r҉ustic cy͠be̸rpu̵nk🤠🤖Jan 12, 2018

More good news from Intel

https://press.f-secure.com/2018/01/12/intel-amt-security-issue-lets-attackers-bypass-login-credentials-in-corporate-laptops/

“In practice, it can give an attacker complete control over an individual’s work laptop, despite even the most extensive security measures.”

“The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorized user from booting up the device or making low-level changes to it, does not prevent unauthorized access to the AMT BIOS extension.“

Convenience is starting to look like a bad idea

Intel AMT Security Issue Lets Attackers Bypass Login Credentials in Corporate Laptops

F-Secure Press Room | Global
Show threadr҉ustic cy͠be̸rpu̵nk🤠🤖Jan 12, 2018

Current status

https://mastodon.social/media/KclKicg-PFP5WJ0QuJE
https://mastodon.social/media/9pb3JBveLUzK2jISz1M

Show threadKurt MosiejczukJan 12, 2018
@cypnk Now we have to hope that doing that is adequate to defang the problems. It should. But then, we shouldn't have any of these problems to start with...
Show threadr҉ustic cy͠be̸rpu̵nk🤠🤖Jan 12, 2018

@kurtm That's true. But I don't take anything for granted anymore. I can't read the BIOS firmware so I have no idea what voodoo is taking place behind these screens

This is probably a placebo in some ways since "off" doesn't seem to mean that in some cases

Show threadMichał KernJan 12, 2018
@cypnk @kurtm You really ought to try coreboot. It took me about a day to get it up and running, but it's worth the time and effort.
Show threadr҉ustic cy͠be̸rpu̵nk🤠🤖Jan 12, 2018
@mkern @kurtm I have on my own laptops, but unfortunately these Thinkpads aren't compatible as far as I know and I don't have permission to test on them
Show threadMichał Kern
@cypnk @kurtm Oh, that's pretty bad.
Jan 12, 2018 at 7:14pmWeb