Intel processor microcode security update for Trisquel

57 risposte [Ultimo contenuto]
jxself
Offline
Iscritto: 09/13/2010

"Where is exploit?"

Who knows? As far as I know, Intel keeps the details secret.

trisq

I am a member!

Offline
Iscritto: 09/03/2013

Interesting and BIOS related.

"The specialists at ANT, which presumably stands for Advanced or Access Network Technology, could be described as master carpenters for the NSA's department for Tailored Access Operations (TAO). In cases where TAO's usual hacking and data-skimming methods don't suffice, ANT workers step in with their special tools, penetrating networking equipment, monitoring mobile phones and computers and diverting or even modifying data. Such "implants," as they are referred to in NSA parlance, have played a considerable role in the intelligence agency's ability to establish a global covert network that operates alongside the Internet."

"The ANT division doesn't just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software located on a computer's motherboard that is the first thing to load when a computer is turned on."

http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html

Sim
Sim
Offline
Iscritto: 09/29/2013

Thanks for sharing this information about the preferred target by ANT. I'm going to buy an additional computer, which will keep my private data as save as possible by running it always offline. For data transfer a hardware write-protected USB stick will be used. The second of the then three computer will be used only for browing with TAILS.

lembas
Offline
Iscritto: 05/13/2010

>I'm going to buy an additional computer, which will keep my private data as save as possible by running it always offline.
Select carefully or that might not be possible. https://trisquel.info/en/forum/secret-3g-intel-chip-gives-snoops-backdoor-pc-access

Sim
Sim
Offline
Iscritto: 09/29/2013

You are right and in fact I already have thought about it but I didn't come to a final conclusion yet. I like the idea to build my own computer with hardware components recommended by the free software foundation, and to use a Faraday cage to further reduce the risk of spying.

G4JC
Offline
Iscritto: 03/11/2012

And try to avoid getting your parts shipped in the mail either! lolz... xD
NSA's TAO group is able to divert shipping deliveries to its own "secret workshops" in a method called interdiction, where agents load malware onto the electronics or install malicious hardware that can give US intelligence agencies remote access.
http://www.theverge.com/2013/12/29/5253226/nsa-cia-fbi-laptop-usb-plant-spy

Sim
Sim
Offline
Iscritto: 09/29/2013

In contrast to try to get all information by for example spying on submarine cables, the TAO group, as far as I know,is designed to infiltrate special targets of interest. I don't think it is feasable to manipulate all electronics. But nonetheless I will try to avoid shipment from US and the Faraday cage give additional protection.