[Infowarrior] - Recent Intel Chipsets Have A Built-In Hidden Computer, Running Minix With A Networking Stack And A Web Server

Fri Nov 10 06:11:08 CST 2017

Recent Intel Chipsets Have A Built-In Hidden Computer, Running Minix With A Networking Stack And A Web Server

from the what-could-possibly-go-wrong? dept

https://www.techdirt.com/articles/20171108/09095338574/recent-intel-chipsets-have-built-in-hidden-computer-running-minix-with-networking-stack-web-server.shtml

One way of looking at the history of computing is as the story of how the engineering focus rose gradually up the stack, from the creation of the first hardware, through operating systems, and then applications, and focusing now on platform-independent Net-based services. Underneath it all, there's still the processor, even if most people don't pay much attention to it these days. Unregarded it may be, but the world of the chip continues to move on. For example, for some years now, Intel has incorporated something called the Management Engine into its chipsets:

Built into many Intel Chipset–based platforms is a small, low-power computer subsystem called the Intel Management Engine (Intel ME). The Intel ME performs various tasks while the system is in sleep, during the boot process, and when your system is running. This subsystem must function correctly to get the most performance and capability from your PC.

That is, inside recent Intel-based systems, there is a separate computer within a computer -- one the end user never sees and has no control over. Although a feature for some time, it's been one of Intel's better-kept secrets, with details only emerging slowly. For example, a recent article on Network World pointed out that earlier this year, Dmitry Sklyarov (presumably, that Dmitry Sklyarov) worked out that Intel's ME is probably running a variant of the Minix operating system (yes, that Minix.) The Network World article notes that a Google project has found out more about the ME system:

According to Google, which is actively working to remove Intel's Management Engine (MINIX) from their internal servers (for obvious security reasons), the following features exist within Ring -3:

Full networking stack
File systems
Many drivers (including USB, networking, etc.)
A web server

That’s right. A web server. Your CPU has a secret web server that you are not allowed to access, and, apparently, Intel does not want you to know about.

Why on this green Earth is there a web server in a hidden part of my CPU? WHY?

The "Ring-3" mentioned there refers to the level of privileges granted to the ME system. As a Google presentation about ME (pdf) explains, operating systems like GNU/Linux run on Intel chips at Ring 0 level; Ring-3 ("minus 3") trumps everything above -- include the operating system -- and has total control over the hardware. Throwing a Web server and a networking stack in there too seems like a really bad idea. Suppose there was some bug in the ME system that allowed an attacker to take control? Funny you should ask; here's what we learned earlier this year:

Intel says that three of its ME services -- Active Management Technology, Small Business Technology, and Intel Standard Manageability -- were all affected [by a critical bug]. These features are meant to let network administrators remotely manage a large number of devices, like servers and PCs. If attackers can access them improperly they potentially can manipulate the vulnerable computer as well as others on the network. And since the Management Engine is a standalone microprocessor, an attacker could exploit it without the operating system detecting anything.

As the Wired story points out, that critical bug went unnoticed for seven years. Because of the risks a non-controllable computer within a computer brings with it, Google is looking to remove ME from all its servers, and there's also an open source project doing something similar. But that's difficult: without ME, the modern systems based on Intel chipsets may not boot. The problems of ME have led the EFF to call on Intel to make a number of changes to the technology, including:

Provide a way for their customers to audit ME code for vulnerabilities. That is presently impossible because the code is kept secret.

Offer a supported way to disable the ME. If that's literally impossible, users should be able to flash an absolutely minimal, community-auditable ME firmware image.

Those don't seem unreasonable requests given how serious the flaws in the ME system have been, and probably will be again in the future. It also seems only fair that people should be able to control fully a computer that they own -- and that ought to include the Minix-based computer