Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Researchers hack Intel vPro security system

Undermines credibility of vPro TXT.

Article comments

Security researchers said they've found a way to circumvent an Intel vPro security feature used to protect PCs and the programs that they run from tampering.

Invisible Things Labs researchers Rafal Wojtczuk and Joanna Rutkowska said they'd created software that could "compromise the integrity" of software loaded using the Trusted Execution Technology (TXT) that is part of Intel's vPro processor platform.

That's bad news, because TXT is supposed to help protect software - a program running within a virtual machine, for example - from being seen or tampered with by other programs on the machine. Formerly code-named LaGrande, TXT first started shipping in some Intel-based PCs last year.

Although almost no software uses the TXT technology today, the research could matter a lot to computer companies and government agencies that are thinking of using it to secure their future products.

Wojtczuk and Rutkowska said they'd created a two-stage attack, with the first stage exploiting a bug in Intel's system software. The second stage relies on a design flaw in the TXT technology itself, they said in an announcement of their work, released Monday.

The Invisible Things researchers wouldn't say exactly what system software contains one of these "first stage" bugs before they have been patched, because that information could be misused by cyber-criminals.

The "second stage" problem may be tricky to fix, however. "It is still not clear how Intel should address the problem that is exploited by the second stage of our attack," Invisible Things researcher Joanna Rutkowska said in an email interview. "Intel claims it can resolve the issue by updating the TXT specification."

The researchers conducted their attack against a program called tboot, used to load trusted versions of Linux or virtual machine modules onto the computer. They chose tboot because it is one of the few programs available that takes advantage of the TXT technology, but they did not find bugs in tboot itself, Rutkowska said.

Intel spokesman George Alfs said his company is working with the Invisible Things team, but he declined to comment further on their work, saying he didn't want to pre-empt the Black Hat presentation.

The researchers plan to give more details on their work at the upcoming Black Hat Washington security conference next month.

Because TXT isn't widely used, the work may not have much of an effect on Intel's customers, according to Stefano Zanero, CTO of Italian security consultancy Secure Network. "As of now, only a very limited subset of developers who are playing with the technology will find it interesting," he said in an instant message interview.

However, the work could end up being important if it outlines new ways attackers could compromise the vPro architecture, he added. "If it just outlines a specific vulnerability in Intel's implementation, then it's less interesting," he said.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *