back to article Trustworthy x86 laptops? There is a way, says system-level security ace

Security concerns around Intel's x86 processors – such as the company's decision to force the secretive Management Engine microcontroller onto its silicon – have raised fundamental questions about trust in personal computers, whatever architectures they may be based upon. Youtube Video The founder of Invisible Things Labs, …


  1. Christian Berger Silver badge

    Well yes, but I would keep the complexity down first

    Every line of code is a potential security critical bug. And with Rowhammer we have seen that isolation mechanisms are often not effective.

    I'd personally go for simpler systems which abstract away critical functions on dedicated hardware. That way no glitch of your RAM chip can give you a key you shouldn't have. Obviously those dedicated pieces of hardware would need to be open and ideally simple enough to be audited many times over.

    @TheReg: Could you please also link to the _real_ offical video, not the copy on Youtube There's also a way to download/torrent the high resolution files, as well as tons of other videos. Most talks which are German are translated into English, some even into Swiss German.

    1. TheVogon Silver badge

      Re: Well yes, but I would keep the complexity down first

      "“Of course there is only one company making these,” Rutkowska said. “It's an American company called Intel, and it's a completely opaque construction.""

      Did I miss an announcement from AMD that they are no longer making CPUs?

      1. d3rrial

        Re: Well yes, but I would keep the complexity down first

        Since when does AMD own fabs again?

  2. ecofeco Silver badge

    We need this

    We need this or something like it. I'm no computer scientist, yet I was able roughly follow the idea and concept of this proposed configuration, which means to me it follows the basic tenet of elegance and simplicity and thus often robust as well.

    I also like CB'c (above) enhanced proposal.

  3. PNGuinn Silver badge
    Black Helicopters

    Trusted storage


    Keep all this firmware, data etc stored externally on a bit of external ( to the system, not necessarily the machine) flash memory.

    Sounds on the face of it like a reasonable idea. Now, can someone reassure me that the sophisticated computer system built into that bit of flash to organise the storage is in itself secure?

    Not decrying the research, just paranoid as usual.

    1. Paul Crawford Silver badge

      Re: Trusted storage

      No, that is not as big a problems as "can we be sure there is no hidden storage on the main CPU, or anything like it in a vendor-supplied device driver?"

      Really it comes back to two important and related issues for 'trust' in a system:

      1) Is everything open to inspection and cross checking? The basics of open source development really (and yes I am aware of the likes of Ken Thompson's compiler backdoor).

      2) Is the level of complexity as each key step manageable for inspection and/or automated validation?

      Having hidden code in the US-based corporation's "CPU" for remote management is a nightmare for any non-US government as it offers such an opportunity for a planted backdoor, as much as it is a nightmare for everyone else who cares about security due to the opportunity for plain old fsck-ups.

    2. Anonymous Coward
      Thumb Up

      Re: Trusted storage

      That's basically what I've been thinking. Separate (or separable) hardware for compute and storage. Preferably redundant local and remote storage, which doesn't need to be trusted if the compute device encrypts everything sent to storage.

      I don't think she's paranoid enough though. On x86 (and ARM, MIPS, etc), system-level software can see your decrypted data in RAM, and there's no way to verify that no system-level malware is running. It's a black box. So I say, use x86 for fun and games, and a slow-but-trustworthy compute device for communications. Implement it entirely in FPGA. Or discrete TTL chips (not particularly difficult). Of course, even a 7404 chip is a black box, as are most display & input devices. The ultimate solution is a DIY-friendly manufacturing process, from raw materials to finish. Until then, trust no electronics.

      1. Anonymous Coward
        Anonymous Coward

        Re: "even a 7404 chip is a black box"

        "even a 7404 chip is a black box"

        It's a black box, yes. But unless it knows where it fits in the bigger picture, the stream of 0s and 1s it sees is utterly useless. It has no concept of where it might find "data" or "memory".

        There are limits to what you can do with a reasonable quantity of 74xx-class logic. Have a look at, and a read about, (say) DEC's VT05 terminal to see what can be done with a load of SSI/MSI chips in a quite sizeable box.

