[coreboot] Remote security exploit in all 2008+ Intel platforms

[mdn]

Le 01/05/2017 19:59, BogDan Vatra a écrit :
> Hi Ron,
> 
> If anyone can *prove* that it is/was possible to remotely access *any*
> Intel (from 2008+) based computer, it's the beginning of the end of
> Intel.
> 
> BogDan.
> 
> P.S. I know what Intel ME and AMD PSP are*, but I have no idea what
> WEP is. So, sorry for my stupid question, but what is WEP?
https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
> * Well, I only know that they are some buzzwords to sell/describe
> nicely some sort of *unproven* backdoors inserted in every consumer
> computer, even we, the users, didn't ask for such things. What makes
> me suspicious is the lack of any documentation (at least AMD's PSP)...
> 
> 2017-05-01 20:36 GMT+03:00 ron minnich <rminnich at gmail.com>:
>>
>>
>> On Mon, May 1, 2017 at 10:30 AM BogDan Vatra <bogdan at kde.org> wrote:
>>>
>>> Maybe this is a new fools' day joke? May fools' day joke?
>>> This looks way too bad to be true ...
>>>
>>
>> Not too bad to be true, not surprising to many of us who have been warning
>> of this since, say, 2004. It's just that nobody seemed to care (I'm speaking
>> as someone who gave his share of talks to different parts of USG -- people
>> always acted worrried, nothing changed. I don't expect anything to change
>> this time either).
>>
>> This will probably be another object listen like WEP, only much, much worse.
>>
>> ron
> 

-- 
Note: veuillez s'il vous plaît utiliser GnuPg pour nos futures conversations
https://emailselfdefense.fsf.org/fr/
Plus d'info ici:
http://www.bibmath.net/crypto/index.php?action=affiche&quoi=moderne/pgp

Message envoyé avec GNU Icedove un fork de Thunderbird
https://directory.fsf.org/wiki/Icedove

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20170501/82cf8f68/attachment.asc>