After CIA leak, Intel Security releases detection tool for EFI rootkits (opens in new tab)

(pcworld.com)

224 pointspttrsmrt9y ago56 comments

56 comments

No amount of EFI rootkit detection will ever remove the possibility that malicious code is running inside the Intel Management Engine (ME), because code inside the ME would run side-by-side with the bootloader and with unlimited permissions.

Unless Intel provides source code for the ME, it is impossible to 100% know whether unauthorized code is running.

Kwastie9y ago

Someone at https://puri.sm almost completely removed the ME. https://puri.sm/posts/neutralizing-intel-management-engine-o...

bobcallme9y ago

What's with the free advertising? They were not the ones to do the original work with coreboot or removing the non important parts of the ME. If anything, Purism has lied, taken credit for other peoples work and given people a false sense of "privacy" and "security". "Almost completely removed the ME" is not good enough and there is way too much room to do malicious things.

1 more reply

Relys9y ago

1 more reply

mike-cardwell9y ago

Even if Intel gave you the source code, you still wouldn't know if there was any unauthorised code running.

Taek9y ago

Reproducible builds is a very important part of knowing you are secure, and in the absence of that at least being able to flash on your own compilation.

1 more reply

sschueller9y ago

Is there any reason Intel would not open source that code? It not like it will run on other hardware?

sounds9y ago

This is a better link (it is Intel's original blog post):

https://securingtomorrow.mcafee.com/business/chipsec-support...

It includes a few more details about what was released:

  It extracts EFI firmware from flash ROM memory
  automatically if the firmware file is not
  specified.

  We recommend generating an EFI whitelist after
  purchasing a system or when you are sure it has
  not been infected:

  # chipsec_main -m tools.uefi.whitelist -a generate

  Then check the EFI firmware on your system
  periodically or whenever you are concerned, such
  as when a laptop was left unattended:

...

An analysis of the approach they are taking would lead to some pretty easy improvements.

etiam9y ago

Finally some tools for this. Very good. Would this be the first reasonably doable method for extracting all the blobs? Seem like it must be a well-needed foundation to build on for security companies.

But...

  We recommend generating an EFI whitelist after
  purchasing a system or when you are sure it has
  not been infected

Not that I have a better suggestion, but with interdicted shipments and other vulnerable points along the supply chain before a system is in the care of its owner, it doesn't exactly seem like a sure bet that it's clean on arrival. How would one otherwise be "sure it has not been infected"? Any feasible ways?

Next step would be to provide lists of known good signatures from some controlled environment, or at least a consensus system to know whether the version one finds matches the version others have?

Canada9y ago

If you have access to more than one identical system they can be compared. Or there could be a public list of known good hashes as you suggest.

In any case having a tool to even perform the check is great.

throwaway911119y ago

This doesn't preclude the infect-at-the-factory issue: you'd end up verifying you HAVE the rootkit (and reverting to that if it changes).

1 more reply

gpm9y ago

> How would one otherwise be "sure it has not been infected"? Any feasible ways?

If you are willing to assume they aren't infecting every computer. Walk into a random brick and mortar store and buy it there.

If you're paranoid to the point where you don't trust the people at a random brick and mortar store, point at a display model (or if they have non-display models visible one of those) and insist on that one in particular, without it leaving your sight at any point in time.

partycoder9y ago

I hope they also release System Management Mode (aka ring -2) rootkit detection tools.

https://en.wikipedia.org/wiki/System_Management_Mode#Problem...

That in combination with the Management Engine are ways in which people have been disowned of their own machines.

mempko9y ago

And what if intel is compromised? Mass rootkit installation!

grandalf9y ago

Of all the attacks a nation state could do, surely finding a few talented people to get PhDs in the appropriate fields and go to work at Intel and collect a paycheck along with a nice stipend from the nation state is likely among the easiest.

hguant9y ago

Why bother with employees - just go give money to intel to do this. Intel as a system is designed to produce chips that work a certain way, and my understanding is that said system is rather good at what it does, dedicating the time and energy of many rather smart people to making sure things work the way they're supposed to. Why risk throwing a monkey wrench into such a system when you can just point it in a different direction?

AT&T and Verizon don't have 'plant' employees. Much simpler - and legally, safer - to just give the bag of money straight to the corporation.

4 more replies

mcbits9y ago

Probably easier to find an existing employee with financial problems and offer a duffel bag of cash to plug in a USB stick for 30 seconds.

2 more replies

kbenson9y ago

I'm not sure it's all that easy, since a) you can't know exactly how good someone is going to turn out to be (you can probably get close through), and b) you can't tell what Intel will be hiring for later, and c) to increase your odds you probably want more than a few people in this program to achieve at least a few people being hired in positions that are useful.

That said, the main hurdles seem to be managing people and funds, which government agencies seem pretty good at figuring out. So maybe not all that easy, but maybe not particularly hard either. The biggest problem might be keeping it secret, given the number of people that might need to be involved that are clandestinely working for a TLA but not as their main job and not steeped in the culture of secrecy.