      2. John Savard Silver badge

        Re: Trusted storage

        Well, there are always discrete transistors.

        Even if the transistors had extra circuitry in them, there would not be enough wires out of the package for it to be easy for those devices to open a hidden channel...

        1. Mpeler
          Paris Hilton

          Re: Trusted storage

          Valves (tubes) and relays - they're the only way to go. You can even see the bits as they go by :)

          1. bazza Silver badge

            Re: Trusted storage

            Has everyone forgotten that some of Sun / Oracle's SPARC CPU designs are open source?

            If you really wanted to you could inspect and approve their design, set up your own fab, make your own chips, build your own machine, and put Linux on it. If your not interested in the smallest possible transistors (14nm today?) the fab could be comparatively cheap.

            You can have a complete open source hardware software stack without having to start again from scratch.

            1. This post has been deleted by its author

    3. oldcoder

      Re: Trusted storage

      Not just that... but the bus connecting that to the CPU...

      Then there is the added complexity of adding yet MORE pins to the CPU...

      1. Sir Runcible Spoon Silver badge
        Paris Hilton

        Re: Trusted storage

        I wonder if anyone has ever run a comparative analysis of the network traffic as reported by something popular - like wireshark for example = against a traffic analyzer in the middle of the flow to see if there are any differences?

        Mind you, the chipsets may be coded to hide anything to address 'X' - so the 'trusted' analyzer would obviously have to be based on a different chipset.

        It would be really interesting to discover if there was anything picked up that wireshark didn't report.

  4. Rusty 1

    This is why

    This is why I have always advocated having roast parsnips along side the tatties. Especially if there are some finely cooked sprouts too.

    The tatties may be be compromised for one reason or another, but those delicious parsnips will bring it all home again.

    Hedge your bets, or just enjoy it all! I know I do!

    1. Roo

      Re: This is why

      "The tatties may be be compromised for one reason or another, but those delicious parsnips will bring it all home again."

      Wise words. :)

    2. Michael Wojcik Silver badge

      Re: This is why

      You fool! The parsnips are compromised!

      Of course it is impossible to prove that any root vegetable is secure. Once a vegetable gets root, all bets are off.

  5. John Styles

    I am surprised the author views there being no other viable processors. What about POWER / MIPS?

    1. Roo

      "I am surprised the author views there being no other viable processors. What about POWER / MIPS?"

      None of them are viable if you're trying to make a known-stateless bit of kit... Even the FPGA she's talking about could have bit of the die specially reserved for the use of the criminal/spook fraternity. Intel has now invested a substantial amount of cash in the FPGA business - so she can come back in a couple of years and tell us that all our Intel FPGAs are untrustworthy too.

      She's raised a fair point though, but it's a moot one until she has a fab that she trusts to produce the logic & the storage. I can't help but hope that there are side-channel attacks that can reliably detect the untrustworthy bits, as I'm unlikely to be able to afford a fab I can trust. :P

      1. John Styles

        If you take your viewpoint then considering any processors (as opposed to using FPGAs is absurd), however the paper DOES mention processors, so why just that two?

        To me it seems that the 'PC' platform is a toxic wasteland and ARM seems suspect for reasons described in the paper ( I had a conversation pretty much on the lines of the paper a few days before I first saw it ).

        So the other processor architectures do seem potentially less toxic.

        How viable is the 'oh noes the FPGA hardware / toolchain may be cunningly backdoored to work out I am making a GPCPU and subvert it' argument some people are making really? Seems a bit tinfoil hat to me.

  6. a_yank_lurker Silver badge

    What is the weakest link?

    The real security issue is mitigating the weakest link which often happens to be wetware. The inherent security of the BIOS, CPU, OS, etc are meaningless when users to something extremely stupid. This a when not if for all users with only major variable being how often. Next in the chain, is which part of the system can the attacker readily use or attack. Often this is the OS or the browser. Weaknesses here are often easy to exploit in some cases even with an alert user.

    1. Anonymous Coward
      Anonymous Coward

      Re: What is the weakest link?

