Pablo Luna
All Intel computers manufactured within the last five years come with an unfixable flaw that specialized hackers can exploit for personal or commercial gains. The flaw cannot be fixed with patches or any security updates because it is resident in the Converged Security and Management Engine – or the computer’s ROM.
The flaw discovery was made by Positive Technologies, a security firm. According to Mark Ermolov, lead specialist of operating systems and hardware security at Positive Technologies, the flaw rubbishes everything Intel has been up to in recent years and it destroys the trust that people had in the foremost computer component manufacturer.
“This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” Ermolov said. “The problem is not only that it is impossible to fix firmware errors that are hard-coded in the mask ROM of microprocessors and chipsets. The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole.”
Although Intel has released several patches to address the flaw, the security persists because the flaw stems from the inability of the input-output memory management unit to prevent malicious modification of the static random-access memory which is executed during the booting and encryption process. This situation is completely undetectable because it executes at the hardware level, making it possible to bypass security protocols and execute malicious codes without any detections.
It must however be noted that hacking into such Intel-flawed CPUs is not an easy feat to achieve because the potential hacker must possess sophisticated experience and specialized gear to make the security exploitation possible. A hacker may have to access the target computer’s chipset key via the flawed ROM system to be able to fully exploit the vulnerabilities present in the computer.
The chipset key is essential to decrypting the confidential data in the computer, and unscrupulous suppliers or even employees may obtain the needed keys one way or the other. They can do this by intercepting the key remotely or if the computer manufacturer allows remote updates of the Intel Integrated Sensor Hub among other internal components.
As a way to mitigate or deal with the problem at the interim, Intel recommends that computer systems be kept up-to-date, and Positive Technologies recommends disabling the entire Intel encryption data storage devices to analyze them for possible compromises.
Source: Arstechnica.com
