Sindoni Says

     
     Sindoni Says


 Trust But Verify...
  

Blog

Intel patches seven-year remote hijacking bug revealed

Posted on July 8, 2017 at 5:10 PM


Intel patches seven-year remote hijacking bug revealed


Serious security flaw is patched. Intel has long been considered one of the premier chip manufacturers on the market, with security playing a vital part in the firm’s overall success.


However, it seems that one element had slipped through the net. Recently conducted research found that Intel processors shipped since 2010 contained remote management features. While from the outset this may not seem like a really big deal, the issue was found to give attackers full control over any computer that was connected to the same network through a firewall, Wi-Fi connection or a bluetooth devise. An official report from Intel explained the flaw further: There is an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.x, 11.5 and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. Can the consumer trust the Intel company statement that the flaw does not exist on Intel-based consumer PCs?”


The flaw is noted to have affected many core Intel manageability firmwares, covering both early variants of the firmware. Due to the flaw going unnoticed for several years, it is unknown just how many machines have been affected. However, the ease of access an attacker ex.. Israeli Mossad hacker (Mr. Goldstien) would have to the network would be alarming. How many of you reading this post would have the knowledge to be able to identify the hacker and get them out of your computer?


Due to the research, Intel delivered a patch in record-quick time. The patch. which resides in Intel’s Active Management Technology, is automatically downloaded onto affected machines, but will be unnoticeable to many users. It’s important, however, to note that Intel has rated the vulnerability as critical, and so users should look to perform a system scan of their desktop to eliminate any external issues.


In the same advisory posted by Intel, a second flaw is said to have been discovered Although much less of a threat than the issue mentioned earlier, the second flaw is said to give attackers an alternative way to attack your desktop. Again, Intel has been quick to release all necessary patches. For those worried about whether their desktop could be at risk, it’s worthwhile checking out the official Intel Newsroom (https://newsroom.intel.com) for more information.


So, what can we do to better safeguard our personal privacy? I’ll begin by using an analogy, “Trust But Verify.” If I were going out today to buy a pair of pants, I would also buy a belt and a pair of suspenders  for my pants. I am not going to trust my pants and belt (Microsoft & Apple) with my money, therefore the need for the suspenders (Linux Live DVD or USB Flash Drive). You can never be sure if a covert keylogger has been installed on your computer.


From my own personal experience, I have found using a Linux live DVD or carrying around a USB stick with a ready-to-go bootable distro, example Linux Mint means that you can run the operating system independent of any host OS and be aware of exactly what you are running. For those of you who are not computer savvy, just go to http://osdisc.com and purchase a USB Flash Drive with many choices of Open Source Software to surf the internet. For less than twenty dollars you will have a secure Linux Operating System and be free from prying eyes.

 

Comments welcome.


Respectfully,


Stephen Sindoni



Categories: None

Post a Comment

Oops!

Oops, you forgot something.

Oops!

The words you entered did not match the given text. Please try again.

Already a member? Sign In

0 Comments