      In the larger sense, yes, social engineering is much easier than hacking a modern system. However, she specifically mentioned things like air gapped systems, which are used by those most paranoid about security and are really unlikely to be opening random webpages on their machine that's not connected to any network. If you're worried about someone hacking your air gapped system, this is interesting stuff (so primarily governments or those targetted by a government). If you're just trying to keep grandma from sending you more spam, then no, this won't help.

      1. Robert Helpmann?? Silver badge

        Re: What is the weakest link?

        Too, at some point you have to trust someone beyond yourself. Even if it is possible for me print my own processors and other components, write my own OS and apps, and roll it all together and have my very own personal system, there aren't enough hours in the day to do all that. This means I have to depend on and ultimately trust others to help out. Yes, people can be and sometimes are compromised, but it is much more common for them to make mistakes with a far second being that an untrustworthy bit to get slipped in on the sly.

        Qubes OS seeks to mitigate this by relying on a microkernel OS (Xen) for hosting duties with the idea being that not only open source but much less of it will make the issue of security more manageable and thus less prone to error.

        It seems we have the same sorts of issues with hardware that we do with software, but none of the tools to deal with them. It's pointless to have an open source chip if you cannot verify the final product is what you expect it to be. In the face of that, perhaps using Rutkowska's "trusted stick" (I agree that this is not a particularly sexy term... perhaps "hardened rod" would be better?) on a system designed to use processors from multiple sources or spread out across different systems in the cloud might make sense for now. That way, no bad actor could easily obtain a complete picture of what was going on at a given time through the use of the ME.

        1. Anonymous Coward
          Anonymous Coward

          Re: What is the weakest link?

          > there aren't enough hours in the day to do all that. This means I have to depend on and ultimately trust others to help out.

          If people would lower their expectations it would be doable. And you can rely on others if you can check their work. That's standard practice in engineering, surveying, accounting, lots of professions... but not IT.

          I figure nobody will give a damn until there's an epic existential tragedy... i.e. millions die as a direct result of blindly trusting IT.

        2. AnonFairBinary

          Re: What is the weakest link?

          The issue of trust is not just on a personal level, but also on a state level. Today, everyone must trust that the US has not had Intel include something objectionable in it's processors. Theses days, such an requirement is really hard to take for nation states. So while it is unreasonable for one person not to trust anyone, it is equally unreasonable to expect everyone to trust any particular someone.

          That means nation states setting up some sort of systems they can trust by assigning resources towards assuring themselves that hardware is trustworthy. That's not unreasonable.

    2. ckm5

      Data slicing

      One of the best ways of dealing with highly sensitive data is a technique called data slicing (also known as data dispersion), where you chop the data up into meaningless bits and only re-assemble it at the point of consumption.

      In the old days, this was typically implemented by having 2 to 5 separate computers (on separate networks) on one's desk, with re-assembly being a manual process that often occurred in the head of the person sitting at the desk. More recently, a company called CleverSafe used this same concept to secure cloud data.

      It seems to me that a modern variant of data slicing could be used to secure data in insecure systems.

    3. John Savard Silver badge

      Re: What is the weakest link?

      Of course, but the point is that if the hardware and the OS are not secure, then even the few people who are able to follow proper practices and who are concerned about security have no way of achieving it.

      Making computers idiot-proof is likely to fail, as the world keeps making better idiots - so goes the old joke.

  7. David Roberts Silver badge

    Performance vs security?

    AFAIK one reason that more and more functionality is being crammed into the processor chip is to increase performance by bringing everything closer together.

    To follow the security advice, everything should be in discrete auditable packages.

    So are we now at the point of "fast, cheap, secure - chose any two"?

    1. Solmyr ibn Wali Barad

      Re: Performance vs security?

      "So are we now at the point of "fast, cheap, secure - chose any two"?"

      At the point of painful understanding, perhaps, but the underlying principle hasn't changed much. System design has always been a fine art of compromises.

