Serious Flaw in Intel Chips Lets Attackers Decrypt Hard Drives

1 minute read
| News

A flaw found in Intel chips lets attackers decrypt your hard drive, among other things. It can’t be fixed but instead mitigated with firmware patches (via The Register).

CSME

The flaw is found within the Converged Security and Mangeability Engine (CSME). This engine does many low-level tasks like controlling power levels, starting the main CPU, verifying and bottling firmware, and providing cryptographic functions. It’s the first thing that starts when you turn on your computer. It’s described as a mini computer because it has its own RAM, CPU, and boot ROM.

The CSME can protect its RAM so that the rest of the computer can’t use it. But there is a tiny window of opportunity between the system turning on and the CSME enabling its memory protection. During that window, it’s possible for a hacker to hijack the CSME. Physical access to the machine is required; this isn’t a remote exploit.

Once a hacker has control over the CSME they can extract its cryptographic keys used for such things like disk encryption. In the case of Macs this means FileVault. Once the keys are stolen the hacker can decrypt your hard drive.

However, this key is not platform-specific. A single key is used for an entire generation of Intel chipsets. And since the ROM vulnerability allows seizing control of code execution before the hardware key generation mechanism in the SKS is locked, and the ROM vulnerability cannot be fixed, we believe that extracting this key is only a matter of time.

“When this happens, utter chaos will reign. Hardware IDs will be forged, digital content will be extracted, and data from encrypted hard disks will be decrypted.

Intel says the only thing people can do is to install firmware mitigation’s and make sure to install the latest software updates. It affects Intel chips manufactured in the past five years, and can’t be completely fixed without replacing the actual chip.

Further Reading

[How Coronavirus Misinformation is Spreading Across Facebook]

[How the EARN IT Act is an Attack on Encryption]

5
Leave a Reply

Please Login to comment
4 Comment threads
1 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
Paul GoodwingeoduckJohn Kheit Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Paul Goodwin
Member
Paul Goodwin

Intel probably farmed out the chip development verification process to China (who conveniently left out a few test vectors).

Makes you wonder though about the expertise and experience level left at Intel

John Kheit
Member
John Kheit

Terrifyingly bad. Also, I think the T1/T2 chips only help on drives that are encrypted by it. But if you boot off a PCI drive in the new Mac Pro, you’re still out of luck.

Intel is just so bad, Apple needs to move over to AMD and it’s own chips.

geoduck
Member
geoduck

Intel used to be The Standard. Increasingly they are now the minimum.

geoduck
Member
geoduck

Question, do Apple’s T1 and T2 security chips mitigate this? AI is saying that late model Macs with these are safe because they load first.

geoduck
Member
geoduck

I’ve been ambivalent on the whole ARM chips in Macs thing, but stories like this make me think it might not be a bad thing.