1 May
2017
1 May
'17
10:13 a.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/01/2017 11:16 AM, persmule wrote:
We could just remove or cleanse https://github.com/corna/me_cleaner the ME to seal this loophole.
This particular hole, perhaps. Do we know that "cleansing" the ME doesn't simply introduce a bigger hole? Why are the non-removable bits so heavily obfuscated, anyway?
The ME is bad news from a security perspective, period. Security conscious organisations, or those handling high value data, should not be using Intel products (unless perhaps they have a signed financial guarantee of data privacy and integrity from Intel...)
- -- Timothy Pearson Raptor Engineering +1 (415) 727-8645 (direct line) +1 (512) 690-0200 (switchboard) https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJZB2yrAAoJEK+E3vEXDOFboYUH/i00HzanuLFUOyBJxHt+AFtJ
//nV6o+1h9H7u4RmoH3kQXzIJB8KXhrhkFH0SYIJtrQGswjDMPp0FIpWa/slRwym
NqmaTKKpBivJzfBHTv/UQJ0tp4IddVuhyF8eKvDb6R/hM76RlFGsQ4aZoqq88UD4
ZzizORd1ktmO8Qe2waxYds9Mi8pUj/wGyjOdGFWEbOs0Syw/k1azSsng+8wR72y1
Fn37VMku/GChTM6bjw1zrObUVOm77QO5FD/5OqvC8H+ruyTqSPHwunUUd+z6DGby
Bw0ZKidi0+kqhPiPY76duEhVDkaiy9YinH66p5EQW4B5bJGNn03lhSJERnR5jVc=
=9hlc
-----END PGP SIGNATURE-----