Skip to main content
×
Blacklisted Listed News Logo
Menu - Navigation
Menu - Navigation

Cited Sources

2nd Smartest Guy in the World
2nd Amendment Shirts
10th Amendment Center
Aaron Mate
Activist Post
AIER
Aletho News
Ammo.com
AmmoLand
Alliance for Natural Health, The
Alt-Market
American Free Press
Antiwar
Armstrong Economics
Art of Liberty
AUTOMATIC EARTH, The
Ben Bartee
Benny Wills
Big League Politics
Black Vault, The
BOMBTHROWER
Brandon Turbeville
Breaking Defense
Breitbart
Brownstone Institute
Burning Platform, The
Business Insider
Business Week
Caitlin Johnstone
Campus Reform
CAPITALIST EXPLOITS
Charles Hugh Smith
Children's Health Defense
CHRISTOPHE BARRAUD
Chris Wick
CIAgate
Citizen Free Press
Citizens for Legit Gov.
CNN Money
Collective Evolution
Common Dreams
Conscious Resistance Network
Corbett Report
Counter Signal, The
Cryptogon
Cryptome
Daily Bell, The
Daily Reckoning, The
Daily Veracity
DANERIC'S ELLIOTT WAVES
Dark Journalist
David Haggith
Defense Industry Daily
Defense Link
Defense One
Dennis Broe
DOLLAR COLLAPSE
DR. HOUSING BUBBLE
Dr. Robert Malone
Drs. Wolfson
Drudge Report
Economic Collapse, The
ECONOMIC POPULIST, The
Electronic Frontier Foundation
Ellen Brown
Emerald Robinson
Expose, The
F. William Engdahl
FAIR
Farm Wars
Faux Capitalist
FINANCIAL REVOLUTIONIST
Forbes
Foreign Policy Journal
FOREXLIVE
Foundation For Economic Freedom
Free Thought Project, The
From Behind Enemy Lines
From The Trenches
FUNDIST
Future of Freedom Foundation
Futurism
GAINS PAINS & CAPITAL
GEFIRA
Geopolitical Monitor
Glenn Greenwald
Global Research
Global Security
GM RESEARCH
GOLD CORE
Grayzone, The
Great Game India
Guadalajara Geopolitics
Helen Caldicott
Homeland Sec. Newswire
Human Events
I bank Coin
IEEE
IMPLODE-EXPLODE
Information Clearing House
Information Liberation
Infowars
Insider Paper
Intel News
Intercept, The
Jane's
Jay's Analysis
Jeff Rense
John Adams
John Pilger
John W. Whitehead
Jonathan Cook
Jon Rappoport
Jordan Schachtel
Just The News
Kevin Barret
Kitco
Last American Vagabond, The
Lew Rockwell
Le·gal In·sur·rec·tion
Libertarian Institute, The
Libertas Bella
LIBERTY BLITZKRIEG
LIBERTY Forcast
Liberty Unyielding
Market Oracle
Market Watch
Maryanne Demasi
Matt Taibbi
Medical Express
Media Monarchy
Mercola
Michael Snyder
Michael Tracey
Middle East Monitor
Mike "Mish" Shedlock
Military Info Tech
Mind Unleashed, The
Mint Press
MISES INSTITUTE
Mises Wire
MISH TALK
Money News
Moon of Alabama
Motherboard
My Budget 360
Naked Capitalism
Natural News
New American, The
New Eastern Outlook
News Deck
New World Next Week
Nicholas Creed
OF TWO MINDS
Off-Guardian
Oil Price
OPEN THE BOOKS
Organic Prepper, The
PANDEMIC: WAR ROOM
PETER SCHIFF
Phantom Report
Pierre Kory
Political Vigilante
Public Intelligence
Rair
Reclaim The Net
Revolver
Richard Dolan
Right Turn News
Rokfin
RTT News
Rutherford Institute
SAFEHAVEN
SAKER, The
Shadow Stats
SGT Report
Shadowproof
Slay News
Slog, The
SLOPE OF HOPE
Solari
South Front
Sovereign Man
Spacewar
spiked
SPOTGAMMA
Steve Kirsch
Steve Quayle
Strange Sounds
Strike The Root
Summit News
Survival Podcast, The
Tech Dirt
Technocracy News
Techno Fog
Terry Wahls, M.D.
TF METALS REPORT
THEMIS TRADING
Tom Renz
True Activist
unlimited hangout
UNREDACTED
Unreported Truths
Unz Review, The
VALUE WALK
Vigilant Citizen
Voltaire
Waking Times
Wall Street Journal
Wallstreet on Parade
Wayne Madsen
What Really Happened
Whitney Webb
winter oak
Wolf Street
Zero Hedge

Massive 20GB Leak From Intel Documents Backdoors In All Intel CPUs

Published: August 9, 2020 | Print Friendly and PDF
  Gab
Share

Classified and confidential documents from U.S. chipmaker Intel, allegedly resulting from a breach, have been uploaded earlier today to a public file sharing service.

