WingNews logo WingNews
top | item 16134121

(no title)

rhubarbtse | 8 years ago

It's about enabling a backdoor of sorts in your laptop behind your back.

Let's say you're at a hotel with your laptop. It has full device encryption enabled and the BIOS is protected with a password and it has all the shebangs to protect your laptop -- so you should be safe, right?

Someone distracts you for 30 seconds while an accomplice backdoors your laptop with this vulnerability.

Five minutes later while you're happily browsing Hacker News with your laptop using the hotel WIFI, the attacker has full and unrestricted access to your laptop via the very same hotel WIFI.

discuss

order

adtac|8 years ago

The number zero rule in security is that if a malicious adversary has physical access to your device, all bets are off.

organsnyder|8 years ago

The number negative-one rule in security is defense-in-depth. Even when you have a layer where a breach is considered catastrophic (physical access, behind the firewall...), you still add whatever measures you can to mitigate the potential impact.

mkagenius|8 years ago

So, no use of Apple/Chrome asking for system passwords to see other saved passwords?

luckydude|8 years ago

What adtac said. If I let someone have physical access to any computer I own I fully expect to be compromised.

And here the issue is, as I understand it, I would have had to have left that AMT part in place with a default password. I get that it is geeky and maybe there should be a process where when you buy a new laptop they set the password to some unique thing and give you a sticky note with the password on it. I get that a lot of people won't know to change the management password, but that's an educational issue, just like people had to be taught to not use "1234" or "admin" as their login password.

Still seems like an over hyped issue but I guess that is part of the educational process.

I don't feel like this rises to the level of Meltdown or Spectre.

chrischen|8 years ago

Why even have full disk encryption then?

tedunangst|8 years ago

If I turn around for 30 seconds and my laptop has rebooted, I might wonder why.