Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-03 Thread Nico Huber
On 03.05.2017 16:31, Matt DeVillier wrote: > On Wed, May 3, 2017 at 4:17 AM, John Lewis wrote: > >> I think I've answered my own questions by checking out the menuconfig >> options, it looks to me as though up to and including Skylake is possible, >> and flashing internally

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-03 Thread Matt DeVillier
On Wed, May 3, 2017 at 4:17 AM, John Lewis wrote: > I think I've answered my own questions by checking out the menuconfig > options, it looks to me as though up to and including Skylake is possible, > and flashing internally *should* be okay? > Since writing to the ME region

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-03 Thread John Lewis
I think I've answered my own questions by checking out the menuconfig options, it looks to me as though up to and including Skylake is possible, and flashing internally *should* be okay? John. On 03/05/17 10:09, John Lewis wrote: > > Thanks everyone for the responses. > > The thing that bothers

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-03 Thread John Lewis
Thanks everyone for the responses. The thing that bothers me, is if you take a possibly extreme interpretation of "There is also a chance of attacks performed on Intel systems without Intel AMT support." from the people who reported the vuln @ https://www.embedi.com/news/mythbusters-cve-2017-5689

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-02 Thread Zoran Stojsavljevic
I also read in details some of the emails from the previous threads. I downloaded SCSDiscovery tool: https://downloadcenter.intel.com/download/26691/Intel-SCS-System-Discovery-Utility and ran it on my notebook. I got as response a bunch of nonsense info (basically, it failed everywhere) :

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-02 Thread Vadim Bendebury
I wonder if anyone ever completely trusted AMT - maybe some naive excessive cool-aid drinkers :) -vb On Tue, May 2, 2017 at 11:27 AM, ron minnich wrote: > I wonder if anyone is going to completely trust AMT after this problem. It > goes back almost 10 years. So for all

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-02 Thread ron minnich
I wonder if anyone is going to completely trust AMT after this problem. It goes back almost 10 years. So for all those users who had it on for almost 10 years, the question becomes, how much did we lose and when did we lose it? The answer? We'll never know. Are we still owned? We don't know. Can

Re: [coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-02 Thread Patrick Georgi via coreboot
Semi-Accurate only claims accuracy according to what's on the box. The official documentation of the issue can be found at https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075 It looks like a software bug in the AMT firmware. Therefore: - No AMT (eg on non-business consumer

[coreboot] Anyone got an opinion, technical or otherwise, on this?

2017-05-02 Thread John Lewis
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ The article says "all" Intel boards since 2008 are locally vulnerable (ME exploit), but the Intel advisory (linked within) says consumer devices are okay. What the article says about even low end devices still