Archive for Intel

Intel Pwned By Hackers…. Forced To Release Financials Early As A Result

Posted in Commentary with tags , on January 22, 2021 by itnerd

Intel said it was the victim of a hacker who stole financially sensitive information from its corporate website on Thursday, prompting the company to release its earnings statement ahead of schedule:

The US computer chipmaker believed an attacker had obtained advanced details about a strong earnings report it was due to publish after the stock market closed, said George Davis, chief financial officer. It published its formal earnings announcement upon discovering the problem, six minutes before the market closed. Intel’s shares rose more than 6 per cent on Thursday, including almost 2 per cent in the final 15 minutes of trading. “An infographic was hacked off of our PR newsroom site,” Mr Davis said. “We put [our earnings] out as soon as we were aware.” He did not provide more details, but said that the leak was the result of an illicit action that had not involved any unintentional disclosure by the company itself. An Intel spokesperson added: “We were notified that our infographic was circulating outside the company. I do not believe it was published. We are continuing to investigate this matter.”

At least Intel was looking for trouble and were able to take quick action upon finding it. But the fact that they got hacked is still problematic. Clearly there will be a deep dive to figure out how to make sure that this never happens again.

Intel Pwned By Hackers…. At Least 20GB Of Data Swiped Including Data That COULD Lead To Attacks

Posted in Commentary with tags , on August 7, 2020 by itnerd

Intel is the latest company to be pwned by hackers. According to BleepingComputer, A hacker has released 20GB of confidential chip engineering data stolen from Intel. The data that was stolen contains BIOS information and source code of proprietary Intel technology that could be used in building the means to attack computers that use Intel chips. Which would be most of the planet:

According to Tillie Kottmann, a developer and reverse engineer who received the documents from an anonymous hacker, most of the information is supposed to be protected intellectual property. The developer was told that the information was stolen from Intel in a breach this year.

“They were given to me by an Anonymous Source who breached them earlier this Year, more details about this will be published soon,” Kottmann says.

“Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” the developer added.

The following list was provided as a partial overview of the 20GB file:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly.
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)

So what does this mean for you? Now that this file is out there, and there is possibly more coming, bad actors will definitely be scraping through this data dump to find any useful vulnerability to attack. That of course is bad.

Intel for its part had this to say:

“We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data” – Intel representative

It still looks really bad on Intel to have this happen. If it’s an internal party, that is easy to deal with. Though I think Intel will still have some questions to answer. But if an external party did this, then Intel will likely find itself having to answer a lot of questions that they likely would not want to answer from a variety of people.

I think it’s safe to say that this is a developing story and we’ll likely be hearing more details about this in the coming days.

Report Claims That Apple Is About To Announce A Shift Away From Intel Processors At WWDC

Posted in Commentary with tags , on June 9, 2020 by itnerd

Bloomberg is reporting that Apple is going to announce at their World Wide Developers Conference in two weeks that they will be shifting away from using Intel processors in Macs to their own processors. Here’s the details:

The company is holding WWDC the week of June 22. Unveiling the initiative, codenamed Kalamata, at the event would give outside developers time to adjust before new Macs roll out in 2021, the people said. Since the hardware transition is still months away, the timing of the announcement could change, they added, while asking not to be identified discussing private plans.

The new processors will be based on the same technology used in Apple-designed iPhone and iPad chips. However, future Macs will still run the macOS operating system rather than the iOS software on mobile devices from the company. Bloomberg News reported on Apple’s effort to move away from Intel earlier this year, and in 2018. Apple shares were up less than 1% Tuesday while Intel was down less than 1%.

This sounds similar to Apple’s move from IBM’s PowerPC to Intel in the 2000’s. Except that the move to Intel was a bit of a surprise. However this move to Apple’s own processors has been rumored for years. Even Intel expected this move. And that’s because of Intel’s inability to meet it’s own ship targets when it comes to getting their processors out the door. That part is kind of similar to Steve Jobs dumping IBM when they could not get the processors that Apple expected at the speeds that Apple required from IBM on time. It will be interesting to see how this plays out in a couple of weeks.

BREAKING: New CPU Vulnerability Disclosed. Patches From Microsoft And Apple Inbound

Posted in Commentary with tags , , on May 14, 2019 by itnerd

There’s a new CPU vulnerability that has literally just been disclosed by researchers. It’s called ZombieLoad and it is similar to the Spectre and Meltdown CPU flaws that popped up a while ago. Here’s what you need to know:

“ZombieLoad,” as it’s called, is a side-channel attack targeting Intel chips, allowing hackers to effectively exploit design flaws rather than injecting malicious code. Intel said ZombieLoad is made up of four bugs, which the researchers reported to the chip maker just a month ago.

 Almost every computer with an Intel chips dating back to 2011 are affected by the vulnerabilities. AMD and ARM chips are not said to be vulnerable like earlier side-channel attacks.

