ProHoster > Pūnaewele > nūhou pūnaewele > Leaked 20GB o nā palapala ʻenehana kūloko a me nā code kumu Intel

Leaked 20GB o nā palapala ʻenehana kūloko a me nā code kumu Intel

Tilly Kottmann (ʻO Tillie Kottmann), mea hoʻomohala no ka Android platform mai Switzerland, ke alakaʻi nei i ke kahawai Telegram e pili ana i nā leaks data, hoolaha ʻO 20 GB o nā palapala ʻenehana kūloko a me nā code kumu i loaʻa ma muli o kahi leak ʻike nui mai Intel i loaʻa i ka lehulehu. Ua ʻōlelo ʻia ʻo ia ka hoʻonohonoho mua mai kahi hōʻiliʻili i hāʻawi ʻia e kahi kumu inoa ʻole. Nui nā palapala i hōʻailona ʻia ma ke ʻano he mea huna, nā mea huna hui, a i hāʻawi wale ʻia ma lalo o kahi ʻaelike hōʻike ʻole.

ʻO nā palapala hou loa i hoʻopaʻa ʻia i ka hoʻomaka ʻana o Mei a loaʻa ka ʻike e pili ana i ke kahua kikowaena Cedar Island (Whitley) hou. Aia kekahi mau palapala mai ka makahiki 2019, no ka laʻana e wehewehe ana i ke kahua ʻo Tiger Lake, akā ʻo ka hapa nui o ka ʻike i ka makahiki 2014. Ma waho aʻe o nā palapala, loaʻa i ka set ke code, nā mea hana debugging, nā kiʻi, nā mea hoʻokele, a me nā wikiō aʻo.

ʻO kekahi ʻike mai ka hoʻonohonoho:

  • Nā manuale Intel ME (Management Engine), nā pono uila a me nā hiʻohiʻona no nā paepae like ʻole.
  • E kuhikuhi i ka hoʻokō BIOS no ke kahua ʻo Kabylake (Purley), nā hiʻohiʻona a me nā code hoʻomaka (me ka mōʻaukala hoʻololi mai git).
  • Nā kikokikona kumu o Intel CEFDK (Consumer Electronics Firmware Development Kit).
  • Code of FSP packages (Firmware Support Package) a me nā papahana hana o nā papahana like ʻole.
  • Nā pono hana like ʻole no ka debugging a me ka hoʻomohala ʻana.
  • Simics-simulator o ke kahua ʻo Rocket Lake S.
  • Nā papahana a me nā palapala like ʻole.
  • Nā mea hoʻokele binary no kahi kāmela Intel i hana ʻia no SpaceX.
  • Schematics, palapala, firmware a me nā mea hana no ka pae ʻaʻole i hoʻokuʻu ʻia ʻo Tiger Lake.
  • Nā wikiō aʻo ʻo Kabylake FDK.
  • Intel Trace Hub a me nā faila me nā decoders no nā mana like ʻole o Intel ME.
  • ʻO kahi hoʻokō kuhikuhi o ka paepae Elkhart Lake a me nā hiʻohiʻona code e kākoʻo i ka paepae.
  • Nā wehewehe ʻana o nā poloka lako ma ka ʻōlelo Verilog no nā paepae Xeon like ʻole.
  • Hana ʻia ka Debug BIOS/TXE no nā paepae like ʻole.
  • Bootguard SDK.
  • Kaʻina hana simulator no Intel Snowridge a me Snowfish.
  • Nā papahana like ʻole.
  • Nā laʻana mea kūʻai aku.

Ua ʻōlelo ʻo Intel ua wehe ʻo ia i kahi hoʻokolokolo i ka hanana. Wahi a ka ʻike mua, ua loaʻa ka ʻikepili ma o ka ʻōnaehana ʻike "Punawaiwai a me ka Hale Hoʻolālā Intel", ka mea i loaʻa i ka ʻike ʻike palena ʻole no nā mea kūʻai aku, nā hoa a me nā ʻoihana ʻē aʻe e launa pū me Intel. ʻO ka mea maʻamau, ua hoʻouka ʻia a paʻi ʻia ka ʻike e kekahi mea i loaʻa i kēia ʻōnaehana ʻike. ʻO kekahi o nā limahana Intel kahiko hōʻike ʻia ʻoiai e kūkākūkā ana i kāna mana ma Reddit, e hōʻike ana he hopena paha ka leak i ka sabotage e kekahi limahana a i ʻole hacking o kekahi o nā mea hana motherboard OEM.

ʻO ka mea inoa ʻole nāna i hoʻouna i nā palapala no ka paʻi ʻana kuhikuhiua hoʻoiho ʻia ka ʻikepili mai kahi kikowaena paʻa ʻole i mālama ʻia ma Akamai CDN a ʻaʻole mai ka Intel Resource and Design Center. Ua ʻike ʻia ke kikowaena ma ka pōʻino i ka wā o ka nānā ʻana i nā pūʻali me ka nmap a ua hacked ʻia e kahi lawelawe palupalu.

Ua haʻi kekahi mau paʻi i ka hiki ke ʻike ʻia o nā puka hope ma Intel code, akā he kumu ʻole kēia mau ʻōlelo a hoʻokumu wale ʻia ma luna.
alo ka huaʻōlelo "Save the RAS backdoor request pointer to IOH SR 17" ma kahi ʻōlelo ma kekahi o nā faila code. Ma ka pōʻaiapili o ACPI RAS ʻo ia hoʻi "Ka hilinaʻi, ka loaʻa, ka lawelawe lawelawe". Hoʻoponopono ka code i ka ʻike a me ka hoʻoponopono ʻana i nā hewa hoʻomanaʻo, e mālama ana i ka hopena ma ka papa inoa 17 o ka hub I/O, a ʻaʻole i loaʻa kahi "puka hope" ma ke ʻano o ka palekana ʻike.

Ua māhele ʻia ka hoʻonohonoho ma nā pūnaewele BitTorrent a loaʻa ma o loulou magnet. ʻO ka nui o ka waihona zip ma kahi o 17 GB (wehe i nā ʻōlelo huna "Intel123" a me "intel123").

Eia hou, hiki ke hoʻomaopopo ʻia ma ka hopena o Iulai ʻo Tilly Kottmann hoolaha ma ka lehulehu ʻikepili nā waihona i loaʻa ma muli o nā leaka ʻikepili mai kahi o 50 mau hui. Aia ka papa inoa i nā hui e like me
ʻO Microsoft, Adobe, Johnson Controls, GE, AMD, Lenovo, Motorola, Qualcomm, Mediatek, Disney, Daimler, Roblox a me Nintendo, a me nā waihona like ʻole, nā lawelawe kālā, nā ʻoihana kaʻa a me nā hui huakaʻi.
ʻO ke kumu nui o ka leak ʻo ia ka hoʻonohonoho hewa ʻana o ka ʻōnaehana DevOps a waiho i nā kī komo i nā waihona lehulehu.
ʻO ka hapa nui o nā waihona i kope ʻia mai nā ʻōnaehana DevOps kūloko e pili ana i ka SonarQube, GitLab a me Jenkins platforms, kahi e komo ai. ʻaʻole palena kūpono (i nā hanana kūloko o nā kahua DevOps ua hoʻohana ʻia nā hoʻonohonoho paʻamau, e hōʻike ana i ka hiki ke komo i ka lehulehu i nā papahana).

Eia kekahi, i ka hoʻomaka o Iulai, ma muli o ka hopena kuʻikahi ʻO ka lawelawe ʻo Waydev, i hoʻohana ʻia no ka hoʻopuka ʻana i nā hōʻike analytical e pili ana i ka hana ma nā waihona Git, ua loaʻa kahi leaka waihona, me kahi mea i hoʻokomo i nā hōʻailona OAuth no ke komo ʻana i nā waihona ma GitHub a me GitLab. Hiki ke hoʻohana ʻia ia mau hōʻailona e hoʻopaʻa i nā waihona pilikino o nā mea kūʻai aku ʻo Waydev. Ua hoʻohana ʻia nā hōʻailona i hopu ʻia e hoʻololi i nā ʻōnaehana dave.com и flood.io.

Source: opennet.ru

Pākuʻi i ka manaʻo hoʻopuka