More like job insecurity. Missing an exploit might be a career ending event, even if it is heretofore an unknown exploit.
On Mon, Nov 20, 2017 at 11:54 AM Melvin Backus <melvin.bac...@byers.com> wrote: > Some call them opportunities, we in IT call them job security. J > > > > -- > There are 10 kinds of people in the world... > those who understand binary and those who don't. > > > > ¯\_(ツ)_/¯ > > > > *From:* listsad...@lists.myitforum.com [mailto: > listsad...@lists.myitforum.com] *On Behalf Of *Kurt Buff > *Sent:* Monday, November 20, 2017 11:34 AM > *To:* ntsysadm <ntsysadm@lists.myitforum.com> > *Subject:* Re: [NTSysADM] OS in the CPU > > > > There are always more problems: > > > https://www.thezdi.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor > > https://www.youtube.com/watch?v=uRemWLNBSZg > > > > On Mon, Nov 20, 2017 at 8:05 AM, Andrew S. Baker <asbz...@gmail.com> > wrote: > > But wait! There's more... > > > > https://www.youtube.com/watch?v=KrksBdWcZgQ > > > > > > (I see your "solution" and raise you two more problems) > > > Regards, > > *ASB* > > > > > > On Sun, Nov 19, 2017 at 12:28 PM, Kurt Buff <kurt.b...@gmail.com> wrote: > > The OS in question (minix), isn't in the main CPU - it's in the CPU of the > management engine, which is completely separate, and doesn't, or at least > shouldn't, affect system performance. > https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Hardware > > That actually makes it worse, since as long as the machine is connect to > power, even though putatively "off", the management engine is available. > That is, if it's been configured. This is an enterprise feature, so the ME > is usually not active in consumer-grade computers. > > But, if it's present and turned on, then it's pretty risky: > > https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/ > > But there's some hope, of a sort - Google is on the case: > > http://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html > > Kurt > > > > On Sun, Nov 19, 2017 at 6:34 AM, Andrew S. Baker <asbz...@gmail.com> > wrote: > > No wonder our machines don't seem as fast as we think they *could* be... > They're busy running more stuff than we thought: > > > > http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/ > > > > The security implications are also pretty staggering... > > Regards, > > *ASB* > > > > > > >