zlacker

[parent] [thread] 5 comments
1. pjc50+(OP)[view] [source] 2015-10-27 18:29:52
It runs a separate firmware, in its own RAM, but can access the main memory at will and invisibly to the main OS

All watched over by hypervisors of loving grace.

How do you know what the firmware does? Is it even possible to inspect it, let alone replace it? It's just another part of the attack surface - not necessarily deliberately, but if there are exploitable bugs in that firmware that can be triggered from the rest of the system, it's another security risk.

replies(2): >>rwmj+i6 >>kbart+k41
2. rwmj+i6[view] [source] 2015-10-27 19:28:39
>>pjc50+(OP)
It's possible to update it, not sure about replacing it with ones own code. I know this is "whataboutism" but here goes: Is this different from Intel ME processors with their "hidden" Sparc core?

http://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub

replies(1): >>msbarn+gh
◧◩
3. msbarn+gh[view] [source] [discussion] 2015-10-27 21:09:59
>>rwmj+i6
> Is this different from Intel ME processors with their "hidden" Sparc core?

Minor quibble: The IME is not Sun's SPARC architecture, it's ARC International's ARC, the Argonaut RISC Core, which has its origins in (of all things) the Super Nintendo's SuperFX chip.

replies(2): >>nickps+vi >>voltag+Hy
◧◩◪
4. nickps+vi[view] [source] [discussion] 2015-10-27 21:20:51
>>msbarn+gh
Didn't even know they had ARC processors in them. That's a trip.
◧◩◪
5. voltag+Hy[view] [source] [discussion] 2015-10-28 00:48:38
>>msbarn+gh
Is this what I've got in my Lenovo X1 with vPro? The Ctrl+P shortcut to get into the config at boot doesn't work - can I poke at it any other way?
6. kbart+k41[view] [source] 2015-10-28 13:12:04
>>pjc50+(OP)
In case of high end Texas Instrument's ARM MCUs + Linux, M3 is used for power management. Though the firmware is provided as a binary blob and there's no way to control or check what it actually does (as far as I know).
[go to top]