Hacker News new | past | comments | ask | show | jobs | submit login

1. You can opt to not utilize the security features offered.

2. This is not used for device management.




It is a SuperIO chip with on board co-processors that can inspect and modify data transferring to/from peripherals. It is most certainly used for management and capable of being compromised like the ME.


You have not refuted anything I said besides implying that I am wrong. Again:

- You can turn off functionality if you do not want it.

- There are no management or remote access capabilities.

- The only way to compromise it would require compromising the main CPU anyway, and persistence would be a whole other (major) challenge.


Ah, so you're saying this chip is guaranteed to not have its own TCP/IP stack, no access to the NIC, and no latent zero-days that a remote attacker can exploit?


That is correct enough, but now sure what “it’s own” means.

To be clear, this is not some mystery chip, it runs a derivative of iOS, and you can check out the firmware in /usr/standalone/firmware (You can even reverse engineer it if you have experience with ARM).




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: