OK, thanks for the clarification.
On Tue, Aug 29, 2017 at 4:13 PM, Timothy Pearson < tpearson@raptorengineering.com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 08/29/2017 02:57 PM, Leah Rowe wrote:
On 29/08/17 19:15, Timothy Pearson wrote:
On 08/29/2017 06:10 AM, Rene Shuster wrote:
Wow.
My favorite part is where the NSA itself basically admits that the ME can't be trusted! I wonder if they are looking at other architectures or if this HAP bit was enough for their needs?
So is this completely disabled, and not just "neutralized"?
No, it's just neutralised. The kernel, etc. are still required to boot the platform, it's just that the higher level userspace components are disabled at runtime. So, if a flaw is found in the kernel, etc. the ME remains a serious security threat.
Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJZpcrLAAoJEK+E3vEXDOFbayIH/iZuAc88srpBSorCFJI52nya wGEqUUplz/VeqcxH6ojEIT1QA6qRrXOi+G7feMNiCOa83EwVjxOfpCsx5fP6WQIH iuIYElJiAQ+GpHAozLtMujRr0E+o/W+2iDl4CmwEKeXBydBlRwe2/EnhaktMtVy7 LuHOH53dvGxW6m/8vPaulccbdJajBN7CYdkSFQ7gE+qEMZ0ryMq3JFXjEkgCp8vE cCkBDSSeVyuqar6ghf+IlLDFbLdt6FTKFmWupvL6A6Euveasq38WwGvjiUMiKGDq 5G9EjpAUGme2s4yiPdm2TAjvM8Sa5hlVLIw3tLa7YjcJMSYeKRPJz7VUhRVX7+k= =PMOh -----END PGP SIGNATURE-----