>I found very interesting 0day vulnerability (looks rather like backdoor) in ThinnkPads, arbitrary SMM code execution
>X220 is the oldest one that I have checked, firmware ver 1.42 has the same vulnerable code
>It also leads to flash write protection bypass, SecureBoot bypass, Windows VSM bypass and other bad things. Details soon :)
/g/ status:
[X] FUCKING REKKT
No link to a source? Get out.
>>54904559
SOURCE
>>54904559
>We're in
Fucking bullshit
Being able to flash shit from an EFI shell isn't a big deal.
Basically the equivalent of rooting a phone.
>>54904573
>>54904586
https://twitter.com/d_olex
FREETARDS BTFO
>>54904644
Actually if it let you flash this would let you do shit like remove the whitelist for mpcie.
get your patches here
https://support.lenovo.com/us/en/product_security/smm_attack
based Penryn series unaffected
>>54904619
>>54904586
>>54904573
http://blog.cr4.sh/2016/02/exploiting-smm-callout-vulnerabilities.html
>>54904644
But free software would remove this problem
This is a problem in proprietary software
You're blaming a car crash on a horse
>>54904644
Holy shit you're retarded.
>>54904731
Oh, gay so you can't modify the firmware or it won't boot.
>>54904677
>T420 and X220 affected
>T520 and W520 unaffected
manlets on suicide watch
>>54904644
>I don't know what is happening
>but I'll shitpost about it anyway!
why is /g/ full of idiots
explain this too me as if I'm a retard
Holy shit freetard damage controll is really fast.
>>54905256
>d-damage c-control
>>54905293
>if I post enough frogs I can obfuscate my stupidity
Just read a book nigger
>>54905265
thinkpad laptops can be hacked no matter what operating system or antivirus you have, and it looks like it's intentional
>>54905265
/g/'s favorite Thinkpad models are fucked. If you aren't a pleb, it's not an issue.
>>54905310
is it only if they have physical access or can it be done from anywhere
>my r400 isn't affected
Feels good.
>>54905316
He doesn't know
>>54905227
Manlets, when will they ever learn ?
>>54905310
>>54905314
>>54905316
You need to have physical access to the computer to use EFI shell and it lets you brick the computer or read ram, it isn't useful.
>chink-shitNOT·····
O·······
T·EVEN··
··V·····
··E·ONCE
··N·N···
····C···
····E···
>>54905399
Wow it's fucking nothing
>>54905399
You can do it via Windows actually.
>>54904677
Am I retarded or is this windows only
>>54905415
Quality post
> tfw you got a libreboot x200
>Using anything later than T60
You goyim asked for this
>>54904559
this is old as fuck
I remember reading about this a year ago on reddit
>he buys lenovo thinkpads
LMFAO thinkpad has been shit tier ever since IBM sold it. fucking fag/g/ots
>he fell for the thinkpad meme
>>54905399
the point is that it's probably a backdoor that was created at the FBI's request so they don't need a subpoena to get your password
>>54905860
Hacking without a warrant or approval is illegal.
>>54904559
>t410 not affected
"vulnerability" discarded.
>>54906029
>>54904559
>He fell for the meme meme
>>54906029
The government is above the law
>>54906107
Evidence would be discarded if the FBI was forced to reveal their methods of accessing said evidence.
captcha: morl impasse
>>54905415
That
Lenovo was caught loading bloatware into the UEFI so it would persist even after formatting and reinstalling windows and they had one piece of bloatware that actually made your internet connection susceptible to being MITM'd.
Shady company
>SMM
>ring -1
>IntelME
>ring -3
With Intel, you don't own your computer. Someone else does, whenever they want.
>/g/ has been recommending LITERAL BOTNET for the past year
>funded by NASA shit posters to infiltrate /g/ users
My Thinkpad doesn't even have UEFI.
ha /g/ utterly btfo
Confirmed: You are a retard.
All hardware has "backdoors".
>>54904607
Sick facebook meme
>>54906454
Have another
>>54905399
>You need to have physical access
Oh wow it's fucking nothign
You're fucked if someone have access to your computer anyways, encrypted or not since they can fucking drug you and beat the password out of you with a baseball bat
>w510 not affected
based 510
>>54904644
ThinkPads aren't free dumbass. It's a uefi exploit for a specific set of hardware.
>>54904677
>Execute arbitrary code
>Bypass Secure Boot
>Denial of Service
>Escalation of Privilege
>Severity: Medium
>>54906546
HOLY MOTHER OF KEK
>>54906546
I saw this as well. Hearty laugh.
This confirms what dem niggaz been talking for quite a while already. Good job.
>>54904677
Medium :-D
>>54906546
Probably because it's not remotely executable
>>54906377
>NASA shitposters
>>54907274
If NASA can convince people the Earth is round then they can convince people to buy a thinkpad
>>54904559
>laptop from a chinese spying corporation is vulnerable
YOU DON'T FUCKING SAY
>>54904559
Y410P/510P (IdeaPad)Not Affected
>>54904559
So a typical day for chinkpad owners.
>>54904658
Holy shit I want this to happen.
>>54906546
>>54907061
>>54907171
Literally retarded.
See >>54907194
The patch is only available for Windows users.
If you weren't using windows how would you solve this?
>>54907409
You spend 10 mins and download XP iso files
>>54907409
>Use the link below to obtain the BIOS in other file formats:
> BIOS Bootable CD
>>54906474
Implying anyone can say something once you've been hit with a baseball bat
Looks like the X201 isn't on there... I dodged a bullet by having an inferior model! Whooo hooo
>>54907459
Doesn't matter since most of you're neckbeard anyway
You'd spit out your password asap when someone hold a baseball bat and threatening you
And remember, if they have access to your laptop physically then they know who you're.
You're fucked no matter what.
>>54907194
>>54907395
This. If someone has physical access it's all ogre and that's always been true.
>>54907300
>he's a flat earther
How retarded can you get?
>>54907529
What about plausible deniability? You kan keep a truecrypt drive with a decoy OS.
>>54907764
Plot twist: You're the retard.
How do you not see the fucking sarcasm. Jesus christ.
>>54907764
>he's autistic enough to fall for my bait
How retarded can you get?
>>54907805
>>54907813
>"Oh shit, someone called me a retard on the internet for making retarded statements!"
>"LOL IT WAS SARCASM BRO I'M ONLY PRETENDING TO BE RETARDED YOU'RE THE RETARD"
>>54905256
This.
>>54905560
Also this.
>>54907864
m8o you are easily baited
to minimise further butthurt, lurk moar
>>54904644
>>54905293
>>54907764
>>54907864
You must be 18 or older to post on 4chan.
>>54907914
this
>that superfish or whatever the fuck man in the middle thing before
>now this
Won't be buying Lenovo, no way.
>>54907864
It was obvious bait
Not detecting a joke is a sign of autism
>>54907910
been here since 07, I've done lots of lurking.
>>54907914
>>54908027
>"He knows I wasn't pretending to be retarded in my first post."
>"I got it! HAHAHAH YOU'RE UNDER 18 GET B&"
Why do retards resort to childish tactics like this?
Also, stop samefagging.
>>54908040
you got baited and you are now in full damage control, you autist, you are making this worse
lurk moar
unless this is some meta bait, in which case 6/10, mildly annoyed
>>54908040
>there is no way multiple people think I am retarded
whatever preserves your ego bud
>>54904559
Old news is old.
>/g/ status: Told
The only people on /g/ pushing Thinkpads are PLA shills who want to push stupid Westerners to buy their spyware.
>>54906312
Not in ThinkPads. Read more carefully.
The only spyware you could get is Computrace or Intel AT, if it was enabled.
>>54907409
Stopping being a hipster.
>>54908088
>post search results
No mentions of "Thinkpad" on the results
>>54908083
nice photoshop, faggot
>>54907409
FreeDos? I've used it before to flash my BIOS. Couldn't stop sweating the whole time, but it worked fine.
>>54904559
>UEFI
>not using libre boot
>not using libre hardware
TOP KEK
>>54908137
Are you just counterbaiting me now?
I would just inspect element if I wanted to edit, but I am not samefagging
>>54908163
>still thinks libre hardware really exists
HAHAHAHAHAHA
>>54908163
>using so old shit that it can't run a lightweight website
Kek
Interesting..
I wonder if I can test this easily on my Libreboot Thinkpad to see how it works?
>>54904559
>>54904644
>>54905280
>>54905293
>>54905310
>>54905314
>>54905334
>>54906377
>>54906546
>>54907061
>>54907171
>>54907173
>>54907441
>>54907409
>>54908088
>hurr UEFI is not 100% bullet-proof
Meanwhile you were loading a modded BIOS image in your older thinkpad without questions, just because you wanted another wireless card.
>>54908163
>using core 2 duo shit
>>54908183
Arm has no proprietary CPU microcode updates and the BBB is about as free as it gets.
>>54908200
>tales from my anus
>>54908201
There is support for Atom based Server boards which you could use for a workstation.
>>54908203
ARM can have proprietary secure boot too
Good thing I didn't update my bios because anything higher lowers my ram speeds.
>>54908215
>seriously suggesting Atom for a Workstation
>>54908200
>Meanwhile you were loading a modded BIOS image in your older thinkpad without questions, just because you wanted another wireless card.
But I'm not. My BIOS is freedom respecting and I can even compile it and flash it all from source. I already did once.
>>54908279
>freedom respecting
>it can't run BSD's
>>54908076
>"DOB GEG YOU GOT RUSED DAMAGE CONTROL AUTISM LURK MOAR"
Oh, I'm doing damage control? Do you even know what you're typing?
How ironic.
>>54908083
Whether you use inspect element, image editing, or posting from another browser, it doesn't hide the fact that you're a butthurt samefag.
>>54908312
Check the FAQ. Some have gotten it to run with modification made.
But I won't run BSD's because I don't like the community or the license and the proprietary software and blobs it includes.
