vPro and Qubes

[nezn...@xy9ce.tk]

If i have intel processor with the vPro technology - should i afraid some "factory vulnerabilities" of that technology and some manipulation with my BIOS. Or security of Qubes is higher of that level?

[Salmiakki]

On Wednesday, November 16, 2016 at 9:03:12 AM UTC+1, nezn...@xy9ce.tk wrote:
> If i have intel processor with the vPro technology - should i afraid some "factory vulnerabilities" of that technology and some manipulation with my BIOS. Or security of Qubes is higher of that level?

Qubes cannot protect you from this but neither can anything else.
Hardware vulnerabilities will always beat any software. This is also true for Qubes.

[Tai...@gmx.com]

Intel ME (2006+ systems)/AMD PSP (for FM2/AM4), malicious firmware,
exploits for the various devices on your system (the IOMMU is
initialized too late on x86 to protect the host from DMA exploits in the
pre-OS boot window)
The sky truly is the limit.

If you want *reasonably* secure computing you have to either buy a blob
free coreboot board or spend 4K+ on an OpenPOWER8 system that has open
source field re-programmable firmware.
Still currently even on coreboot you have the DMA window problem,
although theoretically it can be fixed.

https://blogs.coreboot.org/blog/2015/02/23/the-truth-about-purism-why-librem-is-not-the-same-as-libre/
https://hackaday.com/2016/01/22/the-trouble-with-intels-management-engine/joanna's
papers are a great read - she is one of the few elite security
researchers that actually understand the problem posed by unaccountable
supervisor processors.

[Tai...@gmx.com]

Accidentally sent before I was finished, didn't include:
https://www.crowdsupply.com/raptorcs/talos - open source hardware, thus
making it more difficult for unaccountable hardware backdoors (ME =
software supported by hardware VS a true hardware backdoor)

There are ARM devices like the Novena that don't have blobs, but they
aren't high performance and I don't know of any that have the ARM
equivalent of an IOMMU.

Get out your wallet for big blue!

[Andrew David Wong]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2016-11-16 00:03, nezn...@xy9ce.tk wrote:
> If i have intel processor with the vPro technology - should i afraid some "factory vulnerabilities" of that technology and some manipulation with my BIOS. Or security of Qubes is higher of that level?
>

Short answer: Yes, but it's not just vPro you should be worried about.

Long answer:

Read this post: https://blog.invisiblethings.org/2015/10/27/x86_harmful.html
And this paper: https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJYMC29AAoJENtN07w5UDAwvLUP/idIreuywqbUlq8cnaAp7Fxe
I6+JqPxPDeuqtZ6vS/3P6k0OTqBBvsDGBoBJ+O4WdxiJ1yh4HlGVI+87LddIYrl1
IGOTBKGCHOvZCQzxzMPPmJlKUJX+X81nhhJAKVqngjDcqT/eLlkOuPkemIIO0mYe
edCdm7jiDNeFzn+IwnAgp5lh25LS7lYwWkH4ri45oxux8IP4jwAT0JckaUH0FUU7
qfTRcxgfdO3UTuKqzz7gBhXFtsTNAHEM/Kubm+4TF/qj2hETS1WKMLUBosNBTWGw
NSdlBUN+SjynGAO9bGUc2uHM2aYbV5b/Hn+o+hCgD7zKzKl7loJyFIe1BCG+z9mo
u2XL7mXdqZ/lOlrFJEZVFWoF0Mc4IrGWwPwfrMDLPIVBPskq2bIxFKO5I8aSaHFK
q2EmceF6eLXeIKOA5WWW3QODgsl4eO69EMi94FZ/bFh9epbtjfaWb0Oc3+prGgPx
tnOzR75+B+Vjvn8TPTiNDVXkD8kJfv0guVGkOo2KnDMBjYAHObNoh54wWQMrD8us
pZ8XsFUXdV66Bwimo8PV1pBo2kuoBSa9oJBSOS/AP0aDwIT3oeruYkiCnip6e8yC
SNJYOk357euBMUTpItH0oxNh8TSO6es+Fn7WQYibKksN0tPxWG7wYheHq0DFQ+oE
h0l6ahsujt158BBT8wlQ
=9afc
-----END PGP SIGNATURE-----

[mrp...@gmail.com]

But this, https://github.com/QubesOS/qubes-antievilmaid/blob/master/anti-evil-maid/README, suggests to have Intel vPro.
I confuse.
Please update. Is vPro good or not?

[sevas]

vPro = bad.

That GitHub page does not recommend vPro. It states that AEM uses a feature
of vPro to detect if vPro software (BIOS) has been tampered with while you
were away. Then you can throw your computer in the trash when AEM throws up
a red flag.

[mrp...@gmail.com]

I searched 'vPro' on the GitHub page. It appears only in this sentence: "In short, AEM relies on TPM and a feature found in Intel's vPro CPUs (TXT) to
detect tampering of various boot components."
Does the author mean Intel TXT -- not vPro? So, it is a typo in the page?

[Tai...@gmx.com]

vPro is a set of ME programs for insecure remote management (vs the
secure owner controlled remote management of OpenBMC) but ME is always
on, always capable of remote access and impossible to disable no matter
what - possibly the best industrial espionage utility ever invented and
not really your computer anymore.

There are a variety of 4.0 compatible computers that are owner
controlled without any black boxes what are you looking for/what are
your needs?

ADW: You can have a TPM without vPro so I suggest changing the manual to
remove it, TXT is also a silly intel gimmick - a better solution is
owner controlled hardware enforced code signing via coreboot grub (I
refuse to endorse heads due to their stance on the purism fake libre frauds)

[mrp...@gmail.com]

I hope the authors of https://github.com/QubesOS/qubes-antievilmaid/blob/master/anti-evil-maid/README would say something here.

[mrp...@gmail.com]

Some Intel processors have Intel TXT without vPro.
https://ark.intel.com/products/93339/Intel-Core-i7-6785R-Processor-8M-Cache-up-to-3_90-GHz

And the GitHub page also says "http://blog.invisiblethings.org/2011/09/07/anti-evil-maid.html
(Note that this article is somewhat outdated, e.g. AEM uses Intel TXT now.)"

So, does AEM use Intel TXT, but not vPro?