Highlights from the slides:<p>Your CPU chipset is also standalone webserver. Most vPro chipsets (MCHs) have:<p>- An Independent CPU (not IA32!)<p>- Access to dedicated DRAM memory<p>- Special interface to the Network Card (NIC)<p>- Execution environment called Management Engine (ME)<p>Your chipset is a little computer. It can execute programs in parallel and independently from the main CPU!<p>How might we design some malware that embeds itself into the chipset? Such malware would be able to survive reboots, brick the hardware on demand, reboot on demand, act as a MITM for all network traffic, inject vulnerabilities into the host OS during bootup, etc.<p>Step 1: Search for an attack vector in any version of the Intel BIOS. If you can find any attack vector in any version of the BIOS, you've won. For example, if the latest Intel BIOS is v3.9.2, but you found an exploit in BIOS v2.3.1, you've still won. Because...<p>Step 2: ... as the attacker, you can downgrade the victim's BIOS to any previous version without any user consent! Any old version of the BIOS is of course signed by Intel; all versions are. The chipset firmware allows any valid signed BIOS to replace the current BIOS regardless of whether it's older or newer than the current.<p>It was pretty shocking that the BIOS can be downgraded without any user consent. Downgrading requires a reboot, but that's probably not a huge problem in practice.<p>This article is from 2009, so at this point it's just an interesting piece of history. But I wonder whether any of these issues still persist today, such as the ability for userspace programs to downgrade/upgrade the BIOS at will?
So if I understand correctly this can be used to install a persistent hardware rootkit on the chipset that listens for a "secret" knock procedure with TCP (because it has access to the NIC) and then in response to the secret signal modify the host OS kernel through DMA-access to disable for example all access checks [1].<p>Imagine infecting a machine with this either before delivery (requires physical access, but should be doable for FBI/NSA/foreign-counterpart) or in a "rent a server" situation. Most providers will allow you to rent a full server with root-access for a month and then cancel the contract. I'm assuming those servers get re-used if they're not too old.<p>[1] Code to disable access checks through DMA has been around for a long time: <a href="http://www.breaknenter.org/projects/inception/" rel="nofollow">http://www.breaknenter.org/projects/inception/</a>
you fight find this more recent work interesting:<p><a href="http://media.ccc.de/browse/congress/2013/30C3_-_5380_-_en_-_saal_2_-_201312291830_-_persistent_stealthy_remote-controlled_dedicated_hardware_malware_-_patrick_stewin.html" rel="nofollow">http://media.ccc.de/browse/congress/2013/30C3_-_5380_-_en_-_...</a><p>> In this work we present a stealthy malware that exploits dedicated hardware on the target system and remains persistant across boot cycles. The malware is capable of gathering valuable information such as passwords. Because the infected hardware can perform arbitrary main memory accesses, the malware can modify kernel data structures and escalate privileges of processes executed on the system.<p>> The malware itself is a DMA malware implementation referred to as DAGGER. DAGGER exploits Intel’s Manageability Engine (ME), that executes firmware code such as Intel’s Active Management Technology (iAMT), as well as its OOB network channel. We have recently improved DAGGER’s capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code.<p>edit: you still have to first get the malware in though
This is another excellent example of when security-through-obscurity fails; the vPro environment docs are presumably NDA-only (or never released outside Intel), but reverse-engineers will figure things out anyway, and they're not really willing to disclose how much they know...<p>None of my machines have vPro; I remember someone I know calling it "the ultimate pre-installed RAT" when it first came out.<p>Another interesting little fact: Intel's wireless cards, at least the 3945/4965 generation, also use an ARC core to run their firmware.
Many of these exploits "we're just learning about now", have been discussed at CCC, Defcon and Blackhat conferences in the past few years. It's just that most people weren't aware of them. NSA, on the other hand, has paid much attention to them.<p>Here's another one about hardware backdooring from 2012:<p><a href="https://www.youtube.com/watch?v=tV0YqJa-0OA" rel="nofollow">https://www.youtube.com/watch?v=tV0YqJa-0OA</a><p>But when we discover a backdoor on Intel chips (not necessarily put there by Intel) in 5 years, everyone will probably act in shock and awe that it was possible.
And yet the Intel product pages say<p>"Prevent attacks below the operating system<p>Intel vPro technology protects against difficult-to-detect, penetrating rootkits and malware that threaten users working in cloud or virtual environments. It combines several hardware-based features, including Intel® Trusted Execution Technology (Intel® TXT)3 and Intel® Virtualization Technology (Intel® VT)4 for centralized image management and administration, secure network storage, and out-of-band protection—all beyond the firewall."<p>Irony? Or hopefully the current version of vPro as built-in to some Xeon processors is a bit more hardened...
Are there any ways to defend against the attack?<p>I can only think of buying AMD Chips with CoreBios instead, which of I don't know, if they may have similar issues. Maybe buy Tilera, or other manycore chips instead?<p>This article with the title: "Expert Says NSA Have Backdoors Built Into Intel And AMD Processors" raises some concerns, even though I don't know, if the source can be trusted. <a href="http://www.eteknix.com/expert-says-nsa-have-backdoors-built-into-intel-and-amd-processors/" rel="nofollow">http://www.eteknix.com/expert-says-nsa-have-backdoors-built-...</a>
<i>Your chipset is a little computer. It can execute programs in parallel and independently from the main CPU!</i><p>So, basically, the "trusting trust" extends to even your chipset. Basically, the majority of people are doomed to be the subjects of those controlling the means of production. Most of those few who have the wherewithal to peer past the curtain can easily be bribed and intimidated into cooperating.<p>Tinfoil hat on: I wonder if such vulnerabilities might have been concocted as a means of sneaking backdoors into the technical projects of non-US countries?