Thursday, August 6th 2020

Intel Hit by a Devastating Data Breach, Chip Designs, Code, Possible Backdoors Leaked

by
btarunr
 Discuss (151 Comments)
Intel on Thursday was hit by a massive data-breach, with someone on Twitter posting links to an archive that contains the dump of the breach - a 20-gigabyte treasure chest that includes - but not limited to - Intel Management Engine bringup guides, flashing tools, samples; source code of Consumer Electronics Firmware Development Kit (CEFDK); silicon and FSP source packages for various platforms; an assortment of development and debugging tools; Simics simulation for "Rocket Lake S" and other platforms; a wealth of roadmaps and other documents; shcematics, documents, tools, and firmware for "Tiger Lake," Intel Trace Hub + decoder files for various Intel ME versions; "Elkhart Lake" silicon reference and sample code; Bootguard SDK, "Snow Ridge" simulator; design schematics of various products; etc.

The most fascinating part of the leak is the person points to the possibility of Intel laying backdoors in its code and designs - a very tinfoil hat though likely possibility in the post-9/11 world. Intel in a comment to Tom's Hardware denied that its security apparatus had been compromised, and instead blamed someone with access to this information for downloading the data. "We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data," a company spox said.
Source: Tom's Hardware

Related News

Add your own comment

151 Comments on Intel Hit by a Devastating Data Breach, Chip Designs, Code, Possible Backdoors Leaked

#76
Assimilator
Almost certainly the "Intel123" password stems from an arbitrary corporate policy that any archives shared with third parties are password-protected so that, in the case of such a leak, there isn't a single password that can access all the archives.

Of course, because keeping track of a billion different passwords is a fucking nightmare, the end result is predictably that everyone uses the same stupidly weak password for everything. So the policy, like pretty much all policies that involve passwords, ends up having no effect besides pissing people off.
Franzen4RealToday at 3:34 AM Low quality post by Mussels

As a moderator-- maybe if were professional and set a good example we would have better comments over all, and my ignore list could be less extensive?
People are still getting triggered by Internet comments about their imaginary sky deities in 2020? Wow.
zlobbyNot with a quantum computer it isn't. AES is not a quantum-resistant algo.
What a moronic "argument". How many functional quantum computers are there, again?
Posted on Reply
#77
trparky
AssimilatorWhat a moronic "argument". How many functional quantum computers are there, again?
I'm with @Assimilator here, quantum computers are still very much in the experimental phase and nowhere near being useful to do any kind of major computing.
zlobbyNot with a quantum computer it isn't. AES is not a quantum-resistant algo.
When and if quantum computers actually become a usable computer, then come back and talk to me about AES encryption being able to be cracked. Until that happens, AES is about as uncrackable as encryption possibly can get.
Posted on Reply
#78
voltage
Hurry amd, get copies of this data while you can, so you can keep your Saudi investors happy. :roll:
Posted on Reply
#79
TheoneandonlyMrK
voltageHurry amd, get copies of this data while you can, so you can keep your Saudi investors happy. :roll:
Like AMD didn't have access , do you not realize how close these companies have to work together to make the standards and interfaces work.
Do you not think they're testing new GPU on new Intel hardware.
Posted on Reply
#80
moproblems99
AssimilatorPeople are still getting triggered by Internet comments about their imaginary sky deities in 2020? Wow.
You best not be saying nothing bad about tinker bell. She taught me all I know about love. And password policies.
Posted on Reply
#81
R-T-B
EarthDogWhat's worse? what happened or all the assumptions about what it really means? o_O
All of it, because it all hurts.
moproblems99You best not be saying nothing bad about tinker bell. She taught me all I know about love. And password policies.
password is "tinkerbellislove,tinkerbellislife"
Caring1It's called ME, and it allows them to control your computer if they so wished.
No, not really. We've been over this before TPU. It needs a lot of things to go right before it's even useful for an arbitrary remote user, let alone Intel.

