Hey there! Sign in to join this conversationNew here? Join for free

MINIX overtakes Windows as world's most popular operating system Watch

    • Thread Starter
    Offline

    20
    On desktops.

    On servers, it probably overtook Linux as world's most popular operating system.

    On phones, no.

    Might be a year or two late.

    https://www.networkworld.com/article...-to-intel.html

    It is a bit of a sensationalised article, so I'll summarise:

    - Modern Intel CPUs come with a completely separate chip (the Management Engine)
    - This chip is (officially) for large organisations to be able to remotely manage them at a hardware level, although it is placed on all of Intel's modern chips, not only for organisations
    - Until recently, you could gain root access to some of these chips by sending it a blank username and password. In short, it is a huge security risk. Root access to the chip supercedes root (i.e. admin) access to your operating system.
    - You (the user) have no way to disable the chip
    - Projects exist to disable the chip's functions, although the way Intel has designed them, it is impossible to remove it entirely, since the PC is shut off if the chip isn't detected.
    • Thread Starter
    Offline

    20
    Intel admits there are critical holes in secret Management Engine hidden in tons of desktop and server chipsets

    https://www.theregister.co.uk/2017/1...irmware_flaws/

    Shocking! :rolleyes:

    Bugs can be exploited to extract info, potentially insert rootkits

    Intel today admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) are vulnerable to multiple worrying security flaws, based on the findings of external security experts.

    The firmware-level bugs allow logged-in administrators, and malicious or hijacked high-privilege processes, to run code beneath the operating system to spy on or meddle with the computer completely out of sight of other users and admins. The holes can also be exploited by network administrators, or people masquerading as admins, to remotely infect machines with spyware and invisible rootkits, potentially.

    Meanwhile, logged-in users, or malicious or commandeered applications, can leverage the security weaknesses to extract confidential and protected information from the computer's memory, potentially giving miscreants sensitive data – such as passwords or cryptographic keys – to kick off other attacks. This is especially bad news on servers and other shared machines.

    In short, a huge amount of Intel silicon is secretly running code that is buggy and exploitable by attackers and malware to fully and silently compromise computers. The processor chipsets affected by the flaws are as follows:
 
 
 
Reply
Submit reply
TSR Support Team

We have a brilliant team of more than 60 Support Team members looking after discussions on The Student Room, helping to make it a fun, safe and useful place to hang out.

Updated: November 21, 2017
  • See more of what you like on The Student Room

    You can personalise what you see on TSR. Tell us a little about yourself to get started.

  • Poll
    What newspaper do you read/prefer?
    Useful resources
  • See more of what you like on The Student Room

    You can personalise what you see on TSR. Tell us a little about yourself to get started.

  • The Student Room, Get Revising and Marked by Teachers are trading names of The Student Room Group Ltd.

    Register Number: 04666380 (England and Wales), VAT No. 806 8067 22 Registered Office: International House, Queens Road, Brighton, BN1 3XE

    Quick reply
    Reputation gems: You get these gems as you gain rep from other members for making good contributions and giving helpful advice.