    2. Anonymous Coward
      Anonymous Coward

      "fast, cheap, secure - chose any two"

      fast, cheap, secure - chose any ONE


    3. DropBear Silver badge

      "fast, cheap, secure - chose any two"

      Rather choose any two, as long as "secure" is not one of them.

  8. Charles Manning

    You can hide a vecor anywhere...

    If you distrust Intel and don't even use their chips, there are still many processing devices in a laptop or other computer.

    These days most Ethernet controllers etc are implemented as bought-in IP which can access the memory and can implement any sort of state machine you like.

    The same goes for graphics cards, disk drives,... you name it.

    Even if you were to design all devices from the ground up using FPGAs, do you trust the FPGA vendor's software? Even the memory controller library on some FPGAs includes a CPU and it requires far less than a CPU to compromise a system - just a small state machine will do it.

  9. Anonymous Coward
    Anonymous Coward

    First step is to never install the AMT driver

    Every time one of my computers boots into Windoze I get a popup prompting me to install driver software for "PCI Simple Communications Controller" (this is the Sandy Bridge version). I zap it away leaving the AMT at least partly disconnected... The family thinks I am crazy. "The Govmint wouldn't build a back door in your computer! No way!"

    1. Anonymous Coward
      Anonymous Coward

      Re: First step is to never install the AMT driver

      The "PCI Simple Communications Controller" is not exclusively related to AMT, it's merely the register (HECI) interface for host CPU drivers to send messages to the ME. Most AMT functionality is handled through three other PCI devices that show up when AMT is enabled. That said, not installing the drivers for the HECI interface does not prevent the ME from doing its stuff in the background. The ME is still running behind the scenes.

  10. Kev99 Bronze badge

    Do AMD processors also have this ME and MCH micro-mini processors?

    1. ckm5

      Yes, pretty much all modern micro processors have some sort of embedded controller - that's how they load & run microcode that 'patches' hardware bugs. Intel's ME is a little more extensive, like a BIOS on steroids, but a lot of modern computers have provisions for remotely controlling the hardware. It used to be described as IPMI and reserved for server-level hardware but it's now spreading to everything.

      Someone below mentions AMD's PSP system, but there are others out there from Dell, SuperMicro, Toshiba, etc.

  11. allthecoolshortnamesweretaken Silver badge

    This is very interesting and a little bit scary. Maybe I should dust off one of the vintage computers in the attic?

  12. Anonymous Coward
    Anonymous Coward

    AMD too...

    More recent AMD SOCs include the ARM based PSP platform (in)security processor, which probably has similar powers. Involvement of a three latter agency would not be far fetched in my eyes.

  13. Henry Wertz 1 Gold badge

    Slot machines?

    Has anyone looked to see what slot machine vendors have to say about this? They worry about security (both for the obvious reasons, and regulatory framework that ironically requires slot machines to have much higher security than ATMs or electronic voting machines). I've seen one boot, it's pretty verbose.. the BIOS validated itself, the bootloader, and the package it booted. The bootloader validated the BIOS and packages (kernel and root filesystem). It booted into Linux, which validated the bootloader, the kernel and the executables. The executable appeared to run a self-check of some sort before the slot machine software came up.

    Not that a setup like that would be viable for most systems, as I want to be able to actually add and remove software from my system. But, they may have something practical to say about (for example) being able to disable or restrict the ME, so people who are not interested in it's functionality are not exposed to the potential additional attack surface it represents.

    1. Anonymous Coward
      Anonymous Coward

      Re: Slot machines?

      not worked on slot machines, but have on payment receiving (rather than payout) systems - all used generic Windows versions, including some "self service" tills: no validation of anything at all. We migrated a jukebox over to Linux (tripwire etc), and tested it within Xen (as a sort of jail - we're talking 2.6 kernel, Xen 2.x days) but the PHBs would not allow anything that required anything other than off-the-shelf hardware, anything that would produce BIOS-like messages that aren't "normal", or anything that would mean a fresh-out-of-school (in a UK sense) technician couldn't do any on-site/hardware service request ....

  14. frank ly Silver badge

    What do Intel have to say about it?

