Podcasts about Intel Management Engine

On this episode of The Vonu Podcast, I'm joined by Gabriel Custodiet and Urban Hacker from Escape The Technocracy. Herein, we discuss Linux, their thoughts on the Intel Management Engine & hardware hacking, the pros and cons of SimpleX, Monero privacy, and much more. Please enjoy, and do consider purchasing… The post TVP #222: Don't Take The [Digital Privacy] Black Pill w/ Gabriel Custodiet & Urban Hacker appeared first on The Vonu Podcast.

As we celebrate Episode 300 Noah and Steve dig into the difference in industry between 2017 when ANS launched and today. The landscape has changed considerably. Today people ask about Open Source, today people value interoperability. -- During The Show -- 01:50 Listener follows up on Bluray playback - William It worked! The solution 03:30 3D Printer Recommendation - Greg Lulzbot Taz 6 Open source OctoPrint (https://octoprint.org/) 04:45 3D Printer Related - Joshua Klipper (https://www.klipper3d.org/) OpenSCAD (https://openscad.org/) Voron Project (https://www.vorondesign.com/) FreeCAD (https://www.freecad.org/) 09:30 FOSS Remote Software - Peter Mesh Central (https://meshcentral.com/info/) Mesh Central GitHub (https://github.com/Ylianst/MeshCentral) 13:10 LDAP Alternatives? - Miguel TurnKey Linux (https://www.turnkeylinux.org/) Red Hat IDM (https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/linux_domain_identity_authentication_and_policy_guide/introduction) FreeIPA (https://www.freeipa.org/) Zentyal (https://zentyal.com/) 19:40 TwoBit Asked Q: Is there a way to see if anyone has been accessing the Intel Management Engine on a PC? Not from the Host Look for Intel White Papers 21:25 Pick of the Week MediaShout>ProPresenter OpenLP (https://openlp.org/) FreeShow (https://freeshow.app/) Sudo Snap install freeshow FreeShow AppImage (https://github.com/vassbo/freeshow/releases) Has features ProPresenter doesn't have! Super Impressed! 29:45 Open Source Has Won! Used to "sell" open source, Now it's "common" Now I get calls asking "Is it open source" "Does it have an API" Covid caused a push for cloud Cloud is more flexible and scale-able but more expensive Open source saves money Large companies rely on open source Linux is replacing UNIX Apache Kafka (https://kafka.apache.org/) DynaTrace (https://www.dynatrace.com/) Open source is available to learn and try Companies don't like artificial road blocks Grafana (https://grafana.com/) Companies should pay for open source software 13 Companies added to Open Source Security Group (https://www.scmagazine.com/analysis/application-security/capital-one-akamai-among-13-organizations-added-to-open-source-security-group) Open source allows "rising tide" effect Open Source returns power to the individual Many open source programs now meet or exceed professional standards 52:00 Challenge Coin Write in about how you have helped open source! Open Source Stewards (OSS) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/300) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed) Special Guest: Steve Ovens.

