[coreboot] Remote security exploit in all 2008+ Intel platforms

Rene Shuster rene.shuster at bcsemail.org
Mon May 1 22:15:38 CEST 2017 

Yes Puri.sm has been debunked. Can someone confirm that if you want recent
hardware without Intel ME then Chromebooks with MrChromebox.tech SeaBIOS (
https://mrchromebox.tech/#devices ) is the way to go?

On Mon, May 1, 2017 at 3:34 PM, BogDan Vatra <bogdan at kde.org> wrote:

> Ah, I thought it's something inside the CPUs :) It sound so familiar ...
>
> On May 1, 2017 21:38, "mdn" <bernardlprf at openmailbox.org> wrote:
>
>>
>>
>> Le 01/05/2017 19:59, BogDan Vatra a écrit :
>> > Hi Ron,
>> >
>> > If anyone can *prove* that it is/was possible to remotely access *any*
>> > Intel (from 2008+) based computer, it's the beginning of the end of
>> > Intel.
>> >
>> > BogDan.
>> >
>> > P.S. I know what Intel ME and AMD PSP are*, but I have no idea what
>> > WEP is. So, sorry for my stupid question, but what is WEP?
>> https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
>> > * Well, I only know that they are some buzzwords to sell/describe
>> > nicely some sort of *unproven* backdoors inserted in every consumer
>> > computer, even we, the users, didn't ask for such things. What makes
>> > me suspicious is the lack of any documentation (at least AMD's PSP)...
>> >
>> > 2017-05-01 20:36 GMT+03:00 ron minnich <rminnich at gmail.com>:
>> >>
>> >>
>> >> On Mon, May 1, 2017 at 10:30 AM BogDan Vatra <bogdan at kde.org> wrote:
>> >>>
>> >>> Maybe this is a new fools' day joke? May fools' day joke?
>> >>> This looks way too bad to be true ...
>> >>>
>> >>
>> >> Not too bad to be true, not surprising to many of us who have been
>> warning
>> >> of this since, say, 2004. It's just that nobody seemed to care (I'm
>> speaking
>> >> as someone who gave his share of talks to different parts of USG --
>> people
>> >> always acted worrried, nothing changed. I don't expect anything to
>> change
>> >> this time either).
>> >>
>> >> This will probably be another object listen like WEP, only much, much
>> worse.
>> >>
>> >> ron
>> >
>>
>> --
>> Note: veuillez s'il vous plaît utiliser GnuPg pour nos futures
>> conversations
>> https://emailselfdefense.fsf.org/fr/
>> Plus d'info ici:
>> http://www.bibmath.net/crypto/index.php?action=affiche&quoi=moderne/pgp
>>
>> Message envoyé avec GNU Icedove un fork de Thunderbird
>> https://directory.fsf.org/wiki/Icedove
>>
>>
>> --
>> coreboot mailing list: coreboot at coreboot.org
>> https://mail.coreboot.org/mailman/listinfo/coreboot
>>
>
> --
> coreboot mailing list: coreboot at coreboot.org
> https://mail.coreboot.org/mailman/listinfo/coreboot
>



-- 
Tech III * AppControl * Endpoint Protection * Server Maintenance
Buncombe County Schools Technology Department Network Group
ComicSans Awareness Campaign <http://comicsanscriminal.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20170501/172fe274/attachment.html>

More information about the coreboot mailing list