ASUS AP23-T91 Battery all-laptopbattery.com |
Posted: November 13, 2017 |
The Reg team thinks it has given itself a nice set of challenges to chase in 2016. Our overall resolution is to become an even better business tech news publication. We want new regular readers to admire our improvement, former readers to find reasons to return and of course to attract new readers too! Those readers might be career techies, technology managers, a CIO, a CEO or a student. Whatever your role in making IT a part of business, we're aiming to be one of your valued sources for insightful news. And hopefully the number one source.So there you have it: our resolutions for 2016. We’re also going to do something about that big pile of sweets and doughnuts at the end of the editorial desk, iron shirts more often and stop splitting infinitives once we figure out the rules of grammar and what they have to do with our mother’s mother.From all of us to all of you: all the best for a healthy, prosperous, stimulating and healthy 2016. If we get this right, we plan to be a big part of the prosperity and the stimulation. 32c3 Security concerns around Intel's x86 processors – such as the company's decision to force the secretive Management Engine microcontroller onto its silicon – have raised fundamental questions about trust in personal computers, whatever architectures they may be based upon. The founder of Invisible Things Labs, security researcher Joanna Rutkowska, delivered one of the first talks to the 32nd Chaos Communications Congress (32c3) in Hamburg on Sunday, restating the issues she considers make Intel x86 "insecure and untrustworthy" before explaining how she believed they may be practically solved in her talk, Towards (reasonably) trustworthy x86 laptops.The lecture was based on Rutkowska's October paper (PDF), which asserts that most modern operating systems are too trusting, plus her December recommendations (PDF).That issue is that kernels, drivers, and other low-level code are assumed to be trustworthy even though bugs hidden within them can be exploited to disable whole security mechanisms. Rutkowska added: "A successful exploit against one of the thousands of drivers, networking protocols and stacks, filesystem subsystems, graphics and windowing services, or any other OS-provided services, has been considered unlikely by the systems architects." Firmware-level vulnerabilities (eg, LightEater) and bungled implementations of boot security (eg, Intel TXT), alongside the small horde of attack vectors introduced through peripherals, provide ample ammunition to attackers, according to Rutkowska.This means you can't really trust your sensitive data with your hardware, and instead crucial information should really be kept apart from the main machine. She said a "strict separation of state-carrying (trusted) element from the rest of the hardware" has become necessary as people and personal computers become increasingly interdependent.Rutkowska said the communal effort on improving personal security in the application layer in recent years – from GnuPG and Tor, through to OpenVPN and disk encryption tool LUKS – “is meaningless if we cannot trust our operating system, because the operating system is the trusted part – if it is compromised then everything is lost.” There have been notable efforts to create a trustworthy operating system stack. Rutkowska herself had started the open-source Qubes OS project five years ago, which now has dozens of contributors. Qubes works by running different applications in their own virtual machines – for example, the VM running a browser used to visit any old website is separate to the VM running GPG; if the browser is compromised, the attacker has to break through the Xen hypervisor to get to the encrypted email client.Version 1.0 of Qubes OS was released in 2012, while 3.0 was released in October of this year.The core of her talk dealt with the widespread assumption of trustworthiness in hardware, particular in regards to laptops, which it doesn't deserve.Intel's x86 platform is ubiquitous in modern laptops, and “present Intel processors really integrate everything and the kitchen sink,” said Rutkowska. “Ten years ago we used to have a processor, a Northbridge, a Southbridge, and perhaps even more discrete elements on the motherboard. Today, nearly all of these elements have been integrated into one processor package.“Of course there is only one company making these,” Rutkowska said. “It's an American company called Intel, and it's a completely opaque construction. We have absolutely no ways to examine what's inside [its chips]. The advantage is that it makes the construction of laptops very easy now, and lots of vendors can produce little sexy laptops.”