MaxfordAndSons9y ago

Isn't it unlikely that an individual engineer (or even a handful) could effect a design level compromise on such a massive project as building a processor? Not only because of the managerial oversight they'd have to circumvent, but because of the overall system complexity. As sibs have pointed it, it would seem much more practical to just compromise Intel at a corporate/managerial level.

1 more reply

hellbanner9y ago

My thoughts exactly! What a great way to get rootkits on people who want to protect themselves.

The code is here: https://github.com/chipsec/chipsec

tptacek9y ago

You can reverse engineer the EFI modules, build a whitelist based on known safe code, and then detect subversion at Intel, so this is not a good strategy for serious adversaries.

etiam9y ago

In theory, sure. Is it sufficiently simple that people will do it in practice? (I don't know, I expect you would know)

Wouldn't the malicious alterations introduced in a scenario like that most likely be exploitable defects that could be explained away as mistakes? If they accumulate too much around certain people that's suspicious of course, but it seems like it would often be difficult to downright prove that someone intentionally broke the security of a rather complex system.

1 more reply

api9y ago

You should go post about this on Reddit /r/nosleep

xvilka9y ago

This can be done manually using flashrom [1] tool to read (and write) the SPI (and not only SPI) flash and UEFITool [2] to unpack the corresponding image. I've even done some patching for better support of Intel platforms here [3]. Now doesn't have much time to rebase/cleanup/improve it, but hopefully someone will start from where I've finished. Both tools clearly need more love, and I hope current revelations will help to do that.

[1] http://flashrom.org/

[2] https://github.com/LongSoft/UEFITool/tree/new_engine (use 'new_engine' branch)

[3] https://github.com/XVilka/flashrom/tree/layout_descriptor (use 'layout_descriptor' branch)

tomxor9y ago

I also used flashrom instead because it's very simple to install and use... My problem is trying to verify this against the original (I'm running linux on an old macbookpro), i've got the raw flash dump and extracted the .scap from Apple... but after much searching cannot find a way to extract the raw EFI volume to compare. Any ideas?

ardaozkal9y ago

What does it mean to get this? https://s.ave.zone/066.png

[CHIPSEC] Modules failed 1: [-] FAILED: chipsec.modules.common.uefi.s3bootscript

vorpalhex9y ago

-- clarification

Technically all it means, if the error is as advertised, is that the uefi bootscript failed to match. Now, it could be as simple as that UEFI was customized by a vendor. Or it could be something less innocent.

ardaozkal9y ago

I just reflashed my bios and then rechecked stuff, same thing... I did more research and s3bootscript seems to be associated with secure boot. Which I have disabled.

bitmapbrother9y ago

Nice try CIA and Intel, but I'm not falling for this.

rrggrr9y ago

and.... what alternative could you possibly have? There's a reason the Russians reportedly moved to typewriters.

https://www.theguardian.com/world/2013/jul/11/russia-reverts...

The entire computing ecosystem appears to be P0wned by various intelligence services. And, its not unique to the CIA or NSA. The Chinese are assumed to have backdoors into most of what ships from their country.

PhantomGremlin9y ago

There's a reason the Russians reportedly moved to typewriters.

Hopefully the Russians still remember how they bugged US typewriters in the US Embassy in Moscow. Then they'll be able to check that their own typewriters aren't bugged in a similar fashion: http://www.cryptomuseum.com/covert/bugs/selectric/

canada_dry9y ago

LOL!

It's pretty bloody sad state that we're in that your comment cannot be dismissed as some tin-foil-hat-lunatic, but very reasonable skepticism nowadays.

CodeWriter239y ago

What's a little self-installation of malware between a spy agency and a citizen who has nothing to hide?

baq9y ago

So who do you trust?

throwaway20489y ago

does this code rely on UEFI interfaces to fetch this data? If so, cant the rootkit code just lie to it?

cmurf9y ago

Macs lack Secure Boot. This tools seems to be for non-Secure Boot computers. IF it's a Secure Boot system, rootkits aren't supposed to happen, and if they do then there's a hole somewhere that needs fixing.

ams61109y ago

I thought secure boot was about verifying the OS at boot time. Does it also self-verify the EFI code?

cmurf9y ago

I'd like to think the existing firmware verifies the signature of a replacement firmware before permitting the replacement. Otherwise we have problems. But at runtime, I'm not aware if there's any such thing as firmware doing a self verification.

EFI binaries though are expected to be signed or they won't execute, that's the point of Secure Boot, and it includes bootloaders and the kernel all being signed. Most Linux distros I'm aware of also sign their modules because permitting unsigned modules could allow you to inject malware right into the kernel just by loading a compromised kernel module.

psyburr9y ago

Why has Intel not released this tool before? EFI rootkits have always been a threat...

bogomipz9y ago

Does anyone know the attack vector for this root kit?

multinglets9y ago

Because Intel is totally on our side.

j / k navigate · click thread line to collapse

56 comments

trendia9y ago

Unless Intel provides source code for the ME, it is impossible to 100% know whether unauthorized code is running.

