2018: summary:
. below the OS level is hypervisor,
and below hypervisor level is
the ME (mgt engine).
. it allows the maker of the pc
to do updates even when power seems off,
as long as there is internet.
. the ME uses the secure Minix OS kernel,
but also includes a web browser,
and other huge amounts of functionality
that you can't get the bugs out of,
so Google suggests replacing it with
a Linux kernel and less functionality.
. this has the potential to be a back door
with which the national security agencies
can better protect us from terrorists
and others who take advantage of privacy.
Intel Management Engine (ME):
. an autonomous subsystem that has been incorporated in
virtually all of Intel's processor chipsets since 2008.
The subsystem consists of proprietary firmware
running on a separate microprocessor
that performs tasks even while the computer is asleep.
As long as the chipset or SoC [system on a chip]
is connected to current (via battery or power supply),
it continues to run even when the system is turned off.
Its exact workings are largely undocumented
and its code is obfuscated using confidential huffman tables
stored directly in hardware, so the firmware does not contain
the information necessary to decode its contents.
Intel's main competitor AMD has incorporated the equivalent
AMD Secure Technology (formally called Platform Security Processor)
in virtually all of its post-2013 CPUs.
The Management Engine is often confused with Intel AMT.
AMT is based on the ME, but only available on processors with vPro.
AMT enables owners remote administration of their computer,
like turning it on or off and reinstalling the operating system.
However, the ME itself is built into all Intel chipsets since 2008,
not only those with AMT.
While AMT can be unprovisioned by the owner,
there is no official, documented way to disable the ME.
The Electronic Frontier Foundation (EFF)
and security expert Damien Zammit
accuse the ME of being a backdoor and a privacy concern.
Zammit states that the ME has full access to memory
(without the parent CPU having any knowledge);
has full access to the TCP/IP stack
and can send and receive network packets
independent of the operating system,
thus bypassing its firewall.
The ME is colloquially categorized as ring -3,
below System Management Mode (ring -2)
and the hypervisor (ring -1),
all running at a higher privilege level than the kernel (ring 0)
AMT (Intel_Active_Management_Technology):
AMT is hardware and firmware technology
for remote out-of-band management of the pc.
AMT is built into PCs with Intel vPro technology
and is based on the Intel Management Engine (ME).
Ring −3 rootkit:
A ring −3 rootkit was demonstrated by
Invisible Things Lab for the Q35 chipset;
it does not work for the later Q45 chipset
as Intel implemented additional protections.
The exploit worked by remapping the normally protected memory region
(top 16 MB of RAM) reserved for the ME.
The ME rootkit could be installed regardless of whether
the AMT is present or enabled on the system,
as the chipset always contains the ARC ME coprocessor.
(The "−3" designation was chosen because
the ME coprocessor works even when the system is
in the S3 state,
thus it was considered a layer below the
System Management Mode rootkits.)
Zero-touch provisioning:
Another evaluation by Vassilios Ververis
showed serious weaknesses in the
GM45 chipset implementation.
In particular, it criticized AMT for
transmitting unencrypted passwords in the
SMB provisioning mode when the IDE redirection
and Serial over LAN features are used.
It also found that the "zero touch" provisioning mode (ZTC)
is still enabled even when the AMT
appears to be disabled in BIOS.
Silent Bob is Silent
In May 2017, Intel confirmed that many computers with AMT
have had an unpatched critical privilege escalation vulnerability
(CVE-2017-5689).
The vulnerability was described as giving remote attackers:
"full control of affected machines,
including the ability to read and modify everything.
It can be used to install persistent malware
and read and modify any data." [Tatu Ylönen]
ptsecurity april 24, 2017:
Intel ME: The Way of Static Analysis:
when we looked inside the decompressed vfs module,
we encountered the strings “FS: bogus child for forking”
and “FS: forking on top of in-use child,”
which clearly originate from Minix3 code.
It would seem that ME 11 is based on the
MINIX 3 OS developed by Andrew Tanenbaum :)
more.
researchers from Google and other co's:
Replace your exploit-ridden firmware
with a Linux kernel
Eliminate all UEFI/ME post-boot activity;
Linux performance and reliability in firmware;
Unified Extensible Firmware Interface
Becomes NON-extensible.
Ring 0 (Linux)
Ring -1 (Xen or another hypervisor)
Ring -3 kernels: Management Engine, ISH, IE.
Higher privilege than Ring -2.
Can turn on node and reimage disks invisibly.
Minix 3.
‘Intel ME exploit’: 50M hits
● “Wired” headline: “HACK BRIEF:
INTEL FIXES A CRITICAL BUG THAT LINGERED FOR 7 YEARS”
● How many is that? One billion systems?
● Bug was in the built-in web server in the ME
○ Yep: the hidden CPU had a web server
○ That evidently you can’t turn off
○ Even though docs said you could
Vassilios Ververis: https://goo.gl/j7Jmx5
● Great overview of many early ME flaws
● Summary: just about every part of the ME
software can be attacked
● Only some of the bugs get fixed ...
What’s in ring -2 and ring -3?
● IP stacks (4 and 6)
● File systems
● Drivers (disk, net, USB, mouse)
● Web servers
● Passwords (yours)
● Can reimage your workstation
even if it’s powered off
Ring -3 OS: ME (Management Engine)
● Full Network manageability
● Regular Network manageability
● Manageability
● Small business technology
● Level III manageability
● Intel Anti-Theft (AT)
● Intel Capability Licensing Service (CLS)
● Intel Power Sharing Technology (MPC)
● ICC Over Clocking
● Protected Audio Video Path (PAVP)
● IPV6
● KVM Remote Control (KVM)
● Outbreak Containment Heuristic(OCH)
● Virtual LAN (VLAN)
● TLS
● Wireless LAN (WLAN)
Can we fix this mess?
● We focus on Intel x86 for now
● Reduce the scope of the 2.5 OSes
● Overall project is called NERF
(Non-Extensible Reduced Firmware)
○ Extensibility Considered Harmful
Non-Extensible Reduce Firmware
● Make firmware less capable of doing harm
● Make its actions more visible
● Remove all runtime components
○ Well, almost all: the ME is very hard to kill
○ But we took away its web server and IP stack
● Remove UEFI IP stack and other drivers
● Remove ME/UEFI self-reflash capability
● Linux manages flash updates
NERF components
● De-blobbed ME ROM
● UEFI ROM reduced to its most basic parts
● SMM disabled or vectored to Linux
● Linux kernel
● Userland written in Go (http://u-root.tk)
Removing the ME
● We don’t want ME at all; not an option
● If you remove ME firmware, your node
○ May never work again
○ May not power on (as in OCP nodes)
○ May power on, but will turn off in thirty minutes
● Good news: ME firmware has components
● And most are removable
○ Thanks Trammell Hudson
Removing most of the ME code
● me_cleaner can remove ME blobs
● On minnowmax, 5M of 8M FLASH is ME
● me_cleaner.py reduces it to 300K
● Removes web server, IP stack, pretty much
all the things you don’t want “Ring -3” doing
● Server (SPS) is not yet solved
No comments:
Post a Comment