As best I understand this (mostly thanks to the comments on reddit), some security researchers have found a way to get the rootest of root-level access to certain Intel systems via the USB port.

If I'm understanding this correctly, it's one of those things that is much worse for organizational users. It requires a more recent (Skylake and newer) CPU with the Management Engine enabled, as well as certain additional issues (either a bugged BIOS or some settings not turned on). From the authors' summary:

    Debugging technologies found on modern Intel processors facilitate development of UEFI modules, operating systems, and hypervisors. Security researchers use this low-level mechanism to obtain privileged access to hardware, in order to search for malware and study undocumented hardware and driver features. But as with any debugging mechanism, DCI can also be used by malicious users to gain unauthorized access to data.

    To defend against such attacks, we advise that users activate Boot Guard, verify the status of the DCI enable bit, and disable debugging in the IA32_DEBUG_INTERFACE register (even if the register is disabled, DCI can still run but it is unable to interrupt and therefore access to memory and registers is impossible.




posted by johnnyFive: 439 days ago