Researchers circumvent security on Intel’s vPro
by Steve Ragan - Jan 7 2009, 12:50Rafal Wojtczuk and Joanna Rutkowska of Invisible Things Lab have said they will demonstrate practical attacks on Intel's Trusted Execution Technology (TXT) during the Black Hat 2009 conference in Washington, D.C.
Before things get out of hand, there are two things to note that should dispel any FUD from spreading. The first item is that Intel Corp. is well aware of the research, the talk and everything related to the issue that Wojtczuk and Rutkowska will discuss. The other note is that while the TXT is available on TXT/vPro hardware, it is so new and under-deployed that there is little to panic over.
TXT is presently a part of Intel’s vPro brand, as a key part of the Safer Computing initiative launched by the Santa Clara-based chipmaker. TXT makes extensive use of the Trusted Platform Module (TPM 1.2) in addition to being comprised of a set of extensions to the CPU as well as the chipset.
If you have a notebook that was purchased within the last year or so, then chances are you already have TPM. TXT adds to this, offering a layer of security that's seen to have a good deal of promise when it comes to system security (TPM resides in Vista and if you are familiar with BitLocker then you already know of its value).
The presentation at Black Hat will center on, “how an attacker can compromise the integrity of software loaded via an Intel TXT-based loader in a generic way,” a press release from Invisible Things Lab noted.
“We have created a proof-of-concept code that demonstrates the successful attack against tboot — Intel's implementation of the trusted boot process for Xen and Linux. Our attack comprises two stages. The first stage requires an implementation flaw in a specific system software. The second stage of the attack is possible thanks to a certain design decision made in the current TXT release.”
For now, Intel is remaining largely silent, only confirming that it is aware of the research, and that it's in the process of working with Invisible Things Lab.
The Black Hat event takes place this coming February.
Comment on this Story