Tech News

An Intel Chip Flaw puts many gadgets at risk

[ad_1]

Intel is fixing it A vulnerability that unauthorized people with physical access can use to install malicious firmware on a chip to overcome various measures, including protections offered by Bitlocker, trusted platform modules, anti-copy restrictions, and others.

The vulnerability—Pentium, Celeron, and Atom CPUs are available on the Apollo Lake, Gemini Lake, and Gemini Lake Refresh platforms — allowing skilled hackers to own one of the affected ones. chip to run in debugging and test modes used by firmware developers. Intel and other chip manufacturers make great efforts to prevent such access by unauthorized persons.

Once logged in as a developer, the attacker can extract the key used encrypt data TPM is stored in the enclave and, if TPM is being used to store a Bitlocker key, defeat the last protection as well. An enemy can also avoid restrictions on signing code that does not run unauthorized firmware Intel Management Engine, An internal subsystem of vulnerable CPUs, and from there definitely a back door chip.

Although the attack requires the attacker to have brief physical access to the vulnerable device, this is precisely the scenario designed to alleviate TPM, Bitlocker, and coding. The whole process takes about 10 minutes.

Each Intel CPU has a unique key to create tracking keys for things like Intel’s TPM, Enhanced Privacy ID, and other features based on Intel’s integrated silicon. This unique key is known as the “fuse encryption key” or “chipset key fuse.”

“We know you can get this key out of security fuses,” Maxim Goryachy, one of the researchers who found the vulnerability, told me. “Basically, this key is encrypted, but we’ve also found a way to decrypt it, and it allows us to run arbitrary code inside management engines, extract bitlocker / tpm keys, and so on.”

A blog post published on Monday expands on things that hackers can use to exploit. Mark Ermolov, one of the researchers who found the weakness, wrote:

An example of a real threat is the loss or theft of laptops with confidential encrypted information. Using this vulnerability, an attacker can extract the encryption key and access the information on the laptop. The error can also be used in targeted attacks across the supply chain. For example, an employee of an Intel processor-based device vendor could, in theory, extract Intel CSME [converged security and management engine] spread the spyware key and spyware that will not be detected by security software. This vulnerability is also dangerous because it facilitates the extraction of the encrypted root key used in Intel PTT (Platform Trust Technology) and Intel EPID (Enhanced Privacy ID) technologies to protect digital content from illegal copying. For example, some Amazon e-book models use Intel EPID-based protection to manage digital rights. Using this vulnerability, an intruder can extract the root EPID key from a device (e-book) and then, at the risk of Intel EPID technology, download electronic materials from the providers as a file, copy and distribute them.

Inflated and Complex Third Systems

In recent years, researchers have exploited many firmware and performance features in Intel products to overcome the company’s basic security guarantees about its CPUs.

In October 2020, the same group of researchers he pulled out a secret key Which encrypts updates to a range of Intel CPUs. Having a decrypted copy of an update can allow hackers to reverse engineer it and learn how to exploit the hole it is patching. The key can also allow other non-Intel parties, such as a malicious hacker or fan, to update the chips with their own microcode, even if that custom version won’t survive the reboot.

[ad_2]

Source link

Related Articles

Back to top button