info
Grupos de Google ya no admite nuevas publicaciones ni suscripciones de Usenet. El contenido anterior sigue siendo visible.
Dismiss
Another unfixable Intel chip flaw could render Apple's FileVault useless
Visto 4 veces
Saltar al primer mensaje no leído
Arlen Holder
6 mar 2020, 13:32:546/3/20
a
Dateline today & yesterday...
o Positive Technologies: Unfixable vulnerability in Intel chipsets
threatens users and content rightsholders
<https://www.ptsecurity.com/ww-en/about/news/unfixable-vulnerability-in-intel-chipsets-threatens-users-and-content-rightsholders/>
"An error in chipset read-only memory (ROM) could allow attackers to
compromise platform encryption keys and steal sensitive information.
"Most Intel chipsets released in the last five years contain the
vulnerability in question."
"By exploiting vulnerability CVE-2019-0090, a local attacker could
extract the chipset key stored on the PCH microchip and obtain access
to data encrypted with the key. Worse still, it is impossible to detect
such a key breach. With the chipset key, attackers can decrypt data
stored on a target computer and even forge its Enhanced Privacy ID
(EPID) attestation, or in other words, pass off an attacker computer
as the victim's computer. EPID is used in DRM, financial transactions,
and attestation of IoT devices."
o Unfixable boot ROM security flaw in millions of Intel chips could
spell utter chaos for DRM, file encryption, etc
<https://www.theregister.co.uk/2020/03/05/unfixable_intel_csme_flaw/>
"It cannot be fixed without replacing the silicon, only mitigated,
it is claimed: the design flaw is baked into millions of Intel processor
chipsets manufactured over the past five years. The problem revolves
around cryptographic keys that, if obtained, can be used to break the
root of trust in a system."
o Another unfixable Intel chip flaw could render Apple's FileVault useless
<https://9to5mac.com/2020/03/06/intel-chip-flaw/>
"a completely new issue has been discovered that is unpatchable
and could render useless SSD encryption like Apple's FileVault
on pre-T1 or T2 Macs"
"a brand new chip-level vulnerability has been discovered in Intel chips,
which is impossible to patch. This potentially lets an attacker
compromise the startup process to gain access to keys used to
encrypt the drive"
etc.
--
People desperately want to _feel_ safe, even when they're not ever safe.
o Positive Technologies: Unfixable vulnerability in Intel chipsets
threatens users and content rightsholders
<https://www.ptsecurity.com/ww-en/about/news/unfixable-vulnerability-in-intel-chipsets-threatens-users-and-content-rightsholders/>
"An error in chipset read-only memory (ROM) could allow attackers to
compromise platform encryption keys and steal sensitive information.
"Most Intel chipsets released in the last five years contain the
vulnerability in question."
"By exploiting vulnerability CVE-2019-0090, a local attacker could
extract the chipset key stored on the PCH microchip and obtain access
to data encrypted with the key. Worse still, it is impossible to detect
such a key breach. With the chipset key, attackers can decrypt data
stored on a target computer and even forge its Enhanced Privacy ID
(EPID) attestation, or in other words, pass off an attacker computer
as the victim's computer. EPID is used in DRM, financial transactions,
and attestation of IoT devices."
o Unfixable boot ROM security flaw in millions of Intel chips could
spell utter chaos for DRM, file encryption, etc
<https://www.theregister.co.uk/2020/03/05/unfixable_intel_csme_flaw/>
"It cannot be fixed without replacing the silicon, only mitigated,
it is claimed: the design flaw is baked into millions of Intel processor
chipsets manufactured over the past five years. The problem revolves
around cryptographic keys that, if obtained, can be used to break the
root of trust in a system."
o Another unfixable Intel chip flaw could render Apple's FileVault useless
<https://9to5mac.com/2020/03/06/intel-chip-flaw/>
"a completely new issue has been discovered that is unpatchable
and could render useless SSD encryption like Apple's FileVault
on pre-T1 or T2 Macs"
"a brand new chip-level vulnerability has been discovered in Intel chips,
which is impossible to patch. This potentially lets an attacker
compromise the startup process to gain access to keys used to
encrypt the drive"
etc.
--
People desperately want to _feel_ safe, even when they're not ever safe.
Alan Baker
6 mar 2020, 13:35:476/3/20
a
...but then only mention Apple.
And note that it is limited to "pre-T1 or T2 Macs".