It is however a really really bad idea in general to have it in a CPU stack.
Posted on Reply
#82
trparky
R-T-BNo, not really. We've been over this before TPU. It needs a lot of things to go right before it's even useful for an arbitrary remote user, let alone Intel.
Wouldn't this require a hole in a corporate firewall to have access be granted? And if so, only a fool would have this kind of access open to the public Internet without having to go through a VPN router.
Posted on Reply
#83
R-T-B
trparkyWouldn't this require a hole in a corporate firewall to have access be granted? And if so, only a fool would have this kind of access open to the public Internet without having to go through a VPN router.
Spot on.
Posted on Reply
#84
Mouth of Sauron
HAHAHAHAHA, we can safely assume that we have no slides shortages in next 4-5 years for "leaked rumours".

If the leak was caused by their own backdoor, I'll start to believe in God, that must've be divine punishment...
Posted on Reply
#85
the54thvoid
Intoxicated Moderator
Let's try and keep OT comments about god or religion out of this thead please. We also don't bash other people's beliefs on TPU.
Posted on Reply
#86
Shatun_Bear
How are we going to link the Chinese or Russians to this travesty?
Posted on Reply
#87
South_DL
Another Chinese attack. The Communist Party is to blame.
Posted on Reply
#88
efikkan
voltageHurry amd, get copies of this data while you can, so you can keep your Saudi investors happy. :roll:
Many are overestimating the usefulness of such leaked information. While it's certainly valuable in a way, but mostly to find out what the competition is planning to do, not to steal parts of its design and put into your own products.

A lot of the information in this leak is probably already known to AMD, some is shared among the companies, other through spying. And even if they could get hold of complete chip designs, it would probably be of very little use. At most, they probably could get some "inspiration" from it, but adopting other's chip design or code into your own is generally not very useful.
Posted on Reply
#89
W1zzard
zlobbyDo they also force backdoors on you too? Asking for a friend. ;)
Not sure what you are asking, please elaborate
Posted on Reply
#90
micropage7
Caring1It's called ME, and it allows them to control your computer if they so wished.
sometimes you feel like, there's something that related to national security policy. why i recall Huawei then. so basically there's no difference between two of them that fight each other
Posted on Reply
#91
Manoa
nice, more of this please our distant black hat friends, and could you do AMD as well, that PSP could use a crowbar too
Posted on Reply
#92
mtcn77
What if performance gains brought about by the security updates are related to patched backdoors?
Let's drop the hype.
Posted on Reply
#93
EarthDog
W1zzardNot sure what you are asking, please elaborate
If you're trolling... thats awesome. If not, you dont want to know!
Posted on Reply
#94
moproblems99
R-T-Bpassword is "tinkerbellislove,tinkerbellislife"
Tinkerbell123, actually. She would scoff at yours because no numbers and Uppercase. She always told me size doesn't matter.
Posted on Reply
#95
zlobby
W1zzardNot sure what you are asking, please elaborate
I have a friend who is very paranoid. They were wondering if you receive orders to implement RATs or other malicious tools under the disguise of otherwise popular and legitimate software.

Now, my buddy is only lurking and never exposes themselves, so I'm their proxy. :D That's why I said I'm asking for a friend.
micropage7sometimes you feel like, there's something that related to national security policy. why i recall Huawei then. so basically there's no difference between two of them that fight each other
There is a simple truth - if they can do it, they will do it. Power and money trully corrupt everyone. Once one establishes that one is more than the 'lesser' minds, all methods of one's delusion are perfectly justified, simple psyche. Backdoors, WMD, you name it. All suddenly becomes acceptable.
Posted on Reply
#97
zlobby
tfdsafAll of Intel's "features" are essentially backdoors for governments and George Soros type billionaires who want to control you and your family!
No, anything but my family!
Posted on Reply
#98
mtcn77
tfdsafAll of Intel's "features" are essentially backdoors for governments and George Soros type billionaires who want to control you and your family!
Wait, there is more?
Posted on Reply
#99
chrcoluk
I always thought the revealed cpu vulnerabilities were targeted at hurting Intel, and now this has happened, fuel is added to the fire. Intel has peed someone off and they not relenting.
Posted on Reply
#100
R-T-B
mtcn77Wait, there is more?
Yes, there is Jeff Bezos.
Posted on Reply
Add your own comment
May 10th, 2024 19:19 EDT change timezone

Latest GPU Drivers

New Forum Posts

Popular Reviews

Controversial News Posts