New Intel CPUs Have NSA Exploitable Secret Hidden Backdoor
New Intel CPUs come with a hidden backdoor that can allow hackers or the NSA to control your computer remotely even while PC is turned off
Hardware security expert Damien Zammit revealed some startling revelations in a recent SoftPedia about the secret backdoor built in to new Intel CPUs that no one can touch or disable.
The backdoor, called the Intel Management Engine (ME) is works as a secret subsystem inside your computer’s CPU and runs constantly even when your computer is not turned on.
It works but setting up a TCP/IP server and since the subsystem has complete uncontrolled access to your computer’s hardware, including the network card and memory, it works without the knowledge of your computers operating system and can not be disabled by the OS or by your computer’s firewall.
No one outside of Intel has seen the ME source code and security experts are warning the built-in backdoor has the potential to explode into the worst root kit ever with every modern Intel based CPU becoming compromised.
Intel asserts it is secure from hackers and such attacks because it is protected by 2048 bit RSA encryption which theoretically thought to be uncrackable during the lifespan of everyone living on earth today.
However, the same theories were thought to be applicable to previous incarnations of the current 2048 bit RSA standard each iteration of which was proven to be absolutely wrong in practice.
Given advancements in mathematical theory relating to algorithms such as the variations of the Quadratic Sieve (QS) and the General Number Field Seive (GNFS) combined with advances in computer hardware and software to support parallel computing researchers have repeatedly surpassed theoretical limits decades and centuries before they were theoretically thought to be vulnerable.
In the mean time relatively unexplored frontiers in current technology remain abound.
Mathematicians continue to work on new theory to crack current encryption techniques combined recent rise of special hardware called Application Specific Integrated Circuits (ASICs) for the mining of concurrency create the possibility for RSA to be cracked in the next few years in ways that were previously imagined.
Moreover, a quantum computing algorithm, known as Shor’s algorithm, would be able to break such encryption in a matter of seconds should it ever be implemented on any of the quantum computers the United States Government and mega technology conglomerates, such as Google and Intel itself, has pumped billions of dollars into developing over the last decade.
Additionally, there have been repeated security issues with the SSL protocol itself revealed over the the past few years each of which present an attack surface against the built-in root kit.
Then when we begin to consider state actors, such as the NSA, the foundation for the underlying security mechanisms that the commercial world takes granted completely crumbles.
It can probably be presumed that Intel’s technology implements certificates for which the NSA can easily counterfeit and act as a man in the middle.
Moreover, instead of conducting such covert operations it could simply overtly issue Intel an National Security Letter and hence gain complete control over any given system at any given time.
The following slideshow by Igor Skochinsky presents an overview of probably the most comprehensive public review of ME.
Secret of Intel Management Engine by Igor Skochinsky