modify the CPU without even leaving any evidence (and without ruining it, for that matter). It may even be easier to swap it for something better at whatever the malicious intent was.
The most secured computer is a pocket calculator
0.7734
376006
Are you sure about that?
@Irish Bucket List Book Scam You are an obvious troll, how can you even backdoor something with no internet access?
325200 here is a number
@@xyzzy-dv6te what comment did eh say,
The solution is clearly to design my own motherboard, so I can be sure there aren't more hidden mics than usual
"I got a $5 wrench that says you will put theose microphones in" t. NSA
Intel ME (Mossad Entrance)
Where were these Intel chips designed?
Intel-aviv Mossad Entrance
@@glowiever based
@Saudi King Volintine Ander of Arabia I keep asking for a source but you dumb dumbs never provide one because it doesn't exist
@DSW22 Were the panama papers the time some journalist exposed tax evading companies and got killed by the CIA?
There are already some senators who like to use something like this to get access to every piece of encrypted data on a consumer device if necessary... So they want to force all vendors to build something like this kind of spyware into all devices. This means that buying any device in the US will be equal to buying a full access backdoor to your own data.
@@gvonc33 no shit человек
@@gvonc33 Its funny because the US gov think others won't use it against them.
What's the basic moral principles of don't do to others what you don't want them doing to yourself.
US gov be like: we can spy on you, but don't spy on us
@@gvonc33 great logic. Doesn't justify it.
It only ever has been about power.
I would rather buy Chinese
about the last phrase of the video: unfortunately the computer started being developed in a elite group in universities and in the military, only later it became widespread in 1st world countries specially, so: this kinds of backdoor is really worrysome (is that the right word?) but for me it isn't that surprising, i didn't knew it was intel ME a spyware all along but the concept of a intentional backdoor in all consumer hardware wasn't a new thing to me
@Irish Bucket List Book i think the best way to have your privacy is to do everything from the very start, even acquiring the minerals, sand and oil if possible, and also never using their stuff basically
That's not why things are like they are today.
2001 and the Brotherman bill is the reason. :)
Computers haven't always been insecure, but with an increase in disobedience they have been tightening their grip.
Win 11 for instance requires a camera and Bluetooth connectivity.
Covid might've been a ploy to limit real life interraction and normalise digital channels that can be monitored.
Now the virus is real, but how it came to be and the restrictions on the other hand might've been manufactured to have a certain effect.
@@MpSniperM1911 How are they going to hide spyware in the oil? It's going to be burned anyway.
Me: "I should upgrade my old Q6600 file server, it still works but starting to show it's age."
This video: "It's fine."
That's it, I'm dusting off my commodore 64.
I never stopped using mine.It never caught a virus in 30 years,and has never given away any personal data without my express permission.
My very first tablet phone ......attempted to share files with a laptop in the next room when it first powered up.After much research I identified the data as geoLocations.Why would it give this data to another UNRELATED UNIDENTIFIED computer?We need transparency from GOOGLE as to WHO can and DOES read this info.Bear in mind....the laptop in my house......was not the concern.
It is the other computers/networks it was sharing these geolocations with......and WHY.
So this was a 10 minute commercial for System 76
To be honest they deserve the exposure, it's a good company.
its quite a good company, though i am a bit dissapointed by the touchpad starting to fail fairly quickly
@@EnderCrypt I think they'll replace it for free
@@EnderCrypt that would definitely be covered by warranty
There's also Purism as well. Purism also makes computers that do not contain the Intel ME.
nope kernel runs on ring 0 on the main processor, rings 0 to 3 are actually implemented on the main processor (the one not of the Intel ME ) as a protection mechanism.
So if the IME has some power over the main processor and not viceversa it would be fair to call the "ring on which it runs" ring -1.
I was having similar thoughts.