    Not just PR releases; current and ex-engineers may have interesting information to 'leak'.

    1. Bronek Kozicki Silver badge

      Re: What do Intel have to say about it?

      The official information is linked from the article itself : Intel AMT . More interesting is the fact that it seems very difficult to avoid it if one is building machine using recent CPUs, since it seems to be (nearly?) everywhere, one notable exception being Xeons E-7 (but possibly only by the virtue of designs slower to update)

  15. Anonymous Coward
    Anonymous Coward

    Ok, lets bring back the days of simple CPU's

    Where you toggled in the HDD bootstrap through the front panel.

    Where the CPU Maker supplied FULL schematics of the CPU (I have a set for the PDP-11/45)

    And companies like fucking Intel/NSA did not exist.

    The world would be a very different place.

    1. circusmole

      Re: Ok, lets bring back the days of simple CPU's

      But the PDP11/45 ran DEC proprietary micro-code (along with other PDPs - 11/40, 11/70...) so you still cannot be absolutely sure what the machine is getting up to. Later versions of the 11/70 even had a built-in micro-PDP processor for system management (also with micro-code - this was unpublished I seem to recall).

      On the other hand DEC did provide the micro-code listings for the 11/45 etc... - if you could understand or figure out how the hell it worked :-)

      1. Anonymous Coward
        Anonymous Coward

        Re: Ok, lets bring back the days of simple CPU's

        all the PDP-11/70's I encountered had front panel switches. Hardly a sort of system to have a control CPU.

        The 11/45 I have in my garage is all 74 series logic and a few LSI chips. Mind you, it is a very early one (Serial number <400). There is no storage available to load any microcode. I've often run it directly from paper tape without and of the 2xRK05's or 2xRL02's connected to the Unibus. This may have changed for later versions. (paper tape is for diagnostics). There is a fix on the backplane for a couple of instruction errors (most significant bit problems on ROTL)

        I don't think the single board LSI-11's have an microcode facility.

        Now the VAX 11/780 did have a controller system. It was a PDP-11. INitially it was running RT-11. Later versions used a modified PRO/380 system which was RSX-11M based.

        Thr VAX 11/750 and 11/730 used different systems.

        There was microcode. in both the 11/750's and 11/730's.

        The 11/730's were if my (failing) memory serves me right were 2901 based (4-bit slice). I only built the prototype of variant with a TSU05 tape drive in the top so how do I know eh?

        1. Anonymous Coward
          Anonymous Coward

          Re: Ok, lets bring back the days of simple CPU's

          "The 11/730's were if my (failing) memory serves me right were 2901 based (4-bit slice)."

          Matches my recollection too. Some of the rest, less so.

          "all the PDP-11/70's I encountered had front panel switches."

          So you never saw any with the Remote Diagnostics console, to allow dial-in from the Service Centre? (using a Post Office Telecom modem the size of six inches of 19" rack to provide a whole 1200baud or so). It *might* have had an 808x in it, not sure. Pretty sure it didn't do much you couldn't already do from the serial console.

          "The 11/45 ... no storage available to load any microcode."

          If it's not loadable does it not count as microcode? [Genuine question]

          Anyway the diagrams at

          include 14 pages of "microcode" flow diagrams but maybe they're just generic flow charts?

        2. Anonymous Coward
          Anonymous Coward

          Re: Ok, lets bring back the days of simple CPU's


          Wrong on all counts - the 11/70 was a microcoded CPU and from my memory the microcode was stored in 256 word ROM (I think - it was a long time ago) with a long word length that I cannot recall at the moment. What I can remember is that the least significant 8 bits of the microcode word were the address on the next word in the ROM (modified by CPU condition codes etc.).

          The LSI-11 was also microcoded a-la the 11/70 and in this case this microcode is stored in on-chip ROM.

  16. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      1980scoder - designing for the lowest common denomination is not the answer either. It is ridiculous to suggest such.

    2. Charles 9 Silver badge

      That problem will exist as long as humans exist. As a comedian once said, "You can't fix stupid."


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019