Author Topic: Is Microsoft into trojans or spyware?  (Read 40591 times)

0 Members and 6 Guests are viewing this topic.

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #125 on: June 06, 2016, 06:01:30 pm »
European Parliament continues to promote open source!

The European Parliament is continuing to emphasise the importance of free and open source software. In resolutions adopted in March and April, on a thriving data-driven economy and on gender equality and empowering women in the digital age respectively, the Parliament stresses there is a role for free and open source software.

Full article here:

http://www.iot-dev.net/full.php?ar=35
www.iot-dev.net team member
 

Offline imidis

  • Frequent Contributor
  • **
  • Posts: 426
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #126 on: June 06, 2016, 07:21:43 pm »
If they have to go to this lever to attempt to reach their target goal, this is pretty poor.
Gone for good
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #127 on: June 11, 2016, 01:04:31 am »
Intel & ME, and why we should get rid of ME - FSF official statement!

http://www.fsf.org/blogs/licensing/intel-me-and-why-we-should-get-rid-of-me
www.iot-dev.net team member
 

Offline G7PSK

  • Super Contributor
  • ***
  • Posts: 3865
  • Country: gb
  • It is hot until proved not.
Re: Is Microsoft into trojans or spyware?
« Reply #128 on: June 11, 2016, 07:28:03 am »
Intel & ME, and why we should get rid of ME - FSF official statement!

http://www.fsf.org/blogs/licensing/intel-me-and-why-we-should-get-rid-of-me

Is AMD or any other processor manufacturer any better, should we be looking for non Intel based hardware.
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #129 on: June 11, 2016, 07:04:27 pm »
Yes some board do not have ME.

This is libre boot compatible list:

Desktops (AMD, Intel, x86)
Gigabyte GA-G41M-ES2L motherboard
Intel D510MO motherboard
ASUS KCMA-D8 motherboard
Servers/workstations (AMD, x86)
ASUS KFSN4-DRE motherboard
ASUS KGPE-D16 motherboard
Laptops (ARM)
ASUS Chromebook C201
Laptops (Intel, x86)
Lenovo ThinkPad X60/X60s
Lenovo ThinkPad X60 Tablet
Lenovo ThinkPad T60 (there are exceptions. see link)
Lenovo ThinkPad X200
Lenovo ThinkPad R400
Lenovo ThinkPad T400
Lenovo ThinkPad T500
Apple MacBook1,1
Apple MacBook2,1


and another good from coreboot are:

Lenovo   LENOVO G505S ( this is my favorite )
ASUS   F2A85-M

this have some blobs for usd video firmware but are safe and also are amd boards most good one for laptop and desctop.


Aslo i think all old nvidia chipset are good:

like 9400m 320m also.

coreboot can be ported to many more boards. But not posible to i7 and new.


Also we must not forger routers!

TP-LINK-wdr4300 is my best favorite for libre router it is only 50 usd

Make secure Iot gateway with LibreCMC and TP-LINK-wdr4300 - how to

http://www.iot-dev.net/ar1p1.html




« Last Edit: June 11, 2016, 07:18:21 pm by lilos »
www.iot-dev.net team member
 

Offline R005T3r

  • Frequent Contributor
  • **
  • Posts: 387
  • Country: it
Re: Is Microsoft into trojans or spyware?
« Reply #130 on: June 11, 2016, 08:46:03 pm »
I hate windows 10, I'm so glad I've switched to linux It's simply not worth it, I don't even consider it a solution anymore else.
 

Offline TerraHertz

  • Super Contributor
  • ***
  • Posts: 3958
  • Country: au
  • Why shouldn't we question everything?
    • It's not really a Blog
Re: Is Microsoft into trojans or spyware?
« Reply #131 on: June 17, 2016, 11:33:24 pm »
The Intel Management Engine insanity is getting a little more public exposure, which is nice to see.

https://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html
Intel x86s hide another CPU that can take over your machine (you can't audit it)
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks.