 ZombieLoad takes its name from a “zombie load,” an amount of data that the processor can’t understand or properly process, forcing the processor to ask for help from the processor’s microcode to prevent a crash. Apps are usually only able to see their own data, but this bug allows that data to bleed across those boundary walls. ZombieLoad will leak any data currently loaded by the processor’s core, the researchers said. Intel said patches to the microcode will help clear the processor’s buffers, preventing data from being read.

Speaking of those patches….:

Intel has released microcode to patch vulnerable processors, including Intel Xeon, Intel Broadwell, Sandy Bridge, Skylake and Haswell chips, Intel Kaby Lake, Coffee Lake, Whiskey Lake and Cascade Lake chips are affected, and all Atom and Knights processors.

But other tech giants, like consumer PC and device manufacturers, are also issuing patches as a first line of defense against possible attacks.

Computer makers Apple  and Microsoft  and browser makers Google and Mozilla  are releasing patches today.

So as soon as those patches appear for your Windows 10 computer or Mac, I would install them to protect yourself. I’ll update this post as soon as patches pop up.

UPDATE: Apple just put up this page addressing this issue:

In short, Apple released mitigations when they released 10.14.5 as well as other software updates for older OSes that they still support.

UPDATE #2: Google has confirmed it has released patches to mitigate against ZombieLoad. The Chrome team has a technical advisory out that says that users should rely on patches for their computer. “Operating system vendors may release updates to improve isolation, so users should ensure they install any updates and follow any additional guidance from their operating system vendor,” said Google. In other words, make sure your Windows PC or your Mac is patched. Though I will point out that a new version of Chrome just hit my PC and Mac.

UPDATE #3: Microsoft has put up a document on this. And patches have apparently been released via Windows Update. Microsoft also has a page with guidance for how to protect against the new attacks. Meanwhile over at Amazon Web Services, AWS has been updated to prevent attacks.

UPDATE #4: VMware has released software updates for vCenter Server, ESXi, Workstation, and Fusion to mitigate this threat. Details here.



Infographic: OEM Partnerships Are Driving Business More So Now Than Ever Before

Posted in Commentary with tags , on January 19, 2019 by itnerd

Dell and Intel released a Futurum Research study sharing insights on the evolution of OEM partnerships in the digital economy. In order to unlock these insights, they had to ask, “What drives OEM partnership?”

The overwhelming answer to this question was that OEM partnerships are driven by Digital Transformation and the desire to embrace emerging technologies for an innovation-ready future. See below for some great insights that evolved from this discovery.

Key report findings:

  • 75% of enterprises expect use of OEM partnerships to increase
  • 25% of enterprises anticipate a dramatic increase in OEM adoption
  • Top growing sectors of OEM partnerships: Banking & Finance, Media & Technology and Consumer Products (Retail, E-Tailers, etc.)
  • The use of OEM Partners to meet critical product and services needs is on the rise, a trend we expect to increase dramatically over the coming 3 to 5 years
  • 87% of organizations agree that OEM partnerships help enterprises embrace emerging technologies for an innovation-ready future
  • Top benefit of OEM partnerships: Helps organizations accelerate product & services innovation

Dell has published a blog post on this here here.

090119-oem infographic

Oh Noes! Seven New Meltdown And Spectre Style CPU Attacks Found!

Posted in Commentary with tags , , on November 14, 2018 by itnerd

A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees:

Two of the seven new attacks are variations of the Meltdown attack, while the other five are variations on the original Spectre attack — two well-known attacks that have been revealed at the start of the year and found to impact CPUs models going back to 1995. Researchers say they’ve discovered the seven new CPU attacks while performing “a sound and extensible systematization of transient execution attacks” — a catch-all term the research team used to describe attacks on the various internal mechanisms that a CPU uses to process data, such as the speculative execution process, the CPU’s internal caches, and other internal execution stages. The research team says they’ve successfully demonstrated all seven attacks with proof-of-concept code. Experiments to confirm six other Meltdown-attacks did not succeed, according to a graph published by researchers.

Well. This isn’t good. It’s a safe bet that people at ARM, AMD, and Intel are scrambling to verify if these attacks are fixable and how fast they can get those fixes out to the public.

Fun times….

