[X4]

Are there any ways to defend against the attack?

I can only think of buying AMD Chips with CoreBios instead, which of I don't know, if they may have similar issues. Maybe buy Tilera, or other manycore chips instead?

This article with the title: "Expert Says NSA Have Backdoors Built Into Intel And AMD Processors" raises some concerns, even though I don't know, if the source can be trusted. http://www.eteknix.com/expert-says-nsa-have-backdoors-built-...

[pgeorgi]

AMD has a bunch of coprocessors in the chipset as well, but from the analysis that happened in our (coreboot) community, they're much less capable: fan control, one of them gets some firmware uploaded on boot to handle pcie hotplug (or something to that effect).

The system doesn't reserve memory for any of them, and they don't have official connections to the outside world (and are located in places that make such connections unlikely). Firmware is generally rather small, too.

None of them come with up to 5MB of firmware, tons of private RAM and official paths to network, graphics, system RAM and USB, like Intel chips.

Some more details on Intel and AMD at http://www.coreboot.org/Binary_situation

[e12e]

You might want to have a look at Bossard's presentation from defcon20 (2012?), "Hardware backdooring is possible":

https://www.youtube.com/watch?v=MqbvxrJqrPU

He's done a few of these, so I might be getting them mixed up -- but the message is basically that x86 (and by extension amd64) is hopelessly broken due to legacy crap that sort of hides between the cpu, ram and devices (the software running on your cdrom drive, on the network or sound card...).

Also related:

4 2 1 Christopher Domas The future of RE Dynamic Binary Visualization

https://www.youtube.com/watch?v=4bM3Gut1hIk

[ed2: Skip to ~14-15 minutes to get to the good stuff, then go back and watch the whole thing :)

software home page and demo download (I don't think there's anything new published):

https://sites.google.com/site/xxcantorxdustxx/

https://media.blackhat.com/bh-us-12/Arsenal/Domas/_cantor.du...

ed: More recent presentation, looks to be the same: http://recon.cx/2013/schedule/events/20.html

]

Again related to (but as far as I remember does not reference [edit: I was wrong, he does indeed reference this]):

Black Hat USA 2010: Voyage of the Reverser: A Visual Study of Binary Species 1/5 https://www.youtube.com/watch?v=6Xw6pIbd2Hc

#HITB2013AMS D2T1 Sebastien Kaczmarek - Dreamboot - A UEFI Bootkit

https://www.youtube.com/watch?v=KvTUE5P-Yhs

[userbinator]

Not all Intel chipsets have vPro/ME.

E.g. this one doesn't:

http://ark.intel.com/products/64015/Intel-BD82X79-PCH

(Whether they actually do have the silicon and are just disabled somehow and could be enabled/not is a different issue, however...)

[pgeorgi]

To check, I downloaded Asrock X79 Extreme4's BIOS update and looked into it. It contains 2MB of ME firmware.

That's definitely not the vPro enabled version (which uses about 5MB), but approximately matches the regular non-vPro versions in size.

Maybe the "ME firmware N/A" field is meant to mean "don't bother, we don't want you to configure it"?

edit: updated with information from another bios update that isn't a diff