By Justin Agrell
Imagine a world where every new building has a secret room. Not a private workshop nor an armory, not a gift wrapping room nor an underground railroad hostel. The owner of the building has no control over the room. It has no windows or doors. There’s no way in or out. Its purpose is protected and unknown and the owner must pay for the power and utilities the room uses. If it’s damaged or deleted, all utilities cease to function and the building becomes unusable immediately.
What you’ve heard about the rooms, officially, is that they’re for commercial monitoring and remote control access specifically and that only the rooms being used by professional utility companies and technical businesses are active and all others remain dormant and secure. There’s nothing to worry about. The rumors, however, are much more sinister than that. “The government uses the rooms to spy on us,” you hear. “The rooms are never dormant and can be activated at any time,” they add, and, “Hackers can use the rooms to steal information from us.”
So why have the room? Why have them in normal homes if they’re only for commercial use? The rooms aren’t mandated by any government but are simply installed by all home construction companies. How is it that all builders have come to agree that a secret room is needed? Wouldn’t the one company who decided to not build a secret room instantly become more successful than the others? Why engineer the building to stop functioning if you remove or damage the room?
All of this may sound paranoid or like pure science fiction, but in the world of computers the secret rooms do, in fact, exist — and they’ve been around for years. Additional microcontrollers have been on Intel processors since 2006. They’ve been on AMD processors since 2014. And their true purpose and functionality remain hidden from us.
Intel’s ME (or “Intel Management Engine”) and AMD’s PSP (or “Platform Security Processor”) have unrestricted access to almost every part of modern computers. This includes the most critical parts such as network adapters and system memory. They’re accessible when the computer is off as long as they have power of any kind connected and can turn the computer on. Whoever gains control of these secret systems can take control.
In May of 2017, Intel admitted to an exploit affecting many commercial computers that allowed access to their Management Engine giving the hacker administrative access to the systems. They classified it a critical bug (CVE-2017-5689). This bug is an example of an exploit that’s known to us and that we can now patch. It’s very common for exploits to be found by hackers and government military and, apparently, they’re withheld to be sold on the black market or to be used in wartime to disrupt or damage the enemy.
There are too many secrets. We have already seen one exploit in the wild and we have no way of protecting ourselves from another. If a weakness is found in the Intel ME and AMD’s PSP and is used against us almost every computer built in the last decade will be at risk. In August 2017, a team at Positive Technologies, an European research firm, discovered evidence that a NSA project (High Assurance Platform) had specifically required that the Management Engine be disabled for them.
If our government’s own intelligence agency doesn’t trust these systems, why should any of us?
We live in a world where we are at the mercy of advanced technology. It’s impossible to expect the average person to understand the concepts required to fully realize how vulnerable we are. Thankfully we have individuals and organizations willing to fight for us. The Free Software Foundation, the GNU Project, and the Electronic Frontier Foundation are just a few that know the details of what is going on around us and are fighting to stop it.
To directly fix the “secret room” issue projects like ME_cleaner, Coreboot, and Libreboot have been created which allow us to completely remove the non-essential parts of Intel’s ME from several models of computer.
For most of us, though, our hands are tied. Mine included. I cannot possibly require my business clients to trade thousands of dollars worth of servers, laptops, and desktop computers to only models that support the removal of ME or PSP. The systems I own are modern enough to not be supported by the audited solutions and it remains beneficial to me that I trade my security for productivity. So what can we do? How much longer will be at the mercy of Intel and AMD?
There are no easy answers here; there are only more questions.
Justin Agrell has been a certified IT technician since 2005. He loves Linux, adventure motorcycling, and computer gaming. To get in touch, just email him at Justin@U4E.US.
Tags: AMD, Coreboot, CVE-2017-5689, Electronic Frontier Foundation, exploit, Free Software Foundation, GNU Project, Intel, Intel Management Engine, Justin Agrell, Libreboot, ME, ME_cleaner, microcontrollers, Platform Security Processor, PSP, Two-bit Column