Twitter | Search | |
Mark Ermolov
Intel Platform RE/security researcher
202
Tweets
50
Following
1,656
Followers
Tweets
Mark Ermolov Apr 13
Video of our 2017 talk about Intel ME was published by BH:
Reply Retweet Like
Mark Ermolov Apr 6
It's amazing how many heterogeneous CPU cores were integrated in Intel Silvermont's Moorefield SoC (ANN): x86, ARC, LMT, 8051, Audio DSP, each running own firmware and supporting JTAG interface
Reply Retweet Like
Mark Ermolov retweeted
Alexander Popov Apr 4
I've created a Linux Kernel Defence Map showing the relations between: - vulnerability classes / exploitation techniques, - kernel defences, - bug detection means. Feedback is welcome. Link:
Reply Retweet Like
Mark Ermolov Apr 3
Replying to @suqdiq
You can do it on your own decoding DAL xmls acc to our recent CCC presentation
Reply Retweet Like
Mark Ermolov Apr 2
Replying to @_markel___
Reply Retweet Like
Mark Ermolov Apr 2
More very interesting google searches: "type:py Intel Confidential" "type:xml Intel Top Secret"
Reply Retweet Like
Mark Ermolov Mar 27
Replying to @ivanrouzanov
Yes, SPT and LBG still have fpga-based PMC
Reply Retweet Like
Mark Ermolov Mar 26
Meet one more Intel PCH integrated MCU (ARCompact) with digitally signed FW. Starting from Apollo Lake (+forthcoming CNP), Power Management Controller is 32bit ARC core
Reply Retweet Like
Mark Ermolov retweeted
InstLatX64 Mar 23
16-Core Atom C3958 () 506F1 CPUID dump refresh, MemLat dump, CPUID, C&M, GPGPU panel added - with 3 / mitigation features (/, , IA32_ARCH_CAPABILITIES)
Reply Retweet Like
Mark Ermolov Mar 16
Replying to @_markel___
Sadly that we didn't have the presentation when we REd the stuff: "consent, unlock token, red, orange, green..." - what does that mean???
Reply Retweet Like
Mark Ermolov Mar 16
Wow, found some Intel presentation "Security Vs Debug" describing basic policy of Intel platforms debugging (what we had been investigating for years)
Reply Retweet Like
Mark Ermolov retweeted
Alex Matrosov Mar 13
Most of AMD vulns from amdflaws has the same impact as any other SMM issues. The interesting one is code execution on Secure Processor. But looks like it's related to fTPM issue with the same impact (). Also on ASUS hardware BIOS security is always broken.
Reply Retweet Like
Mark Ermolov retweeted
Kevin Beaumont Mar 13
I have written technical information about reported AMD flaws.
Reply Retweet Like
Mark Ermolov Mar 10
Officially cancelled Intel Broxton CPU for smartphones (Atom T5700) can be bought as part of Intel Joule compute module/devkit (Intel Edison successor)
Reply Retweet Like
Mark Ermolov Mar 7
Replying to @SimonZerafa @SGgrc
Intel published rather complete spec for Trace Hub, so the driver can be written oneself
Reply Retweet Like
Mark Ermolov Mar 7
Replying to @SimonZerafa @SGgrc
We think that Intel Trace Hub can accumulate those traces and redirect they to memory, so there isn't need for additional hw, but to propery program Trace Hub, a driver is required
Reply Retweet Like
Mark Ermolov Mar 7
Replying to @SimonZerafa @SGgrc
We think there are at least two types of traces outgoing from CPU: AET (Architectural Events Tracing), this is another name of Intel Processor Trace and VISA (Visualization of Internal Signals) - dynamics of internal IPs signals captured by ODLA (OnDie Logic Analyzer)
Reply Retweet Like
Mark Ermolov retweeted
Alexander Popov Mar 7
The article about the current state of STACKLEAK patch series hated by Linus. Sharing subscriber link:
Reply Retweet Like
Mark Ermolov Mar 7
Heh, Intel removed Skylake CPU internal devices' JTAG xml files from public version of DAL but forgot to update an index, so we can see a power of CPU JTAG capabilities
Reply Retweet Like
Mark Ermolov Mar 6
Intel CPUs BPM# pins mystery: they are nothing else than MIPI PTI port for CPU AET and VISA tracing
Reply Retweet Like