Technically it operates on Ring -3, as System Managent Mode (a state of elevated control over the CPU) operates at Ring -2 since it can only operate while the computer is turned on. Because the ME is active even while your computer is turned off, it is considered to be the most privileged controller in your computer.
ring -1 is the hypervisor
Kind of except with Intel Vt-x the kernel runs on ring 0, the hypervisor runs on ring -1 and is virtualized, so then I guess the management engine is ring -2.
@@vasilis23456 I mean... from the perspective of being inside the virtual machine I guess so, I just consider ring 0 to be"where" a kernel not in a virtual machine runs.
It has been running the whole time on my computer and I didn't even know. Terrifying!
Same.
Wowie, thanks! Before, I wasn't really concerned because I thought "Sure, take my data, you won't be able to do shit with it anyway", but now the thought that someone at AMD could simply brick my PC remotely suddenly won't leave my head.
Not sure if you're being serious, but "Sure, take my data, you won't be able to do shit with it anyway" is a very concerning argument. What if you do have something to hide? Why wouldn't you want that option? The Jews in Amsterdam sure would have liked to have that right to privacy in 1939 to not have their religion be written down in the local government's administration. Like Edward Snowden said: "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say.".
en.wikipedia.org/wiki/Nothing_to_hide_argument
@@theundefinedx0018 good quote :)
Minix is free and open source thoe, the book for Minix form Prof. Tanenbaum has all the source code at the end of the book. The Intel ME runs a propietary fork of Minix I wouldn’t call it pure Minix.
In fact, what people often call “ME” is really Minix/ME, or, as I have taken to calling it, ME plus Minix.
yeah i've looked into minix before and it seems like a very interesting concept, unfortunately development has been at a standstill for almost 2 years now
christian murray awww shit i lost it lol
ME is just an appliance over the kernel. also, isn't Minix BSD license?
He said that basically verbatim
"There isn't much you can do about it":
A. I've thought of a cryptographic method that you could use to insulate your system's storage and memory from the ME. It's kinda complicated, and I dunno if any x86 os even supports it. However it is possible.
B. Use ARM. ARM mfgs get to see the HDL. So, if ARM was hiding anything mfgs would know and word would get out. ARM's business model is inherently safer than Intel's & AMD's.
C. If your protecting a nuclear ICBM silo in your backyard, you could use a high performance FPGA. An FPGA is like a programmable microchip. With an FPGA, you can design a CPU exactly how you like it. You don't actually need to design it yourself though. Just use an open source RISC-V core like the "Rocket Chip" or something.
I think it's important to note that the ME can't just record all of your data. If the FBI (or CIA if you're a foreigner), or someone who reverse engineered the ME were after you, they could leverage the engine to to collect data from you. It's not as if this is happening to people and nobody knows about it though. The data would need to be exfiltrated somehow, and somebody would notice that.
If you want to learn more about this I recommend Bunny Huangs Talk about "Open Source is Insufficient to Solve Trust Problems in Hardware" (you can find it on youtube). Even your own custom FPGA cannot be trusted completely. Of course, unless you are some really high profile target no one will bother to attack your custom chip, but I still think it's quite an interesting topic.
arm is also the future so thats pretty cool
or just plug an offboard LAN card
also, FPGAs also have firmware
what sneaky business you are doing anyway?
"a method that you could use to insulate your system's storage and memory from the ME. It's kinda complicated, and I dunno if any x86 os even supports it. "
a PlayStation4 would be such an example.
I found it heartwarming to know that Intel is so passionate about end-user experience. Silently. Watching. Always. 👁️👄👁️
let's bring that templeOS back bois
i have amog OS vm on my pc 😂
thankfully there are some groups that are working on open source CPU designs. once they become ussble we can move our sensitive info there !
Did this go anywhere in 2 years?
