Twitter | Search | |
Mark Ermolov
Intel Platform RE/security researcher
266
Tweets
61
Following
1,865
Followers
Tweets
Mark Ermolov retweeted
Plato Mavropoulos Oct 13
I have written a new utility called AMI BIOS Guard Extractor. It parses AMI BIOS Guard (a.k.a. PFAT) images and extracts a proper SPI/BIOS image. You can find it at my Various BIOS Utilities for Modding/Research repository.
Reply Retweet Like
Mark Ermolov Oct 9
Replying to @idafanatic
The straps are in other place on SPI image...
Reply Retweet Like
Mark Ermolov Oct 9
Good news: Intel ME 12.0 (Cannon Point PCH, Z390, H370, B360, H310) still has HAP (Alt ME Disable) mode, but the straps were moved however
Reply Retweet Like
Mark Ermolov Oct 6
Replying to @vpikhur
It's from Xiaoyu Ruan's Platform Embedded Security Technology Revealed
Reply Retweet Like
Mark Ermolov Oct 6
A very, very tempting target...
Reply Retweet Like
Mark Ermolov retweeted
Maggie Jauregui Oct 3
Manufacturing mode check will be a part of a release in the near future. We have an implementation that's undergoing final testing to include all platform definitions of the FWSTS register
Reply Retweet Like
Mark Ermolov Oct 2
It seems that old Intel SPT and KBP (100 and 200 series) chipsets already had MCU acting as PMC. It was 8-bit 8051 microcontroller
Reply Retweet Like
Mark Ermolov retweeted
Maxim Goryachy Oct 2
Our new paper "Intel ME Manufacturing Mode: obscured dangers" about SPI write-protection bypass in Apple MacBook. [ru] [en]
Reply Retweet Like
Mark Ermolov retweeted
HITBSecConf Sep 29
The Phantom Menace: Intel ME Manufacturing Mode - Maxim Goryachy - cc
Reply Retweet Like
Mark Ermolov retweeted
Maxim Goryachy Sep 22
Anton Dorfman (my colleague) has been published IDA Pro processor module for Altera Nios II Classic/Gen2 microprocessor architecture.
Reply Retweet Like
Mark Ermolov retweeted
Pavel Yosifovich Sep 20
Updated GFlagsX with basic support for Silent Process Exit:
Reply Retweet Like
Mark Ermolov retweeted
Alexander Popov Sep 13
The has published an article about my talk at : After criticism I've posted a reply with technical details: The video of the talk is already available:
Reply Retweet Like
Mark Ermolov Sep 11
A first (but not a last) vulnerability in Intel PMC firmware
Reply Retweet Like
Mark Ermolov retweeted
Maxim Goryachy Sep 11
Intel fixes another one vulnerability in Intel ME (which we found).
Reply Retweet Like
Mark Ermolov retweeted
Maxim Goryachy Aug 27
Almost year has passed since we reported the INTEL-SA-00086 vulnarability and we have published JTAG activation PoC for Intel ME. You can use JTAG for researching ME core (via DbC debug cable). Step-by-step instructions at
Reply Retweet Like
Mark Ermolov Aug 27
Ready to uncover Intel ME background? Use our PoC to activate JTAG and dump ME ROM
Reply Retweet Like
Mark Ermolov retweeted
Binni Shah Aug 21
How I Hacked BlackHat 2018 - All BlackHat Attendee registration data available via unauthenticated API - names, emails, phone numbers, addresses : cc
Reply Retweet Like
Mark Ermolov Aug 23
Replying to @pietrushnic
In my opinion, USB-R is USB Redirection meaning USB traffic interception for KVM. Having a power of ME, IE runs OEMs firmware, probably more buggy than Intel's ME firmware
Reply Retweet Like
Mark Ermolov Aug 22
A very useful scheme helping realize ME hardware environment. Proving that IE is a mirror copy of ME
Reply Retweet Like
Mark Ermolov Aug 17
Replying to @KaKaRoToKS
Next week we are releasing the PoC for Apollo Lake platform (BroxtonP). Stay tuned
Reply Retweet Like