tanasi.it » intel http://www.tanasi.it Alessandro `jekil` Tanasi blog Fri, 02 Jul 2010 11:06:47 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 IAMT, a Centrino backdoor? http://www.tanasi.it/947-iamt-a-centrino-backdoor.html http://www.tanasi.it/947-iamt-a-centrino-backdoor.html#comments Thu, 24 May 2007 02:09:00 +0000 jekil http://localhost/wordpress/?p=929 There is a backdoor in Intel CPU?
There is a technology called IAMT (Intel Active Management Technology) used in Intel CPU for system diagnostics.
Citing from Intel IAMT page:

"Using built-in platform capabilities and popular third-party management and
security applications, Intel AMT allows IT to better Discover, Heal,
and Protect their networked computing assets. Here’s how:

Discover: Intel
AMT stores hardware & software information in non-volatile memory.
With built-in manageability, Intel AMT allows IT to discover the
assets, even while PCs are powered off.ยน With Intel AMT, remote
consoles do not rely on local software agents, helping to avoid
accidental data loss.

Heal: Intel AMT’s
built-in manageability provides out-of-band management capabilities to
allow IT to remotely heal systems after OS failures. Alerting &
event logging help IT detect problems quickly to reduce downtime.

Protect: Intel
AMT featuring System Defense capability protects your network from
threats at the source by proactively blocking incoming threats,
reactively containing infected clients before they impact the network,
and proactively alerting IT when critical software agents are removed.
Intel AMT also helps to protect your network by making it easier to
keep software and virus protection consistent and up-to-date across the
enterprise. Third party software can store version numbers or policy
data in non-volatile memory for off-hours retrieval or updates."

Good.. Remote management capabilities in hardware?
This sounds like a backdoor, or a thing that in "evil hands" can act as a backdoor.
IAMT permits remote upgrade of your system and works with you shutdown your OS.

Intel is heavily promoting what it calls "active management technology" (AMT) in the new chips as a major plus for system administrators and enterprise IT.
Understood to be a sub-operating system residing in the chip’s firmware, AMT will allow administrators to both monitor or control individual machines independent of an operating system.

Additionally, AMT also features what Intel calls "IDE redirection" which will allow administrators to remotely enable, disable or format or configure individual drives and reload operating systems and software from remote locations, again independent of operating systems.
Both AMT and IDE control are enabled by a new network interface controller.
"We all know our [operating system] friends don’t crash that often, but it does happen," Tucker said.

Intel’s reticence to speak publicly about what lies under the hood of its latest firmware technology has also prompted calls to come clean from IT security experts, including Queensland University of Technology’s assistant dean for strategy and innovation, IT faculty,
Bill Caelli.
"It’s a dual use technology. It’s got uses and misuses. Intel has to answer what guarantees it is prepared to give that home users are safe from hackers. Not maybes, guarantees"

So, actually IAMT is a feature, and is a good feature with a dark side in evil hands.

Links:

Random Posts

]]> http://www.tanasi.it/947-iamt-a-centrino-backdoor.html/feed 0