Re: ISO of a linux animalware / antivirus scanner

Liste des GroupesRevenir à col misc 
Sujet : Re: ISO of a linux animalware / antivirus scanner
De : not (at) *nospam* telling.you.invalid (Computer Nerd Kev)
Groupes : comp.os.linux.misc
Date : 01. Sep 2024, 00:15:47
Autres entêtes
Organisation : Ausics - https://newsgroups.ausics.net
Message-ID : <66d39612@news.ausics.net>
References : 1 2 3 4
User-Agent : tin/2.0.1-20111224 ("Achenvoir") (UNIX) (Linux/2.4.31 (i586))
Carlos E.R. <robin_listas@es.invalid> wrote:
On 2024-08-29 00:49, Computer Nerd Kev wrote:
No, AMD Ryzen has it's own equivalent commonly called PSP, and it's
had documented security vulnerabilities too:
 
https://en.wikipedia.org/wiki/AMD_Secure_Technology#Reported_vulnerabilities
 
Your only real escape would be to run a CPU that's so old or
low-spec that you wouldn't have the performance to run a modern
web browser with Javascript support. Of course those web browsers
are where people generally enter information worth snooping on now,
so there's no real escape anymore.
 
 
You simply need a non enterprise CPU that doesn't have the mini minix.
That feature costs money. And has to be enabled in the BIOS. The BIOS
may not have support for it, and then the feature is dead, useless.

It seems that you're talking about a specific documented exploit like
this one:

"PLATINUM
 In June 2017, the PLATINUM cybercrime group became notable for
 exploiting the serial over LAN (SOL) capabilities of AMT to perform
 data exfiltration of stolen documents. SOL is disabled by default
 and must be enabled to exploit this vulnerability."
 https://en.wikipedia.org/wiki/Intel_Management_Engine#PLATINUM

But a look around that page shows that there have been many others
without the limitation of requiring enterprise-only features of
the IME to be enabled. And those are only the vulnerabilites that
have been made public.

Its purpose is not to send data back to factory. Its purpose is to be
used by the IT department for remote maintenance. And using this feature
is expensive.

It's also for booting, thermal management, and other things besides.
Since it's closed-source and the binary is obfuscated, one can't be
sure there aren't secret backdoors put inside on the request of the
US government either.

But with the existance of rootkits, the intended purpose is
actually irrelevant because a malicious firmware could be installed
that does something completely different. I think that's part of
what the OP was concerned about, though I don't know if any
software can check whether it's happened.

--
__          __
#_ < |\| |< _#

Date Sujet#  Auteur
28 Aug 24 * Re: ISO of a linux animalware / antivirus scanner10Bobbie Sellers
29 Aug 24 `* Re: ISO of a linux animalware / antivirus scanner9Computer Nerd Kev
31 Aug 24  `* Re: ISO of a linux animalware / antivirus scanner8Carlos E.R.
1 Sep 24   `* Re: ISO of a linux animalware / antivirus scanner7Computer Nerd Kev
1 Sep 24    `* Re: ISO of a linux animalware / antivirus scanner6Carlos E.R.
1 Sep 24     `* Re: ISO of a linux animalware / antivirus scanner5Computer Nerd Kev
1 Sep 24      `* Re: ISO of a linux animalware / antivirus scanner4Carlos E.R.
1 Sep 24       `* Re: ISO of a linux animalware / antivirus scanner3Computer Nerd Kev
1 Sep 24        `* Re: ISO of a linux animalware / antivirus scanner2Carlos E.R.
2 Sep 24         `- Re: ISO of a linux animalware / antivirus scanner1Computer Nerd Kev

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal