While Intel may put a lot of effort into hunting for security bugs, vulnerabilities will inevitably exist, and having them lurking in a highly privileged, low-level component with no OS visibility or reliable logging is a nightmare for defensive cybersecurity. The design choice of putting a secretive, unmodifiable management chip in every computer was terrible, and leaving their customers exposed to these risks without an opt-out is an act of extreme irresponsibility... EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.
TLDR: "We have reason to fear that the undocumented master controller inside our Intel chips could continue to be a source of serious vulnerabilities in personal computers, servers, and critical cybersecurity and physical infrastructure."
"Authentication still worked" even when the wrong hash was entered, Tenable Director of Reverse Engineering Carlos Perez wrote. "We had discovered a complete bypass of the authentication scheme." A separate technical analysis from Embedi, the security firm Intel credited with first disclosing the vulnerability, arrived at the same conclusion... Making matters worse, unauthorized accesses typically aren't logged by the PC because AMT has direct access to the computer's network hardware... The packets bypass the OS completely.
The article adds that Intel officials "said they expect PC makers to release a patch next week." And in the meantime? "Intel is urging customers to download and run this discovery tool to diagnose potentially vulnerable computers."
Saturday Ars Technica found more than 8,500 systems with an AMT interface exposed to the internet using the Shodan search engine -- over 2,000 in the United States -- adding that "many others may be accessible via organizational networks."
One of RISC-V's inventors co-founded the company, and he says that support is growing -- pointing out that there's already a fork of Linux for RISC-V.
This is particularly frustrating for Puma 6 modem owners because the boxes are pitched as gigabit broadband gateways: the devices can be potentially choked and knocked out simply by receiving traffic that's a fraction of the bandwidth their owners are paying for... The Puma 6 chipset is used in a number of ISP-branded cable modems, including some Xfinity boxes supplied by Comcast in the US and the latest Virgin Media hubs in the UK.
The original submission also notes there's already a class action lawsuit over the performance of cable modems with Intel's Puma 6 chipset, and adds "It would appear the Atom chip was never going to live up to the task it was designed for."
The idea isn't that the highways and byways of the fictional city of Los Santos would ever be a substitute for bona fide asphalt. But the game "is the richest virtual environment that we could extract data from," said Alain Kornhauser, a Princeton University professor of operations research and financial engineering who advises the Princeton Autonomous Vehicle Engineering team.