When we talk about processors today, we are no longer talking about just the CPU, said Rutkowska. “The processor is now the CPU, GPU, the Memory Controller Hub, PCI express, some southbridge – so for example SATA controller – and so on, as well as something called Management Engine (ME).”Intel ME is a microcontroller, and part of Intel's AMT hardware and firmware technology which allows administrators to remotely manage the hardware over network – all underneath whatever operating system is running. As this management is conducted at a low-level in the stack, it dodges the OS – meaning overwriting your out-of-the-box Windows installation with a Linux distro will not guarantee any trustworthiness.The ME microcontroller comes with its own RAM, it can access the system's RAM, and it has its own private ROM of firmware code, which nobody may inspect. “It runs a whole bunch of proprietary programs,” said Rutkowska, “and even runs Intel's own proprietary operating system, and this is all happening whenever you have some power connected to your processor, even in sleep mode, and it could be doing anything it wants.” The first thought for security people is that this is an ideal backdooring or rootkitting infrastructure. Which is true. However there is another problem, what I call the 'Zombification' of personal computing. Intel “essentially wants to eliminate all the logic that touches data from apps, and the operating system even, and move it to Intel ME. Remember, Intel ME is also an operating system, a separate operating system... nobody knows how it works. Nobody has any possibility to look at the source code, or even reverse-engineer as we cannot analyse the binaries. It is an operating system which is fully controlled by Intel, as is any functionality it offers,” she said.The ME blackbox is not trustworthy, says Rutkowska: “The complexity of the architecture … doesn't look like it could be solved effectively.”Although this seemingly borked Qubes OS's confidence that it could securely lock down and compartmentalize software on a machine, there may be a different way to win the game: “You cannot really win under the old rules," said Rutkowska, who added that it was perhaps time to begin to change those rules. "That starts with recognising that most of the problems here begin with the persistent state.” Infosec wild man John McAfee has taken time off from his US presidential campaign to launch a fresh funding drive for a password replacement product.The proximity-based authentication and access control product, dubbed EveryKey, is also touted as a replacement for physical keys, as the pitch explains.Everykey replaces your passwords and keys. When Everykey is close to your phone, laptop, tablet, house door, car door, or another access-controlled device, it unlocks that device.
McAfee, chief evangelist at Everykey, has launched an Indiegogo campaign to fund production for Everykey. Would-be early adopters have already shelled out $61K with 13 days of the funding drive still to run.A YouTube promo video of McAfee demoing EveryKey can be viewed below.The idea tackles an all too real problem but caution is still advisable. Infosec consultant Paul Moore argues that there's still little to show for the project after three years of development and multiple delays."It's a great idea with (I believe) real potential... but talk of "receiving samples" after three years and $1.2 million dollars of investment, frankly, worries me no end," Moore writes. Water cooler El Reg, some friends of mine have been showing me blog posts about Microsoft keeping secret copies of all our encryption keys. What's going on?Since Windows 8, Microsoft has built drive encryption into its operating system, so none of this should really be a shock. And this encryption feature shouldn't be confused with Bitlocker, which is aimed at power users and businesses; think of this feature as a diet Bitlocker.Whenever you first log into a new Windows 10 computer or device using a Microsoft account, the OS quietly and automatically encrypts the internal storage drive, and uploads a recovery key to Redmond's OneDrive servers. While you're logged into your machine, your data is decrypted and accessible. If someone steals your PC or tablet, and they don't know your password, they shouldn't be able to get at your files because they can't decrypt them. If you forget your password or somehow can't log into your PC or device any more, you won't be able to use your drive because it will remain encrypted. If you change your motherboard, you won't be able to decrypt your data either because the system ties the encryption to a crypto key stored in the chipset. The new board won't have that key.This still doesn't explain why the recovery key is held in the cloud.Imagine the tech support calls Microsoft and PC makers must get every day from people – people who think the caps lock key is cruise control FOR COOL. People who can't remember how to turn on Bluetooth. Now imagine the sheer hell of dealing with hundreds of thousands, if not millions, of people who wake up one morning and can't remember their passwords, only to be told: "Sorry, it's gone. All your data is gone."It's not a hassle Microsoft wants to deal with, so it provides people a recovery key, stored on the corporation's servers, to sign back in. If you have recovery key for an encrypted drive, you can decrypt it.
|
|||||||||||||||||||||||||||||||||||||||||||
|