@@therealmrarchive well yes. not quite industry ready yet but performance had massive improvements. look up risk V or risk 5
@@ali32bit42 Ohh exciting
A bit beside the point, but I feel like you kind of missed the mark on the example about security by obscurity. Windows does not have more viruses created for it than Linux because it's closed source. It has more viruses created for it because it has a sigificantly larger userbase than Linux, and that userbase is also generally less tech savvy. The same goes for OSX, but not quite on the same scale
@TheMagzuz Yep. Malware authors are naturally more apt to write for the OS with the most market share. He also didn't mention that a not insignificant portion of the windows code base is no longer closed source.
effsixteenblock50 macOS as far as I know isn’t too
Sure, the desktop space is heavily sided towards a higher Windows usage, but Linux dominates the server market, which can be a much more lucrative target for some than the end users. Linux is a very prime target for this reason, and so the argument of "less users" doesnt really make sense with server computing taken into account.
THIS. Mac OS didn't really have much of a malware problem until it started catching on. Of course, Apple advertising that Macs don't get viruses probably didn't help, as virus makers tend to take such claims as challenges.
If Linux starts to also go mainstream, so too will Linux malware.
@@kaz_iaa But server admins are generally much more proficient and wary than your average end user, which makes it significantly harder to even get into one in the first place.
I recently bought a Dell precision 7540 and Intel ME disabled from the factory was the default option. I was pleasantly surprised to see that but this is Enterprise Dell so it makes sense.
Also, because it's Enterprise Dell you don't get shafted. 4 SODIMM slots and 4 m.2 slots are in there. No funny business of "you opened it to add more ram so your warranty is void" or "you didn't order a second harddrive so we didn't soldier the other m.2 connector to the board" or anything like that. Built in gigabit Ethernet as well.
It makes me sad though because laptops like this probably won't be around for much longer.
Do you know if Dell does the same thing for their Alienware brand?
@@j.k.4479 Definitely not. Dell's entire consumer line has gone to crap. Stay far away
Actually, the Intel ME exists supposedly to cater to network administratirs so the enterprise is where it would make sense to have it enabled
Not true. Many more companies are waking up to this kind of thing. Purism is a great example of a company that sells good computers with the Intel ME disabled by default.
as far as i know the actual ME firmware in those ME disabled dells isn't stripped of all the extra modules that aren't necessary to bring up the CPU, so you'd probably want to run ME cleaner as well. however even with a stripped and neutralized ME there's still the SA-00086 vulnerability in a lot of intel's older chips that is apparently present in one of the core modules needed to start your computer. and as far as i know it can't even be patched with an ME firmware update.
If anyone out there is paranoid now, then buy a USB/PCIE network adapter, and abstain from using the integrated ethernet adapter on your motherboard (same goes for onboard wifi, if your motherboard supports it.) Why? Because Intel ME doesn't know how to use anything except for the integrated adapter(s), and therefore it will be unable to communicate with the outside world.
That obviously doesn't fully disable ME, but it essentially neuters it.
@Lucas Budde Mior that's a question
Unlike intel ME, though, most AMD systems allow you to disable AMD's PSP. But then you don't have the on-board TPM to do secure boot with, which may or may not matter to you.
How?
@@ThylineTheGay In the case of my laptop, there's a bios setting literally called "AMD Platform Security"
@@ARitzCracker oh
Intel is the same way. You can disable it in the BIOS, or just uninstall the ME driver.
@@TheMohawkNinja I haven't seen the BIOS setting you are talking about, but the most that could do would be preventing the ME from being visible to the OS (because it has to be visible to the OS for firmware updates). The ME still boots up and has all its privileges regardless of how the BIOS is configured or what driver is installed on the OS. I imagine the same to be true for AMD's PSP.
*puts blanket over priceless jewel*
"Now they'll never know where to look!"
I worked IT in my college and I remember my boss making us go to every single computer in our inventory and install that Intel firmware patch. I didn't realize how truly bad it was.