Rynek PC jest spadkobiercą 40 lat rozwoju który bardzo silnie związał użytkowników z “oprogramowaniem układowym”, którego nie sposób się pozbyć. Od BIOS po UEFI na binarnych fragmentach FW urządzeń peryferyjnych skończywszy, zawsze gdzieś w systemie czyha potencjalny cichy intruz.Nasuwają się więc pytania: “Czy jesteśmy skazani na Firmware”? Czy producenci sprzętu tworzą tajną lożę i chcą zawładnąć światem poprzez szpiegowanie nieświadomych użytkowników? W czyim interesie jest zaszywanie w krzemie instrukcji procesora weryfikujących podpis cyfrowy oprogramowania? Na te i podobne pytania postaramy się odpowiedzieć w tym odcinku podcastu Poziom Niżej.Prowadzący: Radosław Biernacki, Marcin Wojtas, Jan DąbrośHashtag: acpi, bios, coreboot, firmware, secureboot, uefi### Plan odcinka# 00:00 - Wprowadzenie# 04:56 - Czym jest firmware# 10:33 - Trochę historii - BIOS# 17:43 - Czas obecny - UEFI# 22:50 - EDK2# 28:30 - CSM - czyli UEFI potrafi w BIOS# 29:50 - Coreboot - KISS# 31:05 - Libreboot# 33:30 - Bootloader, czyli co następuje po…# 35:45 - RaspberryPi jako beneficjent otwartego firmware# 38:35 - Bootrom - czyli jak uruchamiają się nowoczesne procesory# 42:40 - Detale wczesnych etapów uruchomienia systemu# 45:40 - Microcode# 48:00 - Inicjalizacja (trening) RAM# 52:12 - Bootloader# 56:40 - Skąd firmware bierze sterowniki? (OptionROM)# 1:01:30 - Jak ładowany i uruchamiany jest kod kernela?# 1:03:18 - Dlaczego kelnerowi potrzebny jest opis sprzętu i środowiska?# 1:05:28 - Jak dokonywane są aktualizacje firmware?# 1:09:55 - ACPI# 1:17:25 - DeviceTree i “sprawa ARM”# 1:21:32 - System Management BIOS (SMBIOS)# 1:23:10 - Bezpieczeństwo, zaufanie i prywatność# 1:26:10 - SecureBoot i VerifiedBoot# 1:31:45 - TPM# 1:35:50 - Podsumowanie# 1:39:25 - Bonus ### Linki do materiałów dodatkowych:# 22:55 - Specyfikacja UEFI - https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf# 23:19 - Repozytorium EDK2 - https://github.com/tianocore/edk2# 27:07 - Implementacja "UEFI runtime services" w u-boot - https://source.denx.de/u-boot/u-boot/-/blob/master/lib/efi_loader/efi_runtime.c# 30:18 - Repozytorium i strona główna coreboot - https://review.coreboot.org/plugins/gitiles/coreboot/+/refs/heads/master, https://www.coreboot.org/# 31:13 - Strona główna libreboot - https://libreboot.org/# 31:35 - Repozytorium FSP - https://github.com/intel/FSP# 33:14 - Repozytorium oreboot - https://github.com/oreboot/oreboot# 35:15 - Strona główna i repozytorium LinuxBoot - https://www.linuxboot.org/, https://github.com/linuxboot/linuxboot# 44:05 - IME - https://en.wikipedia.org/wiki/Intel_Management_Engine# 49:17 - Więcej o SPD(Serial Presence Detect) - https://en.wikipedia.org/wiki/Serial_presence_detect# 59:16 - 1:01:30 - Sterownik do uruchamiania instrukcji x86 na AArch64 https://github.com/ardbiesheuvel/X86EmulatorPkg# 1:04:23 - Opis "runtime services" w specyfikacji UEFI: https://uefi.org/sites/default/files/resources/UEFI_Spec_2_9_2021_03_18.pdf#page=308# 1:05:06 - Opis "EFI system table": https://uefi.org/sites/default/files/resources/UEFI_Spec_2_9_2021_03_18.pdf#page=168# 1:11:46 - link do kernel.org i arch/arm/mach*: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm?h=master# 1:14:30 - Specyfikacja ACPI i główne koncepty: https://uefi.org/specs/ACPI/6.4/index.html + https://uefi.org/specs/ACPI/6.4/03_ACPI_Concepts/ACPI_Concepts.html#acpi-concepts# 1:15:20 - Specyfikacja AML: https://uefi.org/specs/ACPI/6.4/20_AML_Specification/AML_Specification.html# 1:21:40 - Specyfikacja SMBIOS - https://www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.6.0.pdf# 1:29:50 - Podcast Poziom Niżej #006 - "Bezpieczeństwo w krzemie zaklęte" - https://www.youtube.com/watch?v=kqaeyaH8jFs# 1:31:45 - Wpis dotyczący ataku na komunikacją SPI pomiędzy CPU a TPM - https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network

