[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] Tracking v ia processors' backdoors

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am requesting FreedomBox to ask Marvell and ARM if their
processors have a backdoor. Another method of tracking the PSN of a
processor is via the processor's backdoor.

AMD has two backdoors: DASH and a very large encrypted debugger.
Debuggers enable execution of code. They are a backdoor. In 2010, a
Russian discovered the Debugger. AMD admitted the debugger but did
not disclose more information. It is unknown what year AMD
installed the debugger in its processors.
http://www.i-programmer.info/news/91-hardware/1586-secret-debug-
registers-in-amd-processors.html

AMD DASH is modeled after Intel's Active Management Technology
(AMT). The published purpose of both is to enable "IT
administrators" complete remote access to the computers even if
they are turned off. It is frightening what the access provides:
out of band connection, Wake on LAN (WOW), remote turning off of
computers, remote booting to another OS, tampering with the BIOS
and OS, etc. Neither AMD nor Intel provide any notification to the
computers that they have been accessed or tampered with. The out of
band connection and tampering is virtually undetectable.
http://www.fic.com.tw/product/AMT_Procedure.pdf
and
http://sites.amd.com/es/business/it-
solutions/manageability/Pages/manageability.aspx

There is third party software that can be used with AMT and DASH to
provide substantial remote access to computers. Such as Altiris?
Out of Band Management Component 7.1 SP2 from Symantec

http://www.symantec.com/business/support/index?page=content&pmv=prin
t&impressions=&viewlocale=&id=DOC4687

"If abused, AMT offers powerful backdoor capability"
invisiblethingslab.com/resources/.../Ring%20-3%20Rootkits.pdf

Intel's AMT was hacked.
theinvisiblethings.blogspot.com/.../vegas-toys-part-i-ring-3-
tools.htm...

Here's another article on hack of processor:
http://news.softpedia.com/news/The-Ultimate-Backdoor-Hackers-Can-
Infect-Your-Processor-83481.shtml

Intel vPro makes the vPRO PSN visible to everyone vPro and
Absolute's Computrace are backdoors and have been hacked.
Computrace is preinstalled in the BIOS of Dell, Lenova and other
computers. http://www.securityfocus.com/bid/35889/discuss
and http://www.geekswithgirls.com/thetechlunch/?p=3781 and
http://blog.coresecurity.com/2009/08/11/the-bios-embedded-anti-
theft-persistant-agent-that-couldnt-response-handling-the-ostrich-
defense/comment-page-1/

The point I am trying to make is that the manufacturer of the
processor, IT administrators, government and hackers can remotely
access Intel's AMT, Intel's vPRO, Absolute's Computrace, AMD's DASH
and potentially AMD's debugger.  The data they procure can be sold
to information brokers. Investigators can procure it from
information brokers and from government data basis.

Please ask Marvell and ARM whether there is a backdoor out of band
monitor, a debugger or an antitheft device with a visible PSN such
as vPro on their processor. Thank you.
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 3.0

wsBcBAEBAgAGBQJP7HdeAAoJEMry4TZLOfxmFJsH/2Y/ETkQUjEQ2Dh0n8CcuWfSPpsg
pW0vOEoa68qNUuT4DaEGE9GptT9Istcj9veElvoRxJuiNzgixHMh+dcYipTu6RMExrI0
dGxWfn7chFETknIB0YNzc8frnEJ6urUo3q3rJ6tPa4iIt9P0H1UAD+zItrtfDSILC54t
ZEUleY1jQ2rWSL9lyYt9Zaozs/4We5Lc+na6edchNnxV4vKLpnmZLzn44kNzf5rWVMPC
LZuf7tiopy/Fmz2Rq+NKpOlUmqvZXd3U3B5JuiZhkkyjSJlCpguXdAo27CvitxgcSrzP
tFN+z5qkXKf6Cs/73ZUwlptqKE+Fsf95H3XPlR6sqDY=
=1N+A
-----END PGP SIGNATURE-----
Reply to: