[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-insecurity.html
From: |
Atul Murali |
Subject: |
www/proprietary proprietary-insecurity.html |
Date: |
Fri, 5 May 2017 17:58:19 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: Atul Murali <atulm> 17/05/05 17:58:19
Modified files:
proprietary : proprietary-insecurity.html
Log message:
[#1211516] Add Intel firmware security flaw.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.55&r2=1.56
Patches:
Index: proprietary-insecurity.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.55
retrieving revision 1.56
diff -u -b -r1.55 -r1.56
--- proprietary-insecurity.html 1 May 2017 07:21:07 -0000 1.55
+++ proprietary-insecurity.html 5 May 2017 21:58:19 -0000 1.56
@@ -36,6 +36,18 @@
<ul>
<li>
+ <p>Intel's CPU backdoor – the Intel Management Engine – had a
+ <a
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
security
+ vulnerability for 10 years</a>.</p>
+
+ <p>It does not help that in newer Intel processors, it is impossible
+ to turn off the Intel Management Engine. Thus, even users who are
+ proactive about their security can do nothing to protect
themselves
+ besides using machines that don't come with the backdoor.</p>
+
+</li>
+
+<li>
<p>Many Android devices <a
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
can be hijacked through their Wi-Fi chips</a> because of a bug in
Broadcom's non-free firmware.</p>
@@ -456,7 +468,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2017/05/01 07:21:07 $
+$Date: 2017/05/05 21:58:19 $
<!-- timestamp end -->
</p>
</div>