Intel Tries And Then Backtracks On Restricting Benchmarking Of CPU Fixes

Posted in Commentary with tags on August 24, 2018 by itnerd

Since the Spectre and Meltdown CPU flaws first became public, Intel has been on the case to fix them. The thing is their fixes have the effect of slowing down the CPU’s ability to process data, and various people and media outlets have documented that. And it appears that Intel is none too pleased about that because thanks to a reader who tipped me off about this, they tried to restrict benchmarking of their fixes:

Intel is updating its loadable CPU microcode to handle various side-channel and timing attacks. There is a new license term applied to the new microcode:

You will not, and will not allow any third party to (i) use, copy, distribute, sell or offer to sell the Software or associated documentation; (ii) modify, adapt, enhance, disassemble, decompile, reverse engineer, change or create derivative works from the Software except and only to the extent as specifically required by mandatory applicable laws or any applicable third party license terms accompanying the Software; (iii) use or make the Software available for the use or benefit of third parties; or (iv) use the Software on Your products other than those that include the Intel hardware product(s), platform(s), or software identified in the Software; or (v) publish or provide any Software benchmark or comparison test results.

Since the microcode is running for every instruction, this seems to be a use restriction on the entire processor. Don’t run your benchmarker at all, not even on your own software, if you “provide” or publish the results.

I say tried because once this became public, there was an epic backlash as one would expect. That forced the CPU giant to go into damage control mode via Imad Sousou, the GM of Intel’s Open-Source Technology Center:

Well at least they listened and took action quickly. But one has to wonder why they even tried to do this in the first place as you would have to imagine that this was going to be the outcome 100 times out of 100. I guess that the fact that their CPUs take a performance hit to some degree or another because of these fixes is a really touchy subject over at Intel.

BREAKING: Intel CEO Resigns Over Relationship With Employee That Was “Consensual”

Posted in Commentary with tags on June 21, 2018 by itnerd

It appears that Intel is having a #MeToo moment.

Intel has put out a press release in the last hour saying that CEO Brian Krzanich has resigned after it came to light that he had a “consensual” relationship with an employee:

Intel was recently informed that Mr. Krzanich had a past consensual relationship with an Intel employee. An ongoing investigation by internal and external counsel has confirmed a violation of Intel’s non-fraternization policy, which applies to all managers. Given the expectation that all employees will respect Intel’s values and adhere to the company’s code of conduct, the board has accepted Mr. Krzanich’s resignation.

Now taking over on an interim basis as CEO is Robert Swan who was the CFO.

The first thing that I thought of when this came to my attention was the Mark Hurd gong show that went down while he was at HP. Though he did eventually resurface at Oracle. I guess a similar reinvention is what Krzanich is hoping for. But in the here and now, Krzanich is dealing with optics that don’t look too good.

Oh Noes! Even More Spectre Like CPU Flaws Found

Posted in Commentary with tags , on May 22, 2018 by itnerd

Google and Microsoft are out with details on yet another Spectre like CPU flaw which is documented in CVE-2018-3639. It is similar to the other Spectre flaws as it stems from speculative execution. This is a technique that modern chips use to optimize their performance by making assumptions about upcoming operations. In this case if the CPU begins a process that doesn’t take place, then it should unwind and delete all of the related data. But sometimes it doesn’t do that which means that someone could get access to that data and here we are talking about it.

Intel has said that the fixes it has already deployed for other variants of this flaw should make this more difficult to exploit. And new fixes are on the way. But they may impact performance. Thus they will be off by default because the risk level is low. But the risk exists so you should expect to see some action on this front in the near future.

Security Researchers Find 8 New ‘Spectre-Class’ Flaws In Intel CPUs…. Possibly ARM Too

Posted in Commentary with tags on May 7, 2018 by itnerd

Here we go again.

Sometime today, we’re going to get details on eight… Yes eight CPU flaws that are being dubbed “Spectre NG” or Spectre Next Generation. First, here’s the details from Reuters:

Researchers have found eight new flaws in computer central processing units that resemble the Meltdown and Spectre bugs revealed in January, a German computing magazine reported on Thursday. The magazine, called c’t, said it was aware of Intel Corp’s plans to patch the flaws, adding that some chips designed by ARM Holdings, a unit of Japan’s Softbank, might be affected, while work was continuing to establish whether Advanced Micro Devices chips were vulnerable… The magazine said Google Project Zero, one of the original collective that exposed Meltdown and Spectre in January, had found one of the flaws and that a 90-day embargo on going public with its findings would end on May 7…

“Considering what we have seen with Meltdown and Spectre, we should expect a long and painful cycle of updates, possibly even performance or stability issues,” said Yuriy Bulygin, chief executive officer of hardware security firm Eclypsium and a former Intel security researcher. “Hopefully, Meltdown and Spectre led to improvements to the complicated process of patching hardware.”

The reason why

Neowin also reports that Intel is expected to release microcode updates in two waves; one in May, and the other in August. But it also says this:

That being said, it appears that Google’s Project Zero may have discovered at least one of the eight vulnerabilities a while ago, and their stringent 90-day non-disclosure window may be very close to lapsing, perhaps as early as May 7, if sources are to be believed. After that, their policy is to publicly release information on the vulnerability, regardless of whether a fix is out.

Which means that this is about to get very real very quickly. I’ll be watching this story and I’ll be posting updates as new info comes to light.