Collecting old scopes, logic analyzers, and unfinished projects. http://everist.org
 

Offline R005T3r

  • Frequent Contributor
  • **
  • Posts: 387
  • Country: it
Re: Is Microsoft into trojans or spyware?
« Reply #132 on: June 18, 2016, 09:03:54 am »
The Intel Management Engine insanity is getting a little more public exposure, which is nice to see.

https://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html
Intel x86s hide another CPU that can take over your machine (you can't audit it)
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks.

you already know the solution to this problem: you keep a powerful computer completely out of the net, and you use another little one to surf the net. Nobody will ever care about it. And, NO: computers cannot communicate via speakers or via pci-express antennas or other crap like that. If you also suspect that this may happen, well, consider a faraday cage. 
 

Offline SeanB

  • Super Contributor
  • ***
  • Posts: 16366
  • Country: za
Re: Is Microsoft into trojans or spyware?
« Reply #133 on: June 18, 2016, 11:18:51 am »
ME is something you do not have to worry about. There are 7 billion people, and unless you are preparing to take arm against US government, FBI won't bother to sneak into your PC.
Also, the sense of freedom from being monitored is simply nonsense. People can watch you through telescopes, can install antennas to monitor your RF emission, can hear your conversation through walls, and can apply DPA on your power line. Computer surveillance is only one modern form, but there are tons of traditional forms of surveillance, which you can not evade.
Let's face it, the world runs on jungle rule -- the more powerful ones take privilege over the weaker ones. Unless you are more powerful than US government and Wintel consortium, otherwise just accept it.

true, but those others are things that require both somebody to monitor them and cost something in both effort and physical people. This is something that can be activated remotely, so it will not be long before somebody will figure out how to turn it on and simply scan whole subnets trying to find them, activate them and then simply downloading all the data to analyse. Not Govt, more like those looking to either make a darkweb botnet ( undetectable as well, no malware to find on the machine) or looking to grab login credentials for online banks for some quick regular income from compromised accounts.

Once you can no longer trust the hardware your software runs on all security software is as good as useless.
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #134 on: June 20, 2016, 09:12:39 am »
Let's face it, the world runs on jungle rule -- the more powerful ones take privilege over the weaker ones. Unless you are more powerful than US government and Wintel consortium, otherwise just accept it.

No just ignore them! There is is many other computer you can run free and also software that are free.

https://www.asus.com/Commercial-Servers-Workstations/KCMAD8/  good asus mainboad with coreboot and libreboot support and is not slow !

Who need to use windows anymore ?





www.iot-dev.net team member
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #135 on: June 21, 2016, 04:42:02 pm »
No just ignore them! There is is many other computer you can run free and also software that are free.

https://www.asus.com/Commercial-Servers-Workstations/KCMAD8/  good asus mainboad with coreboot and libreboot support and is not slow !

Who need to use windows anymore ?

I need to run Altium and some commercial embedded compilers from various vendors, and I need to use the latest Intel processor unless AMD Zen is really as good as they promoted.



AMD Zen is not clear is will support coreboot.
www.iot-dev.net team member
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
www.iot-dev.net team member
 

Offline Howardlong

  • Super Contributor
  • ***
  • Posts: 5410
  • Country: gb
Re: Is Microsoft into trojans or spyware?
« Reply #137 on: June 27, 2016, 09:18:30 pm »
Ten grand payout after unauthorised Windows 10 automatic upgrade bricked PC:

http://www.bbc.co.uk/news/technology-36640464
 

Online JPortici

  • Super Contributor
  • ***
  • Posts: 3527
  • Country: it
Re: Is Microsoft into trojans or spyware?
« Reply #138 on: June 28, 2016, 10:51:05 am »
Ten grand payout after unauthorised Windows 10 automatic upgrade bricked PC:

http://www.bbc.co.uk/news/technology-36640464

Quote
Teri Goldstein said [...]
no wonder she won the suit  :-DD
 

Offline TerraHertz

  • Super Contributor
  • ***
  • Posts: 3958
  • Country: au
  • Why shouldn't we question everything?
    • It's not really a Blog
Re: Is Microsoft into trojans or spyware?
« Reply #139 on: July 06, 2016, 11:58:14 am »
Here's an entertaining slideshow of investigation of the Intel Management Engine internals:

  http://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub
  Secret of Intel Management Engine by Igor Skochinsky  (mod on reddit.com/r/ReverseEngineering/ )

But it can only be downloaded as a file if logged into linkedin... urrgh.
Nevermind, here it is as a pdf:
  http://documents.tips/download/link/secret-of-intel-management-engine-by-igor-skochinsky

I came upon that via https://www.superstation95.com/index.php/world/1593   (Hal Turner's new site.)
Very hyperbolic prose there. But I completely agree with his views on this. Except that while the ME insanity _should_ mean the end of Intel, it likely won't. Because most people are just too numb to care.
Until someone cracks those keys, and suddenly all  PCs with recent Intel CPUs get permanently bricked.