A daily look at the relevant information security news from overnight - 13 June, 2022Episode 243 - 13 June 2022Hello XD upgrades- https://www.bleepingcomputer.com/news/security/hello-xd-ransomware-now-drops-a-backdoor-while-encrypting/Conti targets Intel - https://www.cpomagazine.com/cyber-security/conti-ransomware-develops-proof-of-concept-code-for-firmware-attacks/WannaFriendMe out of the Blox- https://www.techradar.com/news/this-ransomware-can-only-be-decrypted-by-going-to-the-roblox-storeWeb3 Wallet seed stealer - https://www.securityweek.com/chinese-hackers-adding-backdoor-ios-android-web3-wallets-seaflower-campaignBluetooth fingerprint - https://threatpost.com/bluetooth-signals-track-smartphones/179937/Sentient AI? - https://www.theregister.com/2022/06/13/google_lamda_sentient_claims/Hi, I'm Paul Torgersen. It's Monday June 13th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.comResearchers report increased activity of the Hello XD ransomware, which is based on the leaked source code of Babuk, with two significant notes. One is that the operators are now deploying an upgraded sample featuring stronger encryption that includes custom packing for detection avoidance and encryption algorithm changes. And two, they are now including an open-source backdoor named MicroBackdoor. Lots of details in the article. From CPOMagazine.comm:An analysis of leaked chats from the Conti ransomware group have found two items of note. Evidently the cybercrime group was planning firmware attacks targeting the Intel Management Engine. Such a compromise would allow threat actors to introduce a backdoor on Intel devices and execute commands without detection by OS-based security tools. The other interesting piece is that the chat logs seem to confirm a link between the Conti group and the Russian Foreign Services Bureau. Color me not surprised. From TechRadar.com:A new ransomware group called WannaFriendMe, is targeting gamers with the Chaos ransomware, which tries to pass itself off as Ryuk. The strange thing is, the decryptor is so easy, my kid can get it. I only say that because to get the decryptor, you need to log into a Roblox account and buy a specific game pass. Costs about $20. From SecurityWeek.com:Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users' seed phrase. This previously unreported campaign, dubbed SeaFlower, has been described as one of the most technically sophisticated threats targeting users of Web3 wallets ever seen. Details in the article. From ThreatPost.comResearchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. Their paper suggests that minor manufacturing imperfections in hardware are unique to each device, and cause measurable distortions which can be used as a basically a fingerprint to track a specific device. Details and a link to the research in the article. And last today, from The Register.comYou ever see the movie Her? Well, since 2021, Google's Responsible AI team, has been tasked with talking to LaMDA, or Language Model for Dialogue Applications. This project was built by fine-tuning a family of Transformer-based neural language models specialized for dialog, with up to 137 billion model parameters. Someone on that team has recently been placed on paid administrative leave for violating Google's confidentiality policies. This person has gone on record stating that they believe the application has exhibited self-awareness and is now a sentient being. That is quite enough from me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Welcome to Hardware Addicts, a proud member of the Destination Linux Network. Hardware Addicts is the podcast that focuses on the physical components that powers our technology world. In this episode, we’re going to discuss Intel's bold moves under it's new CEO and what this means for semiconductor technology and chip fabrication in the future. We also discuss what Intel needs to focus on next in order to take back it's scrappy reputation that it's lost in the past few years. We cover some sad news regarding LG...then we head to the camera corner where Wendy will discuss some camera hardware rumors. So Sit back, Relax, and Plug In because Hardware Addicts Starts Now! Hosts: Ryan = https://dasgeekcommunity.com Michael = https://tuxdigital.com Wendy = https://destinationlinux.network Want to Support the Show? Destination Linux Network Store = https://destinationlinux.network/store Want to follow the show and hosts on social media? You can find all of our social accounts at https://hardwareaddicts.org/hosts

We break down the ASUS Live Update backdoor and explore why these kinds of supply chain attacks are on the rise. Plus an update from the linux vendor firmware service, your feedback, and more!

En el primer tercio del programa hablamos de Intel Management Engine. Un añadido a los modernos microprocesadores de Intel que presenta peligros importantes. Enseguida paso a hablar de KODI, el heredero de XBMC y sobre todo del plugin llamado Palantir, con el cual se pueden disfrutar películas y series en streaming. Por último os hablo del nuevo servicio de DNS de CloudFlare y APNIC, que está haciendo furor entre los usuarios de Internet. Patreon: https://www.patreon.com/rcracking

The Intel Management Engine affords administrators a level control over their enterprise like never known before. What if this power falls into the wrong hands? Read More

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

In this episode, Peter and Don take a look at all the news from week 50 of 2017. With KubeCon taking place in Austin, there is more Kubernetes news that anyone working in the cloud will be happy to hear. And there are updates on the High Sierra exploit and Intel Management Engine. Enjoy!

