IDG News Service - Security researchers said they've found a way to circumvent an Intel vPro security feature used to protect PCs and the programs that they run from tampering.
Invisible Things Labs researchers Rafal Wojtczuk and Joanna Rutkowska said they've created software that can "compromise the integrity" of software loaded using the Trusted Execution Technology (TXT) that is part of Intel's vPro processor platform. That's bad news, because TXT is supposed to help protect software -- a program running within a virtual machine, for example -- from being seen or tampered with by other programs on the machine. Formerly code-named LaGrande, TXT first started shipping in some Intel-based PCs last year.
Although almost no software uses the TXT technology today, the research could matter a lot to computer companies and government agencies that are thinking of using it to secure their future products.
Wojtczuk and Rutkowska said they've created a two-stage attack, with the first stage exploiting a bug in Intel's system software. The second stage relies on a design flaw in the TXT technology itself, they said in an announcement of their work, released Monday.
The Invisible Things researchers wouldn't say exactly what system software contains one of these "first stage" bugs before they have been patched, because that information could be misused by cybercriminals.
The "second stage" problem may be tricky to fix, however. "It is still not clear how Intel should address the problem that is exploited by the second stage of our attack," Rutkowska said in an e-mail interview. "Intel claims it can resolve the issue by updating the TXT specification."
The researchers conducted their attack against a program called tboot, used to load trusted versions of Linux or virtual machine modules onto the computer. They chose tboot because it is one of the few programs available that takes advantage of the TXT technology, but they did not find bugs in tboot itself, Rutkowska said.
Intel spokesman George Alfs said his company is working with the Invisible Things team, but he declined to comment further on their work, saying he didn't want to preempt the Black Hat presentation.
The researchers plan to give more details on their work at the upcoming Black Hat Washington security conference next month.
Because TXT isn't widely used, the work may not have much of an effect on Intel's customers, according to Stefano Zanero, chief technology officer at Italian security consultancy Secure Network. "As of now, only a very limited subset of developers who are playing with the technology will find it interesting," he said in an instant message interview.
However, the work could end up being important if it outlines new ways attackers could compromise the vPro architecture, he added. "If it just outlines a specific vulnerability in Intel's implementation, then it's less interesting," he said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- See the Possibilities Utilizing Data Visualization Do you simply want to collect data, or do you want to derive business insights from it? What if you could quickly and...
- 5 Reasons To Migrate From Cisco (ACE) to Riverbed Stingray ADC As you consider refreshing your legacy Cisco ACE application delivery infrastructure, consider migrating to the Riverbed® Stingray™ family of products and learn the...
- The Sky's the Limit for Eclipse Aerospace and VCE This case study highlights how Eclipse was able to unlock critical IP, support business growth, dial up or down resources without having to...
- Implementing Agile Systems Management in Cloud and Virtual Infrastructure The solution to the obstacle stopping enterprises from realizing the benefits of cloud computing- how to extend existing enterprise management applications to the...
- Maximize Efficiency in Your Virtual Environment with Converged Solutions Efficiency is the key to success in IT, especially in a virtual environment. But traditional infrastructure management and inflexible architectures can be costly...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Virtualization White Papers | Webcasts