IME doesn't just have ring 0 privileges, it actually runs in ring -2
or really -3, as it can run while your computer is turned off
Intel inside means a whole other thing now
Fun fact: If you somehow remove the Intel Management Engine, and the cpu doesn't see an Intel ME, the CPU will force the pc to shut itself off in exactly 30 minutes, regardless of what you're doing. One of my laptops has a corrupted ME configuration so it is very hard to work on
Edit: found out from the guy that replied to me that modern intel cpus require me so yeah have fun removing it on the 12900k
What happens when you remove the Intel ME depends on the CPU. More recent ones actually _require_ some parts of the Intel ME to be intact, or else the CPU simply won't work at all.
Luckly there is a way to reflash and restore the ME on forums like WinRaid. Had my laptop doing the same thing due to a tripped Intel Anti-Theft and had to remove that module and reflash the bios with a IME patch.
Coreboot still can't remove the entire management engine. Also, ARM probably already has a similar management engine, at least on the Raspberry Pi, the GPU has VideoCore IV which can control the CPU.
Maybe you could use an OS without an ME driver, maybe one that just returns null.
@PC del Pueblo you still need software capable of accessing the ME hardware to take advantage of the ME.
Some time ago (months) I watched a video about China making a CPU. I remember commenting that I didn't trust them to *not* install a hardware backdoor... Guess I shoulda been looking closer to home. So has Intel and AMD said anything about _why_ these systems are installed?
It allows IT departments to remotely manage the BIOS. Think of it has low-level RDP. Intel ME at least doesn't really bypass firewall rules. So long as you block the couple of ports it uses, you are fine.
@@TheMohawkNinja how can I do that?
@@ahmadanime7586 This, they say that it allows users to remote manage their computers even when the computer is off and no OS is running, but Ive never heard of anyone actually using this claimed feature.
@@TheMohawkNinja "Block the couple of ports it uses" why so many uneducated ppl are talking about things they don't understand in this day and age?
Don't talk about things you don't understand. This remote access is " allegedly " designed for IT professionals to have FULL CONTROL. AKA they can turn on and off the laptop, access the bios AND reinstall the corrupted OS. HOW TF ARE YOU GOING TO FIREWALL THIS ?? EVEN IF YOU REMOVE THE HARDDRIVE THEY STILL CAN ACCESS BRUH.
@@impoppy9145 Okay, if you understand so much, then explain to me how you can ignore external hardware firewall rules from the local BIOS?
Because if that's something you can easily do, we can just throw LITERALLY ALL OF CYBERSECURITY out the fucking window.
7:43 "AMD has the same thing build into the motherboards"
Shows an image with the PSP clearly on the SoC. Also, you can disable the PSP in the bios on AMD laptops (at least on my Lenovo Ideapad 5 15"). If they're doing something truly nefarious obviously that disable toggle won't actually do anything though.
My lenovo ideapad slim 3 also had the option to turn off PSP
Is there a possibility that the option doesn't actually do anything and is just there to provide false security?
Intel's ME is also a system management tool, and not there for any malicious purpose. it's probably not necessary but it is there.
@@TheObsesedAnimeFreaks but it could as well have backdoors
@@My1xT it most likely does not. Why would they want or need to build backdoors into it.
Well, at least AMD says PSP can be disabled. Not that anybody trusts vendors in such things, but it can still be true (in theory).
at least they attempt to give you the illusion of being able to turn off the spyware :)
You can turn off AMD PSP? That's news to me, I thought both Intel ME & AMD PSP were hardcoded to never be switched off when shipped with hardware?
By the way, you can get Intel CPU's without Intel ME, I know, I have one.
Intel ME - Level 4 Disabled, basically no information seems to be available about it anywhere that I can find, but it is completely removed from the CPU, it also means lots of consumer features are totally non-operational with no ability to enable them.
@@longnamedude3947 Yeah I was installing something and it said I needed to install Intel MEI drivers but the drivers refused to install. Maybe not the same thing but semi-related, I guess?
@Kohina closest thing right now: github.com/PSPReverse/PSPTool
It can't be disabled, as it controls the DRAM initialization. It's a fake choice.
