Twitter | Search | |
_trvll Nov 8
Replying to @h0t_max @_markel___
Really nice achievement!!!
Reply Retweet Like
Maxim Goryachy Nov 8
Thanks!
Reply Retweet Like
Pierre Roberge Nov 8
Replying to @h0t_max @_markel___
Now, if only we could remove it!
Reply Retweet Like
daveaitel Nov 8
Replying to @h0t_max @_markel___
Is this a good INFILTRATE talk? :)
Reply Retweet Like
Kitlith Nov 8
Replying to @h0t_max @_markel___
You're kidding me. This is amazing. "Coming up next: A dongle that you can plug into a USB port that completely replaces Intem CSME!"
Reply Retweet Like
systemd fan Nov 8
Replying to @h0t_max @_markel___
Good work ! ...Intel to add a Ring -5 any moment now :D
Reply Retweet Like
David Teller Nov 8
Replying to @h0t_max @_markel___
Full noob here: how do you test that you have obtained this? I assume it's in the screenshot, but that's beyond my knowledge.
Reply Retweet Like
shawn Nov 8
Replying to @h0t_max @_markel___
good but bad at the same time because if you find a way to remove it then hackers the really bad ones or just malicious ones can the use what you make and reverse engineer a way to brick every computer virtually in the world unless you kill the internet part of that OS completely
Reply Retweet Like
systemd fan Nov 8
Replying to @h0t_max @_markel___
Ring -8, where we find out there is really a MIPS underneath the x86...
Reply Retweet Like
minousoft Nov 8
After about -31 rings, it's just turtles all the way down.
Reply Retweet Like
William D. Jones Nov 8
Replying to @h0t_max @_markel___
This is cool, but is there a quick verbal description of what's significant about the image for the clueless ._.?
Reply Retweet Like
Jon W Nov 8
More likely i960
Reply Retweet Like
Dogs are Good. Nov 8
It's over jtag (so /theoretically/ requires a physical connection). The web server bug a while ago was arguably worse.
Reply Retweet Like
Dogs are Good. Nov 8
But the important thing is that someone publicly saying they found this changes /nothing/. Finding an exploit does not mean creating it: the exploit was already there, and there's no way to know whether someone else has already been quietly exploiting it.
Reply Retweet Like
C.M.S Nov 8
..but now that the black box of the ME is open, it could be ripe for other exploits..not found yet
Reply Retweet Like
Dagan Ocaña Nov 8
It would look like unreadable hot garbage if they did it wrong. This is a real time debug which again would look like hot garbage if it was wrong.
Reply Retweet Like
Kitlith Nov 8
They're doing realtime debug on the processor that controls the processor that you actually run code on. Using blasted USB. (might actually be on the same processor, but the point is that the CSME runs at a lower level and is a bit of a privacy nightmare to begin with)
Reply Retweet Like
Myria Nov 8
Replying to @kitlith @cr1901 and 2 others
Would this allow things like bypassing SGX? Hehe
Reply Retweet Like
Roger Gram Nov 8
Replying to @h0t_max @_markel___
could this be exploited remotely, using a malicious fake USB device driver? Or physical access is mandatory?
Reply Retweet Like