Vatsvagiri kubva kuPositive Technologies kusagadzikana (), iyo inobvumira, kana iwe uine ruzivo rwemuviri kumidziyo, kuburitsa kiyi yepuratifomu (Chipset kiyi), iyo inoshandiswa semudzi wekuvimba kana uchisimbisa huchokwadi hwezvikamu zvakasiyana-siyana zvepuratifomu, kusanganisira TPM (Trusted Platform Module) uye UEFI firmware.
Kusagadzikana kunokonzerwa nebug mune hardware uye Intel CSME firmware, iyo iri mubhoot ROM, iyo inodzivirira dambudziko kubva pakugadziriswa mumidziyo yatove kushandiswa. Nekuda kwekuvapo kwehwindo panguva yeIntel CSME restart (semuenzaniso, kana uchitangazve kubva kuhope mode), kuburikidza neDMA manipulation zvinokwanisika kunyora data kuIntel CSME static memory uye gadzirisa yakatotangwa Intel CSME memory peji matafura kuti abvise kuurayiwa, tora kiyi yepuratifomu, uye uwane kutonga pamusoro pechizvarwa che encryption kiyi yeIntel CSME modules. Tsanangudzo yekushandiswa kwekusagadzikana kwakarongwa kuzoburitswa gare gare.
Pamusoro pekubvisa kiyi, iko kukanganisa kunobvumirawo kodhi kuti iitwe pa zero ropafadzo level (Converged Chengetedzo uye Manageability Injini). Dambudziko rinobata mazhinji maIntel chipsets akaburitswa mumakore mashanu apfuura, asi muchizvarwa chegumi chema processors (Ice Point) dambudziko harichaoneki. Intel akaziva nezve dambudziko rinenge gore rapfuura uye akaburitswa , iyo, kunyange isingakwanise kushandura kodhi isina njodzi muROM, edza kuvhara nzira dzekushandisa padanho remunhu Intel CSME modules.
Zvinogoneka mhedzisiro yekuwana kiyi yepuratifomu inosanganisira tsigiro yeIntel CSME zvikamu, kukanganisa kwema media encryption masisitimu akavakirwa paIntel CSME, pamwe nemukana wekugadzira zviziviso zveEPID () kupfuudza komputa yako seimwe yekunzvenga kuchengetedzwa kwe DRM. Kana ega ega CSME module akakanganiswa, Intel yakapa kugona kudzoreredza makiyi akabatana uchishandisa iyo SVN (Security Version Nhamba) maitiro. Muchiitiko chekusvika kumudzi wepuratifomu kiyi, iyi nzira haishande sezvo kiyi yepuratifomu ichishandiswa kugadzira kiyi yekuvharidzira kutendeseka control block (ICVB, Kuvimbika Kudzora Kukosha Blob), kuwana iyo, iyo inobvumidza iwe forge kodhi chero yeIntel CSME firmware modules.
Izvo zvinocherechedzwa kuti midzi kiyi yepuratifomu inochengetwa mune encrypted fomu uye kuti iwanikwe zvizere zvinodikanwa kuti uone kiyi yehardware yakachengetwa muSKS (Chengetedza Kiyi Kuchengeta). Kiyi yakatsanangurwa haina kusarudzika uye yakafanana kuchizvarwa chega chega cheIntel chipsets. Sezvo bug ichibvumira kodhi kuti iitwe pachinhanho nzira kiyi yechizvarwa muSKS isati yavharwa, zvinofanotaurwa kuti munguva pfupi iyi kiyi yehardware ichatemwa.
Source: opennet.ru