Skip to content

New Intel CPUs Have NSA Exploitable Secret Hidden Backdoor


New Intel CPUs come with a hidden backdoor that can allow hackers or the NSA to control your computer remotely even while PC is turned off

Secret of Intel Management Engine by Igor Skochinsky from CODE BLUE

Hardware security expert Damien Zammit revealed some startling revelations in a recent SoftPedia about the secret backdoor built in to new Intel CPUs that no one can touch or disable.

The backdoor, called the Intel Management Engine (ME) is works as a secret subsystem inside your computer’s CPU and runs constantly even when your computer is not turned on.


It works but setting up a TCP/IP server and since the subsystem has complete uncontrolled access to your computer’s hardware, including the network card and memory, it works without the knowledge of your computers operating system and can not be disabled by the OS or by your computer’s firewall.

No one outside of Intel has seen the ME source code and security experts are warning the built-in backdoor has the potential to explode into the worst root kit ever with every modern Intel based CPU becoming compromised.

Intel asserts it is secure from hackers  and such attacks because it is protected by 2048 bit RSA encryption which theoretically thought to be uncrackable during the lifespan of everyone living on earth today.

However, the same theories were thought to be applicable to previous incarnations of the current 2048 bit RSA standard each iteration of which was proven to be absolutely wrong in practice.

Given advancements in mathematical theory relating to algorithms such as the variations of the Quadratic Sieve (QS) and the General Number Field Seive (GNFS) combined with advances in computer hardware and software to support parallel computing researchers have repeatedly surpassed theoretical limits decades and centuries before they were theoretically thought to be vulnerable.

In the mean time relatively unexplored frontiers in current technology remain abound.

Mathematicians continue to work on new theory to crack current encryption techniques combined recent rise of special hardware called Application Specific Integrated Circuits (ASICs) for the mining of concurrency create the possibility for RSA to be cracked in the next few years in ways that were previously imagined.

Moreover, a quantum computing algorithm, known as Shor’s algorithm, would be able to break such encryption in a matter of seconds should it ever be implemented on any of the quantum computers the United States Government and mega technology conglomerates, such as Google and Intel itself, has pumped billions of dollars into developing over the last decade.

Additionally, there have been repeated security issues with the SSL protocol itself revealed over the the past few years each of which present an attack surface against the built-in root kit.

Then when we begin to consider state actors, such as the NSA, the foundation for the underlying security mechanisms that the commercial world takes granted completely crumbles.

It can probably be presumed that Intel’s technology implements certificates for which the NSA can easily counterfeit and act as a man in the middle.


Moreover, instead of conducting such covert operations it could simply overtly issue Intel an National Security Letter and hence gain complete control over any given system at any given time.

The following slideshow by Igor Skochinsky presents an overview of probably the most comprehensive public review of ME.

Secret of Intel Management Engine by Igor Skochinsky


1. Linux came under intense pressure to accept the Intel Chip as the source of random number generation.  Linus refused – but the comments from the core coding team that works on the Random Number generator code reveals the intensity they were put under by Intel.  This research backs up the statements from the Linux coding team regarding Intel and potentially a  “man in the middle attack” by various governments.  One Intel has given in to the NSA, other governments will pressure them for access.
2. Next we need to look at AMD. It would be interesting to see the same research carried out on AMD chips – and if they are secure, maybe it’s time to switch to AMD on privacy grounds.
3. Lastly the EU ENISA team recommended all European citizens use at least RSA 4096, with immediate effect – so Intel’s use of RSA 2048 is inexcusable.  ENISA recommended we move towards RSA 16k asap – so they do not consider RSA 4096 *that* safe.
4. Consider the European advice to its civilians  against that of an American corporation (motivated by money). The different is quite striking.
One Comment
  1. Reblogged this on TheFlippinTruth.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: