Cov kws tshawb fawb los ntawm Kev Tshawb Fawb Zoo yooj yim (), uas tso cai rau, yog tias koj muaj lub cev nkag mus rau cov khoom siv, txhawm rau rho tawm lub platform hauv paus tseem ceeb (Chipset key), uas yog siv los ua lub hauv paus ntawm kev ntseeg siab thaum txheeb xyuas qhov tseeb ntawm ntau lub platform Cheebtsam, suav nrog TPM (Trusted Platform Module) thiab UEFI firmware.
Qhov tsis zoo yog tshwm sim los ntawm kab laum nyob rau hauv hardware thiab Intel CSME firmware, uas yog nyob rau hauv khau raj ROM, uas tiv thaiv qhov teeb meem los ntawm kev kho nyob rau hauv cov khoom twb siv lawm. Vim muaj lub qhov rais thaum lub sijhawm Intel CSME rov pib dua (piv txwv li, thaum rov pib dua los ntawm kev pw tsaug zog), los ntawm DMA manipulation nws muaj peev xwm sau cov ntaub ntawv rau Intel CSME static nco thiab hloov kho twb pib Intel CSME nco nplooj ntawv los cuam tshuam kev tua, retrieve lub platform tseem ceeb, thiab tau txais kev tswj hwm ntawm cov cim encryption rau Intel CSME modules. Cov ntsiab lus ntawm kev tsim txom ntawm qhov tsis zoo yog npaj yuav tshaj tawm tom qab.
Ntxiv rau kev rho tawm tus yuam sij, qhov yuam kev tseem tso cai rau kev ua tiav ntawm qib xoom tsim nyog (Converged Security thiab Manageability Cav). Qhov teeb meem cuam tshuam rau feem ntau Intel chipsets tshaj tawm tsib xyoos dhau los, tab sis nyob rau hauv 10 tiam ntawm processors (Ice Point) qhov teeb meem tsis tshwm sim. Intel tau paub txog qhov teeb meem txog ib xyoos dhau los thiab tso tawm , uas, txawm hais tias lawv tsis tuaj yeem hloov cov cai tsis zoo hauv ROM, sim los thaiv txoj hauv kev siv tau ntawm qib ntawm tus kheej Intel CSME modules.
Cov txiaj ntsig tau los ntawm kev tau txais lub hauv paus tseem ceeb ntawm lub platform suav nrog kev txhawb nqa rau firmware ntawm Intel CSME cov khoom, kev cuam tshuam ntawm kev tshaj tawm xov xwm encryption systems raws li Intel CSME, nrog rau qhov muaj peev xwm ntawm forging EPID cov cim () kom dhau koj lub computer ua lwm yam los hla kev tiv thaiv DRM. Yog tias ib tus neeg CSME modules raug cuam tshuam, Intel tau muab lub peev xwm los tsim cov yuam sij cuam tshuam nrog SVN (Security Version Number) mechanism. Nyob rau hauv rooj plaub ntawm kev nkag mus rau lub hauv paus ntsiab lus ntawm lub platform, qhov txheej txheem no tsis muaj txiaj ntsig vim tias lub hauv paus tseem ceeb ntawm lub platform yog siv los tsim kom muaj tus yuam sij rau kev nkag mus rau kev tswj hwm kev ncaj ncees (ICVB, Kev Tswj Xyuas Kev Ncaj Ncees Tus Nqi Blob), tau txais qhov twg, dhau los, tso cai rau koj mus forge cov cai ntawm ib qho ntawm Intel CSME firmware modules .
Nws tau raug sau tseg tias tus yuam sij hauv paus ntawm lub platform khaws cia rau hauv daim ntawv encrypted thiab kom ua tiav kev cuam tshuam nws tseem yuav tsum tau txiav txim siab kho vajtse yuam sij khaws cia hauv SKS (Secure Key Storage). Lub ntsiab lus tseem ceeb tsis yog tshwj xeeb thiab yog tib yam rau txhua tiam ntawm Intel chipsets. Txij li thaum kab laum tso cai rau kev ua tiav ntawm ib theem ua ntej cov txheej txheem tseem ceeb hauv SKS raug thaiv, nws tau kwv yees tias tsis ntev los yog tom qab no tus yuam sij kho vajtse yuav raug txiav txim.
Tau qhov twg los: opennet.ru