Edit: see also http://hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/
« Last Edit: July 06, 2016, 12:13:40 pm by TerraHertz »
Collecting old scopes, logic analyzers, and unfinished projects. http://everist.org
 

Offline Stonent

  • Super Contributor
  • ***
  • Posts: 3824
  • Country: us
Re: Is Microsoft into trojans or spyware?
« Reply #140 on: July 07, 2016, 12:14:15 am »
Intel ME is designed to be used in corporate IT environments to provide remote control of a system that's turned off or in a pre-OS state.

It isn't normally included in home PCs and can almost always be disabled in the bios.
The larger the government, the smaller the citizen.
 

Offline lilos

  • Contributor
  • Posts: 26
  • Country: ro
  • iot-dev.net team member
Re: Is Microsoft into trojans or spyware?
« Reply #141 on: July 08, 2016, 09:16:07 pm »
Intel ME is designed to be used in corporate IT environments to provide remote control of a system that's turned off or in a pre-OS state.

It isn't normally included in home PCs and can almost always be disabled in the bios.

Nope not possible try to remove it from coreboot and pc will shutdown after some time.
All modern mainboard rom firmware for arc processor ( or any maybe some new one .. why not fpga soft cpu .. ?   ) must be included.
 
www.iot-dev.net team member
 

Offline suicidaleggroll

  • Super Contributor
  • ***
  • Posts: 1453
  • Country: us
Re: Is Microsoft into trojans or spyware?
« Reply #142 on: July 08, 2016, 10:47:10 pm »
Intel ME is designed to be used in corporate IT environments to provide remote control of a system that's turned off or in a pre-OS state.

It isn't normally included in home PCs and can almost always be disabled in the bios.
It sounds like you're referring to IPMI or similar.  While that does essentially the same thing, IPMI is intended for consumer use and is only installed on workstation/server motherboards, meanwhile Intel ME is embedded into ALL Intel CPUs, is not designed for consumer use, and cannot be disabled.
 

Offline GEuser

  • Frequent Contributor
  • **
  • Posts: 502
  • Country: 00
  • Is Leaving
Re: Is Microsoft into trojans or spyware?
« Reply #143 on: July 18, 2016, 12:12:44 pm »
Just came across this http://www.bbc.com/news/technology-36824687

"However, as Peter Bright at Ars Technica pointed out, demand for Windows 10 looks set to slow in the near future thanks to dwindling sales of PCs and because the Microsoft programme that lets people upgrade to the OS for free will stop at the end of this month."

Soon I'll be able to turn on winupdate to see what happens
Soon
 

Offline retiredcaps

  • Super Contributor
  • ***
  • Posts: 3575
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #144 on: May 02, 2017, 05:56:59 pm »
In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely. Since recent versions of it can't be removed, this means avoiding all recent generations of Intel hardware.
Not to beat a dead horse, but it was only a matter of time that any code from any vendor (closed source or open) has a vulnerability.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege

Summary:
There is an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products.  This vulnerability does not exist on Intel-based consumer PCs.
 

Offline Red Squirrel

  • Super Contributor
  • ***
  • Posts: 2751
  • Country: ca
Re: Is Microsoft into trojans or spyware?
« Reply #145 on: May 02, 2017, 09:36:49 pm »
In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely. Since recent versions of it can't be removed, this means avoiding all recent generations of Intel hardware.
Not to beat a dead horse, but it was only a matter of time that any code from any vendor (closed source or open) has a vulnerability.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege

Summary:
There is an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products.  This vulnerability does not exist on Intel-based consumer PCs.

Great....lol.   I knew it was a matter of time but this is much earlier than I thought.

Though perhaps this is good news, if someone figured out how to exploit it perhaps someone will figure out how to disable it... easily. (there are ways but they are quite convoluted)
« Last Edit: May 02, 2017, 09:39:45 pm by Red Squirrel »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf