Sunday, 2015-07-12

*** prisoner727 <prisoner727!~pi@p5B0E6A09.dip0.t-ipconnect.de> has quit IRC00:00
*** aholler_ <aholler_!~aholler@p4FC37DE1.dip0.t-ipconnect.de> has joined #minnowboard03:58
*** aholler <aholler!~aholler@p4FC36213.dip0.t-ipconnect.de> has quit IRC04:01
*** metastableB_ is now known as metastableb04:23
*** metastableb is now known as metastableB_04:25
*** metastableB_ is now known as metastableb05:58
*** emeb <emeb!~ericb@ip68-2-68-52.ph.ph.cox.net> has quit IRC06:14
*** metastableb is now known as metastableB_06:42
*** diana_olhovik <diana_olhovik!~quassel@95.111.212.206> has joined #minnowboard07:44
*** fisuk <fisuk!~fisuk@insanityfoundry.com> has joined #minnowboard08:05
fisukHi all, I wonder if there's a mirror for the intel flashing tool as it appears that firmware.intel.com is down?08:14
*** holtmann <holtmann!~holtmann@p15136033.pureserver.info> has quit IRC08:25
*** metastableB_ is now known as metastableb08:25
*** holtmann <holtmann!~holtmann@p15136033.pureserver.info> has joined #minnowboard08:25
*** metastableb is now known as metastableB_10:06
*** metastableB_ is now known as metastableb10:07
*** diana_olhovik <diana_olhovik!~quassel@95.111.212.206> has quit IRC10:28
*** bluelightning <bluelightning!~paul@pdpc/supporter/professional/bluelightning> has joined #minnowboard11:09
zentrumhmm, quite hard to believe in UEFI: http://blog.cr4.sh/2015/07/building-reliable-smm-backdoor-for-uefi.html11:23
bcranzentrum: UEFI, or just Secure Boot?11:24
zentrumbcran: to be honest, i do not really need a secure boot, but uefi allows trajans to be not visible by  operating system11:25
bcranzentrum: smm has always allowed them to be invisibie11:26
zentrumbcran: you are right, but it does not make it better :(11:26
bcranyup11:26
bcranunfortunately it's something built into all Intel CPUs11:26
zentrumat least you could buy appliances/SoC, which does not rely on uefi and SMM11:27
bcranAnd with things like vPro it's only getting worse11:27
zentrumbcran: exactly!11:27
zentrumcurrent atom generation will depend heavily on things like that11:27
bcranzentrum: but it's not UEFI itself. ARM processors can use uefi and don't have smm11:28
zentrumbcran: right, was not as precise as needed11:28
zentrumim also using GPT without UEFI11:28
bcranme too - on a mini-itx nas box that I've repurposed for dev work11:29
zentrumbcran: the worse thing is, you do not even have the chance to disble SMM11:30
bcranmeh, I don't worry about it11:30
zentrumfor me, its not soo bad as i do not run available OSes on the systems, so i expect they get no infection during running11:32
zentrumbut who guarantees you the SMM is not infected during production?11:32
bcranwho guarantees that the microcode the CPU is running hasn't been tampered with?11:33
bcranor that the NSA hasn't persuaded Intel to build in a backdoor?11:33
zentrumbcran: I agree, but at least you have a smaller attack vector then11:35
zentrumyou cannot proove microcode for sure and you will live with it, but making SMM is a very evil point to intercept11:36
bcranat some point you just have to trust the CPU11:37
zentrumfor microcodes sure, but SMM? you can easily intercept an appliance and infect it11:37
bcranso why aren't there lots of SMM attacks already?11:38
bcranwe've had it for what, over 20 years already?11:38
zentrumbcran: no one knows how many attacks were already done, no one could even see how it works, now, you can have more or less a full functional tools box to tailor your smm trojan11:40
zentrumi expect, we will see a lot of attacks in the next two years11:40
*** metastableb is now known as metastableB_11:51
*** ajtag <ajtag!~ajtag@weg.electrictea.co.uk> has quit IRC12:16
*** ajtag <ajtag!~ajtag@weg.electrictea.co.uk> has joined #minnowboard12:20
*** bluelightning_ <bluelightning_!~paul@167.127.187.81.in-addr.arpa> has joined #minnowboard13:20
*** bluelightning_ <bluelightning_!~paul@pdpc/supporter/professional/bluelightning> has joined #minnowboard13:20
*** bluelightning <bluelightning!~paul@pdpc/supporter/professional/bluelightning> has quit IRC13:23
*** meflin <meflin!~meflin@c-107-2-144-171.hsd1.co.comcast.net> has quit IRC13:44
*** bluelightning1 <bluelightning1!~paul@167.127.187.81.in-addr.arpa> has joined #minnowboard14:37
*** bluelightning_ <bluelightning_!~paul@pdpc/supporter/professional/bluelightning> has quit IRC14:41
*** meflin <meflin!~meflin@c-107-2-144-171.hsd1.co.comcast.net> has joined #minnowboard14:43
*** metastableB_ is now known as metastableb14:55
*** hrw <hrw!~hrw@redhat/hrw> has joined #minnowboard16:13
*** hrw <hrw!~hrw@redhat/hrw> has quit IRC16:48
*** hrw <hrw!~hrw@redhat/hrw> has joined #minnowboard16:49
*** prp_plague is now known as prpplague17:40
*** fisuk <fisuk!~fisuk@insanityfoundry.com> has left #minnowboard17:58
*** metastableb is now known as metastableB_18:21
*** cccyRegeaneWolfe <cccyRegeaneWolfe!~cccyRegea@210.23.18.203> has quit IRC20:01
*** cccyRegeaneWolfe <cccyRegeaneWolfe!~cccyRegea@210.23.18.203> has joined #minnowboard20:35
*** metastableB_ is now known as metastableb21:35
*** bluelightning1 <bluelightning1!~paul@167.127.187.81.in-addr.arpa> has quit IRC22:45
*** bluelightning1 <bluelightning1!~paul@2001:8b0:258:7d7a:2ad2:44ff:fe40:9209> has joined #minnowboard22:45
*** bluelightning1 <bluelightning1!~paul@2001:8b0:258:7d7a:2ad2:44ff:fe40:9209> has quit IRC23:11
*** Bryanstein <Bryanstein!~Bryanstei@shellium/admin/bryanstein> has quit IRC23:26
*** yocti <yocti!~supybot@yocto-www.yoctoproject.org> has joined #minnowboard23:36
*** prisoner727 <prisoner727!~pi@p5B0E7B8C.dip0.t-ipconnect.de> has joined #minnowboard23:56
*** prisoner627 <prisoner627!~pi@p54A21CE9.dip0.t-ipconnect.de> has quit IRC23:59

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!