Friday, July 26, 2019

new video by Wendell from Level1Techs on Talos II OpenPower Secure Workstation + my original comment

Wendell's video is located here: https://www.youtube.com/watch?v=5syd5HmDdGU

Forget x86; OpenPower is it! Talos II Secure Workstation!

My comment on it:
Wendell i've found some alarming stuff in my ASUS decompiled BIOS, namely while searching for strings, I found "BACKDOO" and started digging around that area, and found what essentially amounts to a literal BACKDOOR highway linked to the Windows Drivers, namely started with me investigating my ASiO.sys (which I thought was for my sound card) but its actually for Asus IO (or AsusGIO) aka AISuite aka the new Aura Sync - also linked to ATKEX.dll and PEBIOSINTERFACE32.dll - and tied to windows service atkexComSvc - for control of hardware bus devices like fan control, lighting, USB charging, that kind of thing. It seems to have a deep link straight back to the BIOS and the driver can be exploited and the BIOS seems weak. There were even CVE's posted, CVE-2018-18535 , CVE-2018-18536 and CVE-2018-18537. Now, I havent experienced anything myself but theres been reports of questionable behavior (memory leaks, unwanted internet traffic, etc) indicative of active exploits in the wild surrounding this also. Its very alarming, and I wish I had the ability to do a more complete security dissection and writeup of the decompiled BIOS but honestly I can't read IDA to save my life :) So I am passing this info onwards to you. Please forward this to anyone applicable or if thats you and you see it, please look into this info.
Sources:
1: https://packetstormsecurity.com/files/150893/ASUS-Driver-Privilege-Escalation.html
2: https://packetstormsecurity.com/files/cve/CVE-2018-18535
3: https://packetstormsecurity.com/files/cve/CVE-2018-18536
4: https://packetstormsecurity.com/files/cve/CVE-2018-18537
5: https://community.norton.com/en/forums/pebiosinterface32dll-0
6: https://rog.asus.com/forum/archive/index.php/t-11511.html

On an unrelated note, I also just discovered (maybe its known to everyone) that VMWare put a literal backdoor in for their VMWare Tools for the guest to communicate back out to the host over a high bandwidth IO channel using specific CPU registers and memory addresses. At least they were kind enough to name it "open-vm-tools/lib/backdoor/backdoor.c" and open Source it - Also worth looking into.
This is on top of the well known information you mentioned about the vulnerable Intel ME engine and danger of closed source BIOS/UEFI - so I am eagerly following th open source firmware community, like Tianocore, CoreBoot and Libreboot for Thinkpads and the like... But yes I am sortaa? getting into these deep endeavors but its extremely above my head, and I assume for most people its so deep its just off the radar. Thank you for bringing this amazing Talos/Power9 machine to light!

I wish I could respond further and in more detail but I wanted to get this posted as is first, with some links. Disclaimer: I'm not an actual security researcher, I'm just a life long nerd trying to be one.

11 comments:

Blogger said...

If you're looking to lose weight then you certainly have to start using this brand new personalized keto plan.

To create this keto diet service, licensed nutritionists, personal trainers, and chefs have joined together to develop keto meal plans that are useful, painless, price-efficient, and enjoyable.

From their first launch in January 2019, hundreds of individuals have already remodeled their body and well-being with the benefits a professional keto plan can offer.

Speaking of benefits: in this link, you'll discover eight scientifically-confirmed ones given by the keto plan.

sirmedia said...

Hey [LinkedIn connection's name], loving the insights! 🚀 How about adding a twist and exploring how this applies to [relevant industry or topic]? Let's spark some new ideas! 🔥
-Wholesale crystals




sirmedia said...

Love the fresh perspective! 🚀 Adding a new twist to the convo. What if we also consider [your perspective] for [LinkedIn connection's topic]? 🤔industrial valves





sirmedia said...

Hey there! 🚀 Loved your post! How about adding a twist and exploring how this applies to remote work? Could open up a whole new dimension! 🌐 #FoodForThought-Fish Shop







best ayurvedic products said...

To express appreciation for your insightful postings on a daily basis, I wanted to compose you a short message. Joint discomfort is among the most common problems that adults and seniors experience. People commonly find ourselves in this cozy zone, and joint discomfort is one of the many potential causes of this. For further information, see my blog Common Reasons for Joint Pain and How to Relieve it

Cryptoatmexpertteam said...

I'm blown away by the wealth of valuable information provided in this blog! The detailed guide on https://cryptoatmexpert.com/withdraw-bitcoin-from-bitcoin-atm/ is incredibly enlightening. I particularly appreciate the clear explanation of each step, which caters to both beginners and experienced crypto users. This blog has truly equipped me with the knowledge and confidence to navigate the world of cryptocurrency more effectively. Additionally, if you're eager to delve deeper, I recently stumbled upon a blog titled "How to Withdraw Bitcoin from a National Bitcoin ATM." It provides an in-depth exploration of the process, along with practical tips and insights to enhance your Bitcoin ATM experience. I highly recommend giving it a read for even more valuable information. Keep up the phenomenal work!

Global degrees said...

Welcome to Global Degree Website, the ultimate destination for those seeking to enrich their lives through global education. Our platform is designed to be your comprehensive guide and gateway to a world of knowledge, diverse cultures, and limitless opportunities. Join us as we explore the unique features that make Global Degree Website the premier choice for global education enthusiasts.

Vrinda Foundation said...

Join the best NGO in Mathura, where we focus on helping needy people. We provide education, healthcare, and support to build a better future. Be a part of our caring community and make a real difference. Together, we can create a brighter tomorrow for everyone.

Prince said...

Want a real TV box in Australia? Maxx TV offers a top-quality TV box with easy setup and great channels. Enjoy clear, reliable TV with Maxx TV. Get your TV box today and start watching your favourite shows.

Ambika Sharma said...
This comment has been removed by the author.
Ambika Sharma said...

Are you looking for commercial lease lawyers in Melbourne? Capree Lawyers offer clear, expert advice on commercial leases. We help you handle lease agreements, disputes, and more. Contact us for simple, practical legal support.