El mar, 02-02-2016 a las 16:46 +0530, Jay Aurabind escribió: > On 30 January 2016 at 21:09, tech-info <[email protected]> wrote: > > Hi There, > > > >> In the mean time, logging traffic to spot odd packets is a great idea. > >> People > >> should document and publish malicious traffic from their networks. > > > > To be 100 % sure, this has to include a professional pentester who > > checks the traffic. Because methods to hide "malicious traffic" inside > > the "allowed traffic" do exist. > > > > Gerd > > > > > > I read that Intel ME will not load firmware unless its signed by Intel > and that if signature verification fails, the ME core shuts down. In > that case, why dont we just make a fake firmware and force it to load > the fake one ? This way the ME core will remain shut down everytime it > boots, isnt it ? > >
that doesn't change the thing that, maybe loading a faulty firmware is a fast and dirty (ou yeah) way to disable iME ^^ Anyways we need reliable methods to check it
