Abaphandi abavela kwi-Positive Technologies ukuba sesichengeni (), evumela ukuba, ukuba unokufikelela ngokomzimba kwisixhobo, ukukhupha iqhosha lengcambu yeqonga (isitshixo seChipset), esetyenziswa njengengcambu yokuthembela xa uqinisekisa ukunyaniseka kwamacandelo eqonga ahlukeneyo, kuquka i-TPM (iModyuli yePlatform ethembekileyo) kunye UEFI firmware.
Ubuthathaka bubangelwa yi-bug kwi-hardware kunye ne-Intel CSME firmware, ebekwe kwi-ROM ye-boot, ethintela ingxaki ukuba ilungiswe kwizixhobo esele zisetyenziswa. Ngenxa yobukho befestile ngexesha lokuqalisa kwakhona kwe-Intel CSME (umzekelo, xa uphinda uqalisa imo yokulala), ngokusebenzisa i-DMA manipulation kunokwenzeka ukuba ubhale idatha kwi-Intel CSME memory static kwaye uguqule esele iqalisiwe i-Intel CSME yephepha leetafile zememori ukuthintela ukubulawa, fumana iqhosha leqonga, kwaye ufumane ulawulo phezu kokuveliswa kwezitshixo zofihlo kwiimodyuli ze-Intel CSME. Iinkcukacha zokusetyenziswa kobuthathaka zicwangciswe ukuba zipapashwe kamva.
Ukongeza ekukhupheni isitshixo, impazamo ikwavumela ukuba ikhowudi iqhutywe kwinqanaba lelungelo elikhethekileyo (Injini yoKhuseleko oluGuquliweyo kunye nokuLawula). Ingxaki ichaphazela uninzi lwe-Intel chipsets ezikhutshwe kule minyaka mihlanu idlulileyo, kodwa kwisizukulwana se-10 seprosesa (Ice Point) ingxaki ayisabonakali. I-Intel yaqaphela ingxaki malunga nonyaka odlulileyo kwaye yakhululwa , leyo, nangona bengenako ukutshintsha ikhowudi esengozini kwi-ROM, zama ukuvimba iindlela zokuxhaphazwa ezinokwenzeka kwinqanaba leemodyuli ze-Intel CSME.
Iziphumo ezinokwenzeka zokufumana iqhosha lengcambu yeqonga libandakanya inkxaso ye-firmware ye-Intel CSME components, ukuthotyelwa kweenkqubo zokufihla imidiya esekwe kwi-Intel CSME, kunye nokuba nokwenzeka kokwenza izihlonzi ze-EPID () ukudlulisa ikhompyuter yakho njengenye ukugqitha ukhuseleko lwe-DRM. Ukuba iimodyuli ze-CSME zomntu zisengozini, i-Intel ibonelele ngokukwazi ukuhlaziya izitshixo ezihambelanayo kusetyenziswa indlela ye-SVN (iNombolo yoKhuseleko lweNombolo). Kwimeko yonikezelo kwiqonga lengcambu yesitshixo, le ndlela yokusebenza ayisebenzi kuba iqhosha lengcambu leqonga lisetyenziswa ukwenza isitshixo soguqulelo oluntsonkothileyo ibhloko yolawulo lwemfezeko (ICVB, Integrity Control Value Blob), ukufumana okukuvumela ukuba yenza ikhowudi yayo nayiphi na imodyuli ye-Intel CSME firmware .
Kuqatshelwe ukuba iqhosha lengcambu leqonga ligcinwe kwifom efihliweyo kwaye ukwenzela ukulungelelaniswa okupheleleyo kuyafuneka ukongezelela ukugqiba isitshixo se-hardware esigcinwe kwi-SKS (Khusela ukugcinwa kweSitshixo). Isitshixo esichaziweyo asifani kwaye siyafana kwisizukulwana ngasinye se-Intel chipsets. Kuba i-bug ivumela ikhowudi ukuba iqhutywe kwinqanaba phambi kokuba indlela yokuvelisa engundoqo kwi-SKS ivaliwe, kuqikelelwa ukuba kungekudala okanye kamva eli qhosha le-hardware liya kumiselwa.
umthombo: opennet.ru