Arlen Holder
6 mar 2020, 13:53:236/3/20
a
On Fri, 6 Mar 2020 10:35:44 -0800, Alan Baker wrote:
> ...but then only mention Apple.
Apologists always prove to be fantastically _immune_ to facts.
> ...but then only mention Apple.
FACT #1:
o This is an _Apple_ newsgroup, Alan Baker.
FACT #2:
o And .... EVERYTHING in that post to this ng was literally verbatim.
FACT #3:
o Even the Subject line is verbatim, exactly as it is, from 9-to-5 Mac.
So blame _them_ if you don't like the facts.
--
Methinks you simply don't like facts.
Alan Baker
6 mar 2020, 14:04:096/3/20
a
On 2020-03-06 10:53 a.m., Arlen Holder wrote:
> On Fri, 6 Mar 2020 10:35:44 -0800, Alan Baker wrote:
>
>> ...but then only mention Apple.
>
> Apologists always prove to be fantastically _immune_ to facts.
>
> FACT #1:
> o This is an _Apple_ newsgroup, Alan Baker.
Show the similar posts you made in any other group.
> On Fri, 6 Mar 2020 10:35:44 -0800, Alan Baker wrote:
>
>> ...but then only mention Apple.
>
> Apologists always prove to be fantastically _immune_ to facts.
>
> FACT #1:
> o This is an _Apple_ newsgroup, Alan Baker.
Because I just did this search:
<https://groups.google.com/forum/#!search/Intel$20chip$20flaw$20authorname$3Aarlen>
And it returns no results where you discuss this flaw anywhere but here.
>
> FACT #2:
> o And .... EVERYTHING in that post to this ng was literally verbatim.
"Dateline today & yesterday..." wasn't "literally verbatim" (do you know
what a tautology is by the way?)...
...nor was "etc.".
So you LITERALLY lied, Liar.
>
> FACT #3:
> o Even the Subject line is verbatim, exactly as it is, from 9-to-5 Mac.
<https://9to5mac.com/2020/03/06/intel-chip-flaw/>
>
> So blame _them_ if you don't like the facts.
>
A bias which is made even more plain by the fact that you snipped the
facts about this not affecting Macs using the T1 or T2 chips from Apple
to do their disk encryption.
Macs with the T2 chip include every Mac Apple introduced since 2018...
<https://support.apple.com/en-ca/HT208862>
...and the T1 chip expands that to include 2016 and 2017 MacBook Pros.
<https://en.wikipedia.org/wiki/Apple-designed_processors#Apple_T1>
Arlen Holder
8 mar 2020, 1:16:188/3/20
a
By denying all facts as lies, apologists maintain imaginary belief systems.
o Hence, I will not respond in this thread to "Liar liar pants on fire".
Interestingly, the exact opening post was also uploaded to both the Windows
and Linux newsgroups at the same time as this post was provided to the
Apple newsgroups - the body was _exactly_ the same words at the same time.
FACT:
Nobody on the Windows newsgroups claimed "Liar liar pants on fire"
o Even though they're likely even more affected than the Apple ngs may be.
--
The distinction between the adult OS ngs and the Apple ngs is tremendous.
o Hence, I will not respond in this thread to "Liar liar pants on fire".
Interestingly, the exact opening post was also uploaded to both the Windows
and Linux newsgroups at the same time as this post was provided to the
Apple newsgroups - the body was _exactly_ the same words at the same time.
FACT:
Nobody on the Windows newsgroups claimed "Liar liar pants on fire"
o Even though they're likely even more affected than the Apple ngs may be.
--
The distinction between the adult OS ngs and the Apple ngs is tremendous.
Alan Baker
8 mar 2020, 4:06:148/3/20
a
On 2020-03-07 10:16 p.m., Arlen Holder wrote:
> By denying all facts as lies, apologists maintain imaginary belief systems.
> o Hence, I will not respond in this thread to "Liar liar pants on fire".
Why are you replying to yourself, Liar?
> By denying all facts as lies, apologists maintain imaginary belief systems.
> o Hence, I will not respond in this thread to "Liar liar pants on fire".
>
> Interestingly, the exact opening post was also uploaded to both the Windows
> and Linux newsgroups at the same time as this post was provided to the
> Apple newsgroups - the body was _exactly_ the same words at the same time.
...because I checked...
...and it wasn't there when you posted this.
0 mensajes nuevos