Ofufuza ochokera ku Positive Technologies kusatetezeka (), zomwe zimalola, ngati muli ndi mwayi wogwiritsa ntchito zipangizo, kuti mutenge fungulo la mizu ya nsanja (Chipset key), yomwe imagwiritsidwa ntchito ngati muzu wa chikhulupiriro potsimikizira kutsimikizika kwa zigawo zosiyanasiyana za nsanja, kuphatikizapo TPM (Trusted Platform Module) ndi UEFI firmware.
Chiwopsezocho chimayamba chifukwa cha cholakwika mu Hardware ndi Intel CSME firmware, yomwe ili mu boot ROM, yomwe imalepheretsa vutoli kukhazikitsidwa pazida zomwe zikugwiritsidwa ntchito kale. Chifukwa cha kukhalapo kwa zenera pakuyambiranso kwa Intel CSME (mwachitsanzo, mukayambiranso kugona), kudzera mukusintha kwa DMA ndizotheka kulemba deta ku Intel CSME static memory ndikusintha matebulo okumbukira omwe akhazikitsidwa kale a Intel CSME kuti athetse kuphedwa, pezani kiyi ya pulatifomu, ndikupeza mphamvu pakupanga makiyi obisa a Intel CSME modules. Tsatanetsatane wa kugwiritsiridwa ntchito kwachiwopsezo zakonzedwa kuti zifalitsidwe mtsogolo.
Kuphatikiza pakuchotsa kiyi, cholakwikacho chimalolanso kuti code ichitike pamwayi wa zero (Converged Security and Manageability Engine). Vutoli limakhudza ma Intel chipsets ambiri omwe adatulutsidwa zaka zisanu zapitazi, koma m'badwo wa 10 wa processors (Ice Point) vuto silikuwonekanso. Intel adazindikira vutoli pafupifupi chaka chapitacho ndikumasulidwa , zomwe, ngakhale kuti sizingasinthe code yosatetezeka mu ROM, yesetsani kuletsa njira zogwiritsira ntchito pamlingo wa Intel CSME modules.
Zotsatira zomwe zingatheke popeza fungulo la mizu ya nsanja ndikuphatikizapo kuthandizira firmware ya zigawo za Intel CSME, kunyengerera kwa makina osungira mauthenga okhudzana ndi Intel CSME, komanso kuthekera kopanga zozindikiritsa za EPID () kuyimitsa kompyuta yanu ngati ina yolambalala chitetezo cha DRM. Ngati ma module a CSME asokonezedwa, Intel yapereka mwayi wokonzanso makiyi omwe akugwirizana nawo pogwiritsa ntchito makina a SVN (Security Version Number). Mukakhala ndi mwayi wofikira pa fungulo la mizu ya nsanja, makinawa sagwira ntchito chifukwa fungulo la mizu ya nsanja limagwiritsidwa ntchito kupanga kiyi yotsekera chipika chowongolera umphumphu (ICVB, Integrity Control Value Blob), kupeza chomwe chimakulolani pangani ma code a Intel CSME firmware modules.
Zimadziwika kuti fungulo la pulatifomu limasungidwa m'mawonekedwe obisika ndipo kuti mugwirizane kwathunthu ndikofunikira kudziwa kiyi ya hardware yosungidwa mu SKS (Secure Key Storage). Kiyi yotchulidwayo si yapadera ndipo ndi yofanana pa m'badwo uliwonse wa Intel chipsets. Popeza cholakwikacho chimalola kuti code ichitike panthawi yomwe makina opangira makiyi a SKS atsekeredwa, zimanenedweratu kuti posachedwa kiyi ya Hardware idzadziwika.
Source: opennet.ru