Idk. about that whole disabling ME thing. I have have a friend who worked for Google and he said thay've meddled with it and even they are having a hard time disabling ME for good. They got it disabled only temporarily. Also he told me that ME being truly disabled in those laptops sold by companies like system76 is bullshit. But he says a lot of things so I wouldn't take his word as a granted truth.
I tend to believe him, the me has privileges over the bios so bios changes might stop it communicating but it will still be there and functional
@@archygrey9093 my firmware has an option to disable ME and AMT and it disables the firmware modules so that the ME can't access anything
System76 does remove the more sus stuff from the ME but some of it still remains
@schmobbing Probably not, but the switch doesn't harm
Purism does the same thing to their products too i think
Ever heard of the talpiot program, or unit 8200? The rabbit hole you just opened goes a lot deeper than you may be willing to go...
Watched this a while ago, but I just realized you called MINIX closed source. MINIX is an open source microkernel licensed under the BSD license. However, Intel made a derivative that is fully proprietary.
I thought that making open source closed source is a violation of GPL?
@@vaikjsf34a MINIX is licensed under the BSD license. GPL and BSD are two different licenses and the BSD license allows you to make closed source software out of the open source software.
Uh, he mentioned pretty clearly that minx is open source, but the important parts of that we need to see that was implemented by Intel is proprietary
this is why you don’t use a cuck license
@@sylv512 honestly idk if GPL/copyleft is better than cuck licenses. The BSDs are in much better shape than Linux because corporations aren't influencing them as much
"Bioluminescent government agents" Instasubbed.
God damn I’m the only one who doesn’t understand what this means
Search "Temple OS" and go down the rabbit hole. (The actual phrase is "Glow in the dark CIA n***ers" if I remember correctly.)
Gives a whole new depth to the logo "Intel inside".
You should've given us a reference as to what hardware is free from the x86 backdoor. For those interested, you can still get relatively recent AMD CPUs that don't ship with PSP; the first instance of a PSP ARM core implementation is with the late 16h family Puma micro-architecture (2014), so anything from Jaguar (2013) and beyond should be safe.
Like Ryzen laptops?
@@_brugman damn bro
*To be clear,* System76 have *not* _successfully disabled the Intel Management Engine_ (9:42), only certain resources:
_Disabling all functionality of the Intel ME is not possible. Methods for disabling runtime components vary between versions. System76 Open Firmware disables runtime components of the Intel ME using the most capable method possible._
Those Pre-2008 CPUs are looking better and better. Might have to pull out some old lemons, delid, over-clock the olden goldies.
The real question is what is the total available byte length for preloaded code in ME. Since memory inside the processing chip has a premium, I believe it would be relatively small. That could give us more realistic bounds of what it can do with all the data it can "see" passing through it..
Probably not. Even if the ME has a small, but highly "invasive" instruction set, presumably, that small "invasive" instruction set could and would co-opt the more powerful general processor instruction set and do anything an unpossessed Intel machine might do. It might be slower...and that would be a "tell".
Anyone worried about Intel ME block you can block port range 16992:16995 on your router. Because ME network traffic runs on TCP/IP you can still block it. You just can't block it with the device that has ME.
first time hearing about this
CPU that has spyware and it's in everyday.
This is your daily dose of Recommendation
Still waiting for affordable OpenPower PCs
how about ARM?
POWER10 fingers crossed.
Got my eyes on the Raptor Computers stuff.
@@Arctic740 is there open source arm processors? I thought most had proprietary blobs.
RISC-V seems promising too
I'm am too poor to consider even that, but you could look for older used machines running different architectures, if you want to maximize security. There are a few different options. Maybe if you're lucky you can get your hands on one of the old POWERs for not that much. I haven't researched this at all, but maybe it's a possible affordable option. New hardware is not necessary.
This rabbit hole goes deeper than I ever thought.
I'm old enough to remember when this was called a conspiracy theory.
In case you thought the NSA/CIA/Government agencies weren’t in bed with US Corporation, this should clear it all up.