Kwastie9y ago

Someone at https://puri.sm almost completely removed the ME. https://puri.sm/posts/neutralizing-intel-management-engine-o...

bobcallme9y ago

1 more reply

Relys9y ago

1 more reply

mike-cardwell9y ago

Even if Intel gave you the source code, you still wouldn't know if there was any unauthorised code running.

Taek9y ago

Reproducible builds is a very important part of knowing you are secure, and in the absence of that at least being able to flash on your own compilation.

1 more reply

sschueller9y ago

Is there any reason Intel would not open source that code? It not like it will run on other hardware?

sounds9y ago

This is a better link (it is Intel's original blog post):

https://securingtomorrow.mcafee.com/business/chipsec-support...

It includes a few more details about what was released:

  It extracts EFI firmware from flash ROM memory
  automatically if the firmware file is not
  specified.

  We recommend generating an EFI whitelist after
  purchasing a system or when you are sure it has
  not been infected:

  # chipsec_main -m tools.uefi.whitelist -a generate

  Then check the EFI firmware on your system
  periodically or whenever you are concerned, such
  as when a laptop was left unattended:

...

An analysis of the approach they are taking would lead to some pretty easy improvements.

etiam9y ago

But...

  We recommend generating an EFI whitelist after
  purchasing a system or when you are sure it has
  not been infected

Next step would be to provide lists of known good signatures from some controlled environment, or at least a consensus system to know whether the version one finds matches the version others have?

Canada9y ago

If you have access to more than one identical system they can be compared. Or there could be a public list of known good hashes as you suggest.

In any case having a tool to even perform the check is great.

throwaway911119y ago

This doesn't preclude the infect-at-the-factory issue: you'd end up verifying you HAVE the rootkit (and reverting to that if it changes).

1 more reply

gpm9y ago

> How would one otherwise be "sure it has not been infected"? Any feasible ways?

If you are willing to assume they aren't infecting every computer. Walk into a random brick and mortar store and buy it there.

partycoder9y ago

I hope they also release System Management Mode (aka ring -2) rootkit detection tools.

https://en.wikipedia.org/wiki/System_Management_Mode#Problem...

That in combination with the Management Engine are ways in which people have been disowned of their own machines.

mempko9y ago

And what if intel is compromised? Mass rootkit installation!

grandalf9y ago

hguant9y ago

AT&T and Verizon don't have 'plant' employees. Much simpler - and legally, safer - to just give the bag of money straight to the corporation.

4 more replies

mcbits9y ago

Probably easier to find an existing employee with financial problems and offer a duffel bag of cash to plug in a USB stick for 30 seconds.

2 more replies

kbenson9y ago

MaxfordAndSons9y ago

1 more reply

hellbanner9y ago

My thoughts exactly! What a great way to get rootkits on people who want to protect themselves.

The code is here: https://github.com/chipsec/chipsec

tptacek9y ago

You can reverse engineer the EFI modules, build a whitelist based on known safe code, and then detect subversion at Intel, so this is not a good strategy for serious adversaries.

etiam9y ago

In theory, sure. Is it sufficiently simple that people will do it in practice? (I don't know, I expect you would know)

1 more reply

api9y ago

You should go post about this on Reddit /r/nosleep

xvilka9y ago

[1] http://flashrom.org/

[2] https://github.com/LongSoft/UEFITool/tree/new_engine (use 'new_engine' branch)

[3] https://github.com/XVilka/flashrom/tree/layout_descriptor (use 'layout_descriptor' branch)

tomxor9y ago

ardaozkal9y ago

What does it mean to get this? https://s.ave.zone/066.png

[CHIPSEC] Modules failed 1: [-] FAILED: chipsec.modules.common.uefi.s3bootscript

vorpalhex9y ago

-- clarification

ardaozkal9y ago

I just reflashed my bios and then rechecked stuff, same thing... I did more research and s3bootscript seems to be associated with secure boot. Which I have disabled.

bitmapbrother9y ago

Nice try CIA and Intel, but I'm not falling for this.

rrggrr9y ago

and.... what alternative could you possibly have? There's a reason the Russians reportedly moved to typewriters.

https://www.theguardian.com/world/2013/jul/11/russia-reverts...

PhantomGremlin9y ago

There's a reason the Russians reportedly moved to typewriters.

canada_dry9y ago

LOL!

It's pretty bloody sad state that we're in that your comment cannot be dismissed as some tin-foil-hat-lunatic, but very reasonable skepticism nowadays.

CodeWriter239y ago

What's a little self-installation of malware between a spy agency and a citizen who has nothing to hide?

baq9y ago

So who do you trust?

throwaway20489y ago

does this code rely on UEFI interfaces to fetch this data? If so, cant the rootkit code just lie to it?

cmurf9y ago

ams61109y ago

I thought secure boot was about verifying the OS at boot time. Does it also self-verify the EFI code?

cmurf9y ago

psyburr9y ago

Why has Intel not released this tool before? EFI rootkits have always been a threat...

bogomipz9y ago

Does anyone know the attack vector for this root kit?

multinglets9y ago

Because Intel is totally on our side.

j / k navigate · click thread line to collapse