@DustinB3403 said in Is Intel VROC FakeRAID?:

@scottalanmiller

I'm not shocked.

Par for the course for Intel storage.

@scottalanmiller said in New secret-spilling hole in Intel CPUs sends company patching (again):

If you build in a back door, people will use it.

So tired of Intel's messes.

Our own @Stuka in the picture 😉

@scottalanmiller That's one hell of a run on sentence! Do you actually speak without pausing or breathing? 🙂

@Emad-R said in SAMIT on Huawei vs US & Google Day Two Recap:

huawei owns middle east the global market

FTFY

@Dashrender said in When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee:

I can't recall if the bad ccleaner was signed or not?

Even if it was, that would be a Microsoft compromise. This is about the AV vendors getting hacked.

@Pete-S said in Getting ready to spec new desktops:

The A chips are probably AMD's A-series desktop chips.
https://www.amd.com/en/processors/athlon-and-a-series

Those are what we use when we say that we use AMD chips. AMD A9 and A10. They are perfect for business desktops that aren't like CAD stations or whatever. I use the A10 myself. I'd really like to move up to the new A12. Ryzen is more for video game or high performance workstation usage, not standard office work. The A series are, IMHO, ideal for the average office worker (which includes IT people.)

@stacksofplates said in Researchers use Intel SGX to put malware beyond the reach of antivirus software:

Did you see what Intel said regarding this:

Intel is aware of this research which is based upon assumptions that are outside the threat model for Intel SGX. The value of Intel SGX is to execute code in a protected enclave; however, Intel SGX does not guarantee that the code executed in the enclave is from a trusted source. In all cases, we recommend utilizing programs, files, apps, and plugins from trusted sources. Protecting customers continues to be a critical priority for us and we would like to thank Michael Schwarz, Samuel Weiser, and Daniel Grus for their ongoing research and for working with Intel on coordinated vulnerability disclosure.

Outside of the threat model?.........

Haha, whatever that means.

@mlnews

There goes Ed25519

Might as well stick to RSA 4096

@kelly said in Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical:

@tim_g said in Eight new Spectre Variant Vulnerabilities for Intel Discovered - four of them critical:

Wow....

But how practical is it to not only first exploit the Spectre vulnerability, but then to get any useful data from most likely other unknown shared VMs on the same box? (really, only on a shared hosting provider host is where 99.9% of the threat is)

This stuff is discarded speculative cached data... maybe a thumbnail you won't be viewing (if it goes that big), or maybe a few bits leading in that direction... maybe credentials (that are encrypted anyways)...

It seems like all you can do is "fish" for unknown discarded speculative data... it doesn't really sound like a huge practical threat, however, I do see the severity and horrible potential of it, just not the practicality.

Here is how I see it playing out in the larger world. Bad actors will be spinning up VMs on hosting providers' hardware, and then trolling for data of cohosted VMs. It isn't a large problem in a secure environment where the list of people who can spin up VMs also have the credentials necessary to make a Spectre-ng attack a waste of time and energy.

Also worth noting, in a cloud environment the data that can be caught this way is essentially random and ephemeral. What works today won't work tomorrow, and whose data you are getting is normally unknown. The scale and anonymity of cloud computing makes these attacks more possible, but less effective, almost to the point of useless.

@dbeato said in Patch Tuesday - Intel Network Drivers:

@ccwtech said in Patch Tuesday - Intel Network Drivers:

Apparently Ninja doesn't control that, so it must have been Windows update defaults.

Wow, check it and see if you can apply a GPO to not allow for that.

As soon as the fire is out... I'll have to take a look.

PTT is a way of provider TPM, they are not two separate things. PTT is a non-dedicated hardware approach to TPM 2.0. PTT is designed for low power devices, often used in industrial computing.

Traditionally TPM requires a TPM module, a dedicated hardware processor and firmware for security. With TPM 2.0 dedicated hardware is no longer required. PTT is Intel's implementation of TPM 2.0 for low power systems.