We’ve become somewhat like China while trying to defeat them and I pray we don’t go further in that direction.
FYI, Minix isn’t a BSD, it’s its own OS written by a famous computer scientist (in CS circles) Andrew Tannenbaum. Lots good debates between him and Linus Torvalds back in the late 90s/early 2000s on OS architecture (especially monolithic kernel vs microkernel).
I've been sceptical about this subject. If there is a spyware, well, it has to transmit some sort of data to the desired control center. Me and a few of my colleagues, monitored network and systems with both Linux and Windows OS to make sure there is something going on.. But as much as I loved to prove this theory, we couldn't find any results ..
Isn’t the data saved in ur hardware?
@@DarkNight4090TI and as long as it stays there is not really a problem though
Isn't the problem here that the firmware could be overwritten/hacked by some malicious party/individual that could send it over internet? I also don't think Intel would be a prime suspect for spyware, but they do allow the possibility to have that happen to be larger than having no ME or having an open-source ME.
@@theundefinedx0018 Yes but that requires that attacker to already have code-execution on the machine and would act more like a priv-esc so while this is still really bad, malicious code running on their machine is generally already game-over for the victim.
At least that’s how I see it, not really any expert or anything
Yeah this is making a big leap imo
Embedded microcontrollers should provide a secure hardware level of security when used with open source Linux, but at a reduced level of computing speed. Raspberry Pi, Nvidia Jetson NANO and other similar embedded systems (SoC) with GPU built in on the ARM Coretex system architecture don't have the management engine hardware built into them. This would be a good alternative for secure computing.
Would the use of a Linux virtual machine running on Intel or AMD also provide a good level of security?
Great video and information!
Really like your style of narration. This little background noice makes it even better, I'm kinda sinking into your space
This is why my next build will use a SiFive RISC CPU and I'll just have to wait for gaming on RISC to catch up before I can stay up to date on games
You had *ONE* job! Just make freakin' processors!!!
I hope RISC-V will solve the Intel/AMD problem.
All modern intel CPUs released before 10th gen and after 2008 now have CSME vulnerability that allows remote code execution. CVE-2019-0090, enjoy
Dude this is terrifying, wtf
Doesn't provide Purism a similar service to this with their laptops and NUCs besides System 76?
It would also be interesting what exists on ARM chips similar to this. Because I would not assume that ARM chips are safe either considering the amount of chips inside of phones which couldn't be potentially be spied on if they were.
Arm is even less secure.
evmanbutts actually it is
ARM? Someone above mentioned ARMs “trustzone hypervisor”.
I found out about all this when it was first implement on our work tablets back in 2012. Wanna know how I worked out the capabilities of IME?
I searched the Patent applications registry and found the applications by Intel. All capabilities were listed
Hopefully in the future we’ll have more choice in the cpu market beyond intel and amd. Taking a look at the success of Apple’s M1 chips (not saying they lack spyware, I don’t know) I’d say there’s a reasonable chance we may see more companies enter the processor market. Perhaps a few that are privacy focused too.
I hope that we'll go towards a standardised open chipset like RISC-V though instead of the Arm based chipsets/instruction-set based CPU's.
Any company that produces and sells a CPU will include some sort of spyware.
VIA was a viable competitor in the x86 market in 2003-2009. Too bad they've moved their focus.
The nice thing about the newer management engines is that you can actually control them yourself if you've got a newer vPro Intel CPU since it has a more advanced glowCPU (aka management engine) that can be used to perform actions on your PC remotely without having to be a federal agent to do so. You could actually install a completely different OS on your computer remotely on the new ones.
One can only wonder what the recent Chinese x86 CPUs do in the context of Intel ME and AMD PSP. It’s probably worse in a domestic Chinese context but makes you wonder a few things.