MacOS root login vulnerability disclosed in public over Twitter (https://twitter.com/lemiorhan/status/935578694541770752) How to Fix it (https://www.cnet.com/au/how-to/how-to-fix-the-macs-botched-software-update/) Apple's Response (https://support.apple.com/en-us/HT208331) India Sets Strongest Net Neutrality Protections in the World (http://trai.gov.in/notifications/press-release/trai-releases-recommendations-net-neutrality) System76 to disable Intel Management Engine (http://blog.system76.com/post/168050597573/system76-me-firmware-updates-plan) Uber Covered up the breach of 57 million users’ data (https://www.theguardian.com/technology/2017/nov/21/uber-data-hack-cyber-attack) Uber: "Shiny things!" (https://www.salon.com/2017/12/03/ubers-flying-car-project-shows-the-companys-desperation/) Tesla Unveils their Semi (https://www.tesla.com/semi/) Bitcoin is CRAZY these days... (https://www.reuters.com/article/us-global-markets-bitcoin/bitcoin-loses-over-a-fifth-of-its-value-in-less-than-24-hours-idUSKBN1DU1Z3) The Internet of Money by Andreas M. Antonopoulos (https://www.amazon.com/Internet-Money-Andreas-M-Antonopoulos/dp/1537000454) Nvidia's new $3000 GPU (https://arstechnica.com/gadgets/2017/12/nvidia-brings-its-monster-volta-gpu-to-a-graphics-cards-and-it-costs-3000/) Twitter (https://twitter.com/shinythepodcast) Facebook (https://www.facebook.com/ShinyPodcast/) Email (mailto:hello@shinypodcast.com)

Самые громкие новости последних недель. Удивительное яблоко, #FuckResponsibleDisclosure, обновленно обещание от Джона и еще что-то. Не пропустите! 00:00:58 #FuckResponsibleDisclosure Sean Brian Townsend https://www.facebook.com/ruheight https://informnapalm.org/uca/ http://usa.mfa.gov.ua/ua/consular-affairs/services/passport 00:07:26 Apple и все все все Why 'blank' Gets You Root https://objective-see.com/blog/blog_0x24.html As Apple fixes macOS root password hole, here's what went wrong http://www.theregister.co.uk/2017/11/29/apple_macos_high_sierra_root_bug_patch/ https://forums.developer.apple.com/thread/79235 https://twitter.com/fristle/status/935670476214378496 Repair file sharing after Security Update 2017-001 for macOS High Sierra 10.13.1 https://support.apple.com/en-us/HT208317 MACOS UPDATE ACCIDENTALLY UNDOES APPLE'S "ROOT" BUG PATCH https://www.wired.com/story/macos-update-undoes-apple-root-bug-patch/ Thousand-dollar iPhone X's Face ID wrecked by '$150 3D-printed mask' https://www.theregister.co.uk/2017/11/13/iphone_x_face_id/ Zero-day iOS HomeKit vulnerability allowed remote access to smart accessories including locks, fix rolling out https://9to5mac.com/2017/12/07/homekit-vulnerability/ 00:12:50 John McAfee https://twitter.com/officialmcafee/status/935900326007328768/photo/1 Bitcoin Miner NiceHash Hacked, Possibly Losing $62 Million in Bitcoin https://www.darkreading.com/cloud/bitcoin-miner-nicehash-hacked-possibly-losing-$62-million-in-bitcoin/d/d-id/1330585 Сайт блокчейн-проекта Confido недоступен: все профили команды проекта оказались поддельными https://forklog.com/sajt-blokchejn-proekta-confido-nedostupen-vse-profili-komandy-proekta-okazalis-poddelnymi/ 00:15:17 CVE-2017-11937 | Microsoft releases an emergency update to fix a flaw in Malware Protection Engine http://securityaffairs.co/wordpress/66475/hacking/cve-2017-11937-malware-protection-engine.html 00:17:49 Uber Paid Hackers to Delete Stolen Data on 57 Million People https://www.bloomberg.com/news/articles/2017-11-21/uber-concealed-cyberattack-that-exposed-57-million-people-s-data 00:18:28 Intel Management Engine pwned by buffer overflow https://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/ 00:18:52 Thousands of WordPress sites infected with a Keylogger and cryptocurrency miner scripts http://securityaffairs.co/wordpress/66432/hacking/keylogger.html Websites use your CPU to mine cryptocurrency even when you close your browser https://arstechnica.com/information-technology/2017/11/sneakier-more-persistent-drive-by-cryptomining-comes-to-a-browser-near-you/ 00:19:09 Android flaw lets attack code slip into signed apps https://www.theregister.co.uk/2017/12/08/android_flaw_lets_attack_code_slip_into_signed_apps/ 00:19:24 Mailsploit: It's 2017, and you can spoof the 'from' in email to fool filters http://www.theregister.co.uk/2017/12/06/mailsploit_email_spoofing_bug/ Music - KEYGEN MUSIC ~ One hour mix https://www.youtube.com/watch?v=c17k4LfLkaE

