Closed

Intel AMT Allows BitLocker Bypass In Under A Minute

F-Secure researchers found yet another AMT vulnerability, which could allow attackers to compromise a system locally and then control it remotely.

Intel AMT Allows BitLocker Bypass In Under A Minute : Read more
7 answers Last reply
More about intel amt bitlocker bypass minute
  1. "First of all, F-Secure recommends to never leave your laptop unwatched in an insecure location. The company also said that IT departments should either set strong passwords for AMT or, if possible, completely disable it."

    Welp, there goes remote working from companies!

    THANKS INTEL.
  2. You might also want to get your facts straight next about AMT being present in consumer based systems because it most certainly is not. The AMT features have always been and continue to be only on corporate based chipsets.
  3. Rough week for Intel.

    Reckon theres a few more of these before the dust settles.
  4. Yuka said:
    "First of all, F-Secure recommends to never leave your laptop unwatched in an insecure location. The company also said that IT departments should either set strong passwords for AMT or, if possible, completely disable it."

    Welp, there goes remote working from companies!

    THANKS INTEL.

    Remote desktop doesn't use AMT, and thus has nothing to do with this...
  5. TJ Hooker said:
    Yuka said:
    "First of all, F-Secure recommends to never leave your laptop unwatched in an insecure location. The company also said that IT departments should either set strong passwords for AMT or, if possible, completely disable it."

    Welp, there goes remote working from companies!

    THANKS INTEL.

    Remote desktop doesn't use AMT, and thus has nothing to do with this...


    And remote desktop is not what I'm talking about.

    Cheers!
  6. Intel Amt is only enabled, on Q based intel chipsets, as FOOTLOOSE already said. It has _ALLWAYS_ been disabled by default, on the roughly 200 different machines I've iver come in contact with. The default password is indeed not very secure, but neither is the default password on any devices, and again, its not accessible by default.
    Take a look at 0:42, that splashing border effect, is AMT noticing users that AMT is active. If people dont notice such..., what will they notice?
    And yes, of cause, if you leave your computer in hands of others, they can access vital parts, like reseting your bios password, which afaik, isn't that hard. It's neither hard to hotwire the AMT chip, so you can set a new password, but you need physical access to the machine, knowledge, and time. Most devices has this form of 'security flaw'.
    AMT is only reachable on local network port. AMT doesn't start a remote server up, that others can reach from internet, unless doing so intentionally.
    Intel's ME utility on Windows, warns users, if someone is trying to access, even with or without success, on top on that previously splash screen shown.

    AMT can best be compared to iKVM chip.
    If you leave that in others hands, with enough time, it will be exact same.

    This story more shows how desperately firms are seeking for qualified personal, when this 'storm in a glass of water' can get any attention, by anyone.

    FSecure will for sure not ever get my application after this video!
    Are you sure you want to give them yours?
  7. Is it any wonder why Samsung recently surpassed Intel as the number one chip manufacture in the world? This kind of thing could cost people their lives; critical infrastructure, hospitals, dams, nuclear facilities are all potentially at risk. I imagine the ransomware could come at a cost with the right exploit. Siemens controllers in Fukushimas Nuclear facilities were reportedly infected with Stuxnet causing the cooling systems to malfunction. Symantec confirmed over 60 infections Japan just prior to the event. But who needs Stuxnet when you got something 1000x more dangerous? Something certainly not used or wanted by 99.99999% of the population; certainly not without the ability to securely disable its remote access functions & OOBE protocols. Are you going to sit back and wait for Intel to release a patch for your firmware while your nuclear reactors are on the verge of full blown meltdown? Too little, too late. What is Intel going to do about it? What are you going to do about it? This needs an off switch, and not just for the NSA.
Ask a new question

Read More

Security Software Intel