The cache of secret information is 20GB large and comes from an unknown source. It was announced as the first part in a series of Intel leaks.

According to Tillie Kottmann, a developer and reverse engineer who received the documents from an anonymous hacker, most of the information is supposed to be protected intellectual property. The developer was told that the information was stolen from Intel in a breach this year.

"They were given to me by an Anonymous Source who breached them earlier this year, more details about this will be published soon," Kottmann says.

“Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret,” the developer added.

Those browsing firmware source code will find comments referring to backdoors, but that could mean anything and does not necessarily mean they can gain access to your computer:

An Intel spokesperson replying to our request for comments pointed us to the company’s product security policy page, which states that "Intel product development policy and practices prohibit any intentional steps to allow undocumented device access (e.g., “backdoors”), exposure of sensitive device information, or a bypass of security features or restrictions of its products."

Some of the files in the archive include technical specifications and relate to internal chipset design, including Kaby Lake platform and Intel Management Engine (ME).

This initial release contains documents related to the following:

  • Intel ME Bringup guides + (flash) tooling + samples for various platforms
  • Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history)
  • Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES
  • Silicon / FSP source code packages for various platforms
  • Various Intel Development and Debugging Tools
  • Simics Simulation for Rocket Lake S and potentially other platforms
  • Various roadmaps and other documents
  • Binaries for Camera drivers Intel made for SpaceX
  • Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform
  • (very horrible) Kabylake FDK training videos
  • Intel Trace Hub + decoder files for various Intel ME versions
  • Elkhart Lake Silicon Reference and Platform Sample Code
  • Some Verilog stuff for various Xeon Platforms, unsure what it is exactly
  • Debug BIOS/TXE builds for various Platforms
  • Bootguard SDK (encrypted zip)
  • Intel Snowridge / Snowfish Process Simulator ADK
  • Various schematics
  • Intel Marketing Material Templates (InDesign)

This release has already been dubbed “juicy” but Kottmann believes that future leaks from their source are likely to contain even “juicier” classified documents.

How it allegedly happened

Kottman is maintaining a repository with source code obtained by them and various sources hunting for misconfigured devops tools that allow access to resources. The repository contains data, proprietary code included, from dozens of companies (GE Appliances, Microsoft, Qualcomm, Motorola, AMD, Lenovo).

The developer does their best to remove sensitive information from the code they publish and complies with takedown requests. Even more, they are willing to provide details about the misconfiguration and how to avoid mishaps in the future.

The Intel breach appears to be no different. The hacker told Kottmann that they found an Intel server on a CDN that was not properly secured. This particular machine was seemingly selected based on details collected from an internet-wide scan.

Using a custom Python script, the hacker claims they were able to test for default username access and unsecured access to files and folders. According to the hacker, access to the folders was possible if you knew the right names. They needed to guess just one name, though. Once in, they could go back to the root directory and get access to any of them.

The chat above originally contained passwords for Intel documents that BleepingComputer intentionally removed.

However, the more important detail provided was the claim that they could impersonate any Intel employee with access to the resources, or create their own user. Some of the files are archives protected by an incredibly weak password.

In a statement to BleepingComputer, Intel said that the data appears to be from the Intel Resource and Design Center. A company representative did not speculate on the breach method but said that the leak may be from someone with access to the portal:

“We are investigating this situation. The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access. We believe an individual with access downloaded and shared this data” - Intel representative

Employees in this department have higher than normal privileges that give them access not just to resources for customers and OEMs but also to Intel’s intellectual property like documentation and tools, testing services, and pre-release product info, all available under a corporate non-disclosure agreement (CNDA).

This is a developing story...

TOP TRENDING ARTICLES


PLEASE DISABLE AD BLOCKER TO VIEW DISQUS COMMENTS

Ad Blocking software disables some of the functionality of our website, including our comments section for some browsers.


Trending Now



BlackListed News 2006-2023
Privacy Policy
Terms of Service