CPU’s are tanking due to anti-piracy DRM tool in Assassin’s Creed Origins: https://www.theinquirer.net/inquirer/news/3020085/assassins-creed-origins-is-crippling-gamers-cpus-due-to-anti-piracy-drm-tools Follow Up from Ubisoft:https://arstechnica.com/gaming/2017/11/ubisoft-denies-pc-drm-is-slowing-down-assassins-creed-origins/ Hey, we were just talking about this! Lawyering being replaced by AI: http://www.wbur.org/bostonomix/2017/11/01/artificial-intelligence-legal 3rd Party App Developers will have access to and ability to store some facial mapping data: https://9to5mac.com/2017/11/02/iphone-x-facial-expressions-app-developers/ How DARE states try to protect their citizens from net neutrality gut: https://www.techdirt.com/articles/20171031/09320238517/verizon-lobbies-fcc-to-block-states-protecting-broadband-privacy-net-neutrality.shtml Follow-up: Colorado overwhelmingly rejects Comcast https://arstechnica.com/tech-policy/2017/11/voters-reject-cable-lobby-misinformation-campaign-against-muni-broadband/ Intel Hires AMD’s Raja Koduri, Set to make own discrete GPUs https://www.anandtech.com/show/12017/intel-to-develop-discrete-gpus-hires-raja-koduri-as-chief-architect Fearing Exploit ridden Intel Management Engine in UEFI, Google and partners replacing it with own smaller, open source NERF https://www.phoronix.com/scan.php?page=news_item&px=Google-NERF-UEFI-Linux FireFox is great again! https://www.mozilla.org/en-US/firefox/quantum/ Mozilla's Privacy focused massive review of Holiday Gadgets https://blog.mozilla.org/blog/2017/11/07/dont-buy-gifts-that-snoop-introducing-mozillas-holiday-buyers-guide/

Космонавты, встречайте финал сезона у себя в youtube-приемниках! Сегодня мы приготовили для вас многое интересного: в первую очередь про клиентское (браузерное) кэширование всякого, еще про редизайн Codepen, о том как придумывать сильные пароли, об интересном умершем формате DAT (накопитель информации на магнитной ленте), а также последние новости про плеер Winamp, Telegram 4.3 и не только! Тему к следующему выпуску предлагайте здесь: Тему к подкасту #140. «Первая тема» Основы клиентского кэширования понятными словами и на примерах «Дизайн» Редизайн дашборда Codepen. «Светские новости» Частичка visual studio code в скайпе. Как не обломать мозг об пароли вроде eLkdC,lk#jB. DAT: промахнувшийся убийца CD или еще один несправедливо забытый формат. Разработка на скорости 450 слов в минуту. Как будут исполнять закон о запрете Tor, VPN и анонимайзеров в России. Winamp, который мы потеряли: что случилось с некогда самым популярным музыкальным плеером. Вышел Telegram 4.3. В модуле Intel Management Engine найдены закладки для АНБ США. «Разработка» Клиентское кэширование работает лучше всего на хостинге SmartApe!↓ Автор расширения Web Developer для Chrome пишет о том как развивались события с компрометацией. Я решил отключить AMP у себя на сайте. «Научпоп» Геолог Филип Гиббард о ледниковых озерах, изменениях климата и последствиях глобального потепления. С темами к выпуску можно ознакомиться по ссылке: Темы к подкасту #139. Спасибо всем, кто так или иначе принял участие, и дай вам Бог на эти коротенькие семь дней.