Thursday, August 6th 2020

Intel Hit by a Devastating Data Breach, Chip Designs, Code, Possible Backdoors Leaked

Intel on Thursday was hit by a massive data-breach, with someone on Twitter posting links to an archive that contains the dump of the breach - a 20-gigabyte treasure chest that includes - but not limited to - Intel Management Engine bringup guides, flashing tools, samples; source code of Consumer Electronics Firmware Development Kit (CEFDK); silicon and FSP source packages for various platforms; an assortment of development and debugging tools; Simics simulation for "Rocket Lake S" and other platforms; a wealth of roadmaps and other documents; shcematics, documents, tools, and firmware for "Tiger Lake," Intel Trace Hub + decoder files for various Intel ME versions; "Elkhart Lake" silicon reference and sample code; Bootguard SDK, "Snow Ridge" simulator; design schematics of various products; etc.

The most fascinating part of the leak is the person points to the possibility of Intel laying backdoors in its code and designs - a very tinfoil hat though likely possibility in the post-9/11 world. Intel in a comment to Tom's Hardware denied that its security apparatus had been compromised, and instead blamed someone with access to this information for downloading the data. "We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data," a company spox said.
Source: Tom's Hardware
Add your own comment

151 Comments on Intel Hit by a Devastating Data Breach, Chip Designs, Code, Possible Backdoors Leaked

#1
Mayclore
Well, I suppose sinking ships are known to spring leaks.
Posted on Reply
#3
dicktracy
Didn't know Lisa Su was a part-time hacker. Cool!
Posted on Reply
#4
Crackong
The tweeter also notes "If you find password protected zips in the release the password is probably either "Intel123" or "intel123". This was not set by me or my source, this is how it was acquired from Intel."

The poster encourages downloaders to look for mentions of 'backdoors' in some of the Intel source code, and even provides a sample clip of one such listing, but we aren't sure of the intentions behind the listings in the code.


=========================

Are Intel engineers really that dump and marked "backdoors" in the actual code ?
Posted on Reply
#5
EarthDog
CrackongAre Intel engineers really that dump and marked "backdoors" in the actual code ?
Who knows... but it wouldn't surprise me. I've worked with coders in the past and some of their code has some wonky shiza in it.

The irony isn't lost on dump instead of dumb....hehe!
Posted on Reply
#6
Verpal
Intel Management Engine bringup guides, flashing tools
I donno what you guys think, but for me, it is time to work towards complete removal and replacement of IntelME, security aside, this pesky thing stop our BCLK overclock when the chip is perfectly fine!
Posted on Reply
#7
Mussels
Freshwater Moderator
NSA backdoor password was also Intel123
Posted on Reply
#8
watzupken
This leak is likely going to give Intel more headaches with security going forward.
Posted on Reply
#9
Caring1
I love the picture of the Dam wall breaking before the flood hits everyone below, that is not a leak, someone blew it wide open.
Posted on Reply
#10
mtcn77
Intel is the crazy hookup trying to get your attention no holds barred.
Posted on Reply
#11
EarthDog
mtcn77Intel is the crazy hookup trying to get your attention no holds barred.
pop smoke and run.... its the only way!
Posted on Reply
#13
thesmokingman
I like the fact that they didn't even bother to use codewords for backdoor. Just use backdoor like no one is ever gonna see our internal communications... lmao.
Posted on Reply
#14
chodaboy19
Are these just tools used by intel partners to develop products that work with intel cpus/chipsets, etc?
Posted on Reply
#15
InVasMani
Couldn't happen to a nicer company at least. Somebody set us up the backdoor.
Posted on Reply
#16
hellrazor
Who could have possibly guessed that Intel has security vulnerabilities?
Posted on Reply
#17
the54thvoid
Super Intoxicated Moderator
the possibility of Intel laying backdoors in its code and designs
I'd like to know more on that. I know it's been speculated but if it could be shown to be true, it'd reveal how little importance Intel places on your personal freedoms. And, if true, was it mandated to be put in place, or done so for it's own ends?
Posted on Reply
#18
R-T-B
CrackongThe tweeter also notes "If you find password protected zips in the release the password is probably either "Intel123" or "intel123". This was not set by me or my source, this is how it was acquired from Intel."

The poster encourages downloaders to look for mentions of 'backdoors' in some of the Intel source code, and even provides a sample clip of one such listing, but we aren't sure of the intentions behind the listings in the code.


=========================

Are Intel engineers really that dump and marked "backdoors" in the actual code ?
As I said elsewhere, I have my doubts. It's more likely the hacker is trying to make them look dumb to inflate his own ego.

I have been through parts of the leak. Nothing special, yet.
the54thvoidI'd like to know more on that. I know it's been speculated but if it could be shown to be true, it'd reveal how little importance Intel places on your personal freedoms. And, if true, was it mandated to be put in place, or done so for it's own ends?
FWIW, the evidence he's provided is a code snippet for a management engine remote access service, not a backdoor. There is a lot to comb through though. Pretty sure he just added some code comments. The hacker seems to do this in a few places, making the whole leak questionable.
Posted on Reply
#20
aQi
Well played. Bravo...Bravo !!!
Posted on Reply
#21
ratirt
This stuff proves there is something seriously wrong with Intel. Maybe after all of this some changes are in order? I surely hope so.
Posted on Reply
#22
aQi
ratirtThis stuff proves there is something seriously wrong with Intel. Maybe after all of this some changes are in order? I surely hope so.
The question is. Why a back door ? And why 9/11
Posted on Reply
#23
mtcn77
Aqeel ShahzadThe question is. Why a back door ? And why 9/11
Because they are Porsche fans? Porsche's come with the engine bay at the back.
Posted on Reply
#24
zlobby
watzupkenThis leak is likely going to give Intel more headaches with security going forward.
Yes, it will really put a stain on their otherwise flawless reputation. :D
Posted on Reply
#25
Kohl Baas
Aqeel ShahzadThe question is. Why a back door ? And why 9/11
Why would that be a question? Seriously, backdoors are planted to ease the access to systems/data held by owners who don't want access to their systems/data by others. And 9/11 suggest it has to do with counter-terrorism instead of commercial/industrial espionage. Correct me if I'm wrong, but wasn't one of the biggest hits of Snowden the proof that NSA was involved in industrial espionage against private companies of "ally" nations in favour of american companies?
Posted on Reply
Add your own comment
Nov 26th, 2024 04:07 EST change timezone

New Forum Posts

Popular Reviews

Controversial News Posts