Don't forget you can use hardware firewalls to at least control where your data goes. I've been wanting to get one to block Microsoft's forced updates as well
It was always suspect when virtually all computers worldwide can only have an AMD or Intel CPU at the same time computers gained importance to everyday life at home or work. #phucked
Finally a reason to make me feel good to still b stuck with a old P45 chipset as main pc xD
Very interesting#
Had been wondering why you never hear about Ring 0 being used in the OS. Now it's clear. Thank you.
Don't store anything cool on something connected to the internet
"it can bypass firewall configurations due to its dedicated network configuration" - this blips my "BS" radar. It can talk out the network port without the OS on that machine being able to use its own firewall to intercept it, sure. But the next firewall (perimeter equipment) WILL see that traffic, implied in your statement is that it can tunnel out through anything.
What steps actually would need to be taken to secure a network specifically against outgoing (or internal inter-device) traffic originating from ME/PSP doing nefarious things? Obviously _AMT_ is extensively documented but surely locking down the ports AMT happens to use would not be of much value against ME itself.
So, in this context, what does a glowie packet look like?
@@ReptilianLepton Dunno, you'd have to white-list only and log to see where it wants to talk and what info you can garner about those places to sift them out. Then there would be information from those you catch that could be used to fingerprint them.
If (MEcpu == true) {
X in X +1 = bypass packet inspection; }
The spyhardware making your hardware a spyhardware and your device into the ultimate spy device.
Security by obscurity works but only when the device or software itself is obscure. For example, a completely custom, home-made OS will be inherently secure via obscurity simply because the only person with access to that OS is the person who made it. Trying to maintain obscurity for software or hardware that's readily distributed doesn't work because people still know it exists.
*This took "Intel inside" To a whole new meaning*
There's also purism. They sell notebooks with disabled Intel ME (and other nice features).
I own a Librem 13. HHAHAHA.
@@matildahalili8051 Nice investment
I decided a different route than buying S76, which was simply unplugging the machine.
It’s brought a lot of piece of mind, reduction in carbon footprint & more free time (aided by unemployment).
Get a real job
@@sherdil3717 get a life. you really don't have better things to do than insult others online?
@@cloudthief8918 its was a joke (because he said he was unemployed)
iirc wiki says its ring -3 cba checkin
i did check (obviously its more metaphorical than real)
The ME is colloquially categorized as ring −3, below System Management Mode (ring −2) and the hypervisor (ring −1), all running at a higher privilege level than the kernel (ring 0)
ah good to know, I thought it was ring 0 from my research, wish I could pin your comment.
@@MentalOutlawThere is a special "ring -4" discovered by Chris Domas that pertains to special RISC based CPUs controlling the model specific registers in some x86 based CPUs.
@@MentalOutlaw If channels like yours continue to spread awareness about AMD releasing their source, then there's a chance for widespread security: libreboot.org/amd-libre.html
@@SimGunther There are many hidden registers in x86 .
MINIX3 is not closed source - and as MEI has no storage on its own and doesn't sign the IFD (up to Skylake), you actually can control what segments you want to load. The structure is directly visible.
To mitigate the spooky Intel management engine, I recommend putting your laptop or computer in the bathtub and filling it with water.
5:14 Many companies do not afford their engineers the kind of time needed to chase down and fix vulnerabilities. Management is always focused on the new features, that's where the pressure gets applied.
So true
I read about this a couple of years ago. Tried to message a group of friends about it on Facebook and only that one message kept immediately failing to send 🙃 tin foil up
You forgot to mention the hardware back doors in the network controller, the hard drive controller, and inside your printer.
Ah yes, the good ol OpROMs. Proprietary firmwares everywhere.
Im sure if you remove the backdoor you will get flagged kinda like if you use Tails OS. There is no security or privacy with todays electronics.
this is why i have a 2007 imac(2008 was the year intel me was introduced)
0:10 How about putting a firewall on your router and observing the traffic.
@PC del Pueblo It doesn't matter which device you use. The Router doesn't run on Intel or AMD Processors. Even if you use a compromised computer for 'setting up the router' it's clear you'll just have the traffic blocked. Its a really simple thing to do.