Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #778 > unrolled thread
| Started by | 🇵🇱Jacek Marcin Jaworski🇵🇱 <jaworski1978@adres.pl> |
|---|---|
| First post | 2025-06-11 00:41 +0200 |
| Last post | 2025-08-26 22:43 +0200 |
| Articles | 6 — 5 participants |
Back to article view | Back to comp.os.linux.security
Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cybersecurity Comparison 🇵🇱Jacek Marcin Jaworski🇵🇱 <jaworski1978@adres.pl> - 2025-06-11 00:41 +0200
Re: Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cybersecurity Comparison R Daneel Olivaw <Danni@hyperspace.vogon.gov> - 2025-06-13 10:50 +0200
Re: Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cybersecurity Comparison Dennis V <social.ranked646@passinbox.com> - 2025-09-11 23:10 +0000
Re: Hidden Operating Systems in Chips Ralf Schneider <schneiderr@freenet.de> - 2025-07-30 16:04 +0000
Re: Hidden Operating Systems in Chips Marco Moock <mm@dorfdsl.de> - 2025-07-30 20:40 +0200
Re: Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cybersecurity Comparison 🇵🇱Jacek Marcin Jaworski🇵🇱 <jaworski1978@adres.pl> - 2025-08-26 22:43 +0200
| From | 🇵🇱Jacek Marcin Jaworski🇵🇱 <jaworski1978@adres.pl> |
|---|---|
| Date | 2025-06-11 00:41 +0200 |
| Subject | Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cybersecurity Comparison |
| Message-ID | <marqkfFpmidU1@mid.individual.net> |
Cześć!/Hi! Did you know about "Intel Management Engine (ME)" or "AMD Platform Security Processor (PSP)" if no then read now: <https://puri.sm/posts/hidden-operating-systems-in-chips-vs-secure-auditable-oses-a-cybersecurity-comparison> -- Spokojnej nocy!/Sleep well! Jacek Marcin Jaworski Domowa s. WWW: <https://energokod.pl>; Mini Netykieta: <https://energokod.pl/MiniNetykieta.html>.
[toc] | [next] | [standalone]
| From | R Daneel Olivaw <Danni@hyperspace.vogon.gov> |
|---|---|
| Date | 2025-06-13 10:50 +0200 |
| Message-ID | <102gooc$2efr3$1@paganini.bofh.team> |
| In reply to | #778 |
🇵🇱Jacek Marcin Jaworski🇵🇱 wrote: > Cześć!/Hi! > > Did you know about "Intel Management Engine (ME)" or "AMD Platform > Security Processor (PSP)" if no then read now: > > <https://puri.sm/posts/hidden-operating-systems-in-chips-vs-secure-auditable-oses-a-cybersecurity-comparison> > > This problem has been known for years - even before that critical vulnerability (Intel-SA-00086) from 2017. The article says "The Management Engine in Intel devices is disabled to the extent possible", whatever that means. It does not say anything about AMD, and there is also no reference to any known problems with AMD's PSP. Apart from that, the article is a sales pitch for Purism Products and is very much aimed at potential customers in the US. "Made in USA" is also not exactly a badge of trust any more, although I'm not sure which alternatives could be considered better.
[toc] | [prev] | [next] | [standalone]
| From | Dennis V <social.ranked646@passinbox.com> |
|---|---|
| Date | 2025-09-11 23:10 +0000 |
| Message-ID | <109vksi$306bh$2@dont-email.me> |
| In reply to | #779 |
On 2025-06-13, R Daneel Olivaw <Danni@hyperspace.vogon.gov> wrote: > The article says "The Management Engine in Intel devices is disabled to > the extent possible", whatever that means. It does not say anything > about AMD, and there is also no reference to any known problems with > AMD's PSP. For intel it's the HAP bit functionality (High Assurance Platform) where a magic bit placed in the firmware makes the ME shutdown after the boot process finishes. But even if you trust that the ME is off there have been vulnerabilities during booting that could bypass this (https://www.theregister.com/2017/12/06/ intel_management_engine_pwned_by_buffer_overflow/)
[toc] | [prev] | [next] | [standalone]
| From | Ralf Schneider <schneiderr@freenet.de> |
|---|---|
| Date | 2025-07-30 16:04 +0000 |
| Subject | Re: Hidden Operating Systems in Chips |
| Message-ID | <106dfqf$14gu0$1@gwaiyur.mb-net.net> |
| In reply to | #778 |
Am Wed, 11 Jun 2025 00:41:19 +0200 schrieb 🇵🇱Jacek Marcin Jaworski🇵🇱: > > Did you know about "Intel Management Engine (ME)" or "AMD Platform > Security Processor (PSP)" if no then read now: This is really unexpected for me. How can tails and tor protect you now ? Was this all a deception for dummies ?
[toc] | [prev] | [next] | [standalone]
| From | Marco Moock <mm@dorfdsl.de> |
|---|---|
| Date | 2025-07-30 20:40 +0200 |
| Subject | Re: Hidden Operating Systems in Chips |
| Message-ID | <20250730204056.44da627d@ryz.dorfdsl.de> |
| In reply to | #780 |
On 30.07.2025 16:04 Uhr Ralf Schneider wrote: > Am Wed, 11 Jun 2025 00:41:19 +0200 schrieb 🇵🇱Jacek Marcin Jaworski🇵🇱: > > > Did you know about "Intel Management Engine (ME)" or "AMD > > > Platform > > Security Processor (PSP)" if no then read now: > > This is really unexpected for me. Was known for years. :-) > How can tails and tor protect you > now ? Not at all, because the ME Is technically a separated mini computer inside your machine. It is intentionally separated from the main components. -- kind regards Marco Send spam to 1753884271muell@stinkedores.dorfdsl.de
[toc] | [prev] | [next] | [standalone]
| From | 🇵🇱Jacek Marcin Jaworski🇵🇱 <jaworski1978@adres.pl> |
|---|---|
| Date | 2025-08-26 22:43 +0200 |
| Message-ID | <mh6kkdFtvt1U1@mid.individual.net> |
| In reply to | #778 |
W dniu 11.06.2025 o 00:41, 🇵🇱Jacek Marcin Jaworski🇵🇱 pisze: > Cześć!/Hi! > > Did you know about "Intel Management Engine (ME)" or "AMD Platform > Security Processor (PSP)" if no then read now: > > <https://puri.sm/posts/hidden-operating-systems-in-chips-vs-secure-auditable-oses-a-cybersecurity-comparison> quote: "The Gazelle runs light System76 Open Firmware, which is powered by open source Coreboot technology. This allows System76 firmware engineers to disable the Intel Management Engine and provide periodic firmware updates for further protection." source: art. under title "System76 Announces Gazelle Laptop: A Powerful Everyday Companion", author anonim, URL: <https://blog.system76.com/post/system76-announces-gazelle-laptop>
[toc] | [prev] | [standalone]
Back to top | Article view | comp.os.linux.security
csiph-web