AMT Security Issue....

The fun doesn’t stop…

https://business.f-secure.com/intel-amt-security-issue

But, again, as with the other weaknesses with the Intel CPU in past few days, attacker first needs direct local physical access to the machine.

Therefore, for many of us (probably a healthy majority), it is really not as much of a threat as the Chicken Little Tech Media would like us to believe. :wink:

I point out that in extensive research over the past while since these threats became public, for Meltdown and Spectre in particular, I find all reliable techs reporting the same as in this excerpt, along with my own tests:

The exploits allow malicious code executed on one part of a CPU to access information being executed on another part of the CPU. The methods by which a typical hacker could access your CPU requires them to have machine access. For IT departments and homeowners good endpoint protection, like always, is needed. In this way the security risk is no different than others that have come along this week, month, and year. They are a daily occurrence. We also need to ensure our devices are updated, software patched, and security in place.

What makes these latest exploits special is that in a shared environment, where multiple organizations are using the same machine (i.e. the cloud) to build applications, the exploit could be intentionally introduced to hardware directly by a hacker using the service or indirectly by another organization who’s security may not be as good as yours. It is an illustration of the risks of a shared infrastructure and the importance of our shared responsibility in protecting it. The organizations that have the biggest worries include CPU vendors themselves and the big cloud vendors. The true impact is still being assessed as the easy fixes have the potential to degrade the performance of some of their services.

There was also this, but:

So if the exploit is only usable by those with direct access to the CPU then I am safe, right? Well, not necessarily. As researchers have reported, the Spectre exploit theoretically can be run with Javascript, so it is essential to have good protection in place to keep your systems and your users safe—this includes a DNS Firewall to protect against bad links.

… I keep JavaScript turned off. I only turn JavaScript on if it is absolutely required, and then only with people or sites I am certain I can trust.

But, again, as with the other weaknesses with the Intel CPU in past few days, attacker first needs direct local physical access to the machine.
Yep, they did explain that in the scenario :wink:

Heh. I knew you know that, Deano. I was pointing it out for all those who are in a state of high panic. lol!

They can just wear tin-foil hats! :slight_smile:

The problem with AMT is that Intel kept it secret and that AMT has access to your whole computer, cpu, network interfaces and disks.

I see it as some kind of backdoor and although I think currently there are no exploits, I do not like the idea of a backdoor.