>>54908183
>>54908188
>not running dwm on a minimal distro
>not having a development server for making builds
>having more than 2 GB of RAM
>he fell for the 16GB of RAM meme
>despite being shown that his system is vulnerable, he continues to use as a chinese and russian hackers send him payloads up the ass every night
>>54905227
t520 masterrace here
>>54908334
Who the fuck asked you if you want to run BSD?
>>54908279
What hardware do you use?
goddamn Captcha: 421 not 420!
>>54904559
It's not like there aren't NSA backdoors in intel and amd processers, GCHQ backdoors in ARM processors, chinese backdoors in hard drives, french backdoors in your wifi chips, japanese backdoors in your headphones
>>54908279
>enjoy your 60% of the original CPU performance
hahahahaha
>>54908339
>implying russians/chinks/muricans care about the country i'm living
>>54908375
A Libreboot Thinkpad X200
>>54908339
>not running Windows 10 on 2GB RAM master race
gaymur manchildren please leave
>>54908339
>seriously suggesting using the rootkit formely know as X.org to defend himself from a hardware backdoor
Do you also smoke to lose weight?
>>54908447
>implying I connect to the internet with my libre machine
>implying I dont just ssh into production/work servers
Youre an idiot. I can also simply run fully from the cli.
>>54904559
WHAT IF:
this is a HUGE fake and it's to get everyone to panic and install the update which in reality is the exploit and transmits every keystroke to the NSA?
What if this is the beginning of the end?
Would anyone here suggest installing the update from Lenovo (I know that T420 can't do Libreboot since it's already backdoored by Intel ME)?
I mean the state:
> If the UEFI BIOS has been updated to version 1.48 or higher, it is no longer able to roll back to the version before 1.48 for security improvement
(src: https://download.lenovo.com/pccbbs/mobiles/83uj29uc.txt )
On some level we have to trust them even if we can't verify the closed source software.
>no way to update BIOS on a non-Shitdows OS
Fuck you then.
Vuln is local only anyway so who gives a fuck.
>>54908475
>He states two contradictory things
You're the idiot here.
I wonder if there is a way to install Coreboot/Libreboot in a VM and test the malicious code inside the VM?
>>54908339
>chinese and russian hackers send him payloads up the ass every night
how would this affect me if it's turned off and behind a router with libre software.
>>54908491
>no way to update BIOS on a non-Shitdows OS
http://support.lenovo.com/de/de/downloads/migr-77076
NOT READING?
THERE'S A BOOTABLE CD THAT INSTALLS THE UPDATE!
>>54908492
>connecting a server is the same as connecting and opening your computer to the rest of the Internet
Are you retarded?
>>54908203
*Arm has proprietary CPU microcode updates, trustzone and the BBB is about as notfree as it gets.
Fixed for you.
>>54908491
>>no way to update BIOS on a non-Shitdows OS
Welcome to proprietary updates and vendors only supporting Windows because of market share and profit.
I'm pretty sure MS could just make the BIOS updates apart of their support and make them copyright and un-modifiable or non-redistributable
>>54908532
But does the CD work on linux with source code? Or does it contain some proprietary *.exe like I assume.
>>54908534
>I connect to remote servers through magic
>hurr durr local area network
Libre hardware: Not even once.
>>54908579
>>54908579
ITS A BOOTABLE CD THEY EVEN STATE:
> The BIOS Update CD can boot the computer disregarding the operating systems and update the UEFI BIOS (including system program and Embedded Controller program) stored in the ThinkPad computer to fix problems, add new functions, or expand functions as noted below.
I not have that problem , MBP + Linux
>>54907782
Everyone knows that a truecrypt volume has n+1 subvolumes. If you give a dummy key, they'll beat the next one out of you
>>54908622
>>54908532
>>54908477
would you reccomend installing the update?
How far would an attacker (hacker / gov.) need to go to get this explot to work?
>>54908625
OH BOY, SOMEONE POSTED APPLE, THE SHIT STORM IS INCOMING
>>54904644
high level bait
>>54908640
Almost doesn't backdoors...
>>54905399
The guy who discovered it used a hardware device to be able to read the SMRAM to discover the vulnerability.
He then created user mode software that used kernel mode calls to inject arbitrary code into the SMRAM space described as the exploit.
This essentially allows for creation of malware that can read RAM directly.
It would be extremely useful depending on the system where it was installed and what information you wanted.
>>54908662
stupid.
I'm somewhat of a newfag when it comes to security,
how would you go about exploiting such a thing?
>>54905316
>>54905341
>>54905399
>>54905507
>>54906474
http://www.legbacore.com/Research_files/HowManyMillionBIOSWouldYouLikeToInfect_Full2.pdf
page 27
Wincucks are more fucked than Lincucks!
>>54904559
>I was literally about to go out and buy a refurbished x220 for cheap
HAHA
THANKS /g/
>>54908683
How could it get be installed if the system is ...
- not physically accessible
- not accesible via network
(i.e. a machine to write PGP encrypted messages and transfer them via burned CDs on a free as in freedom operating system)
>>54908829
https://libreboot.org/docs/hcl/c201.html
>>54908352
Reporting in
>>54908872
ASUS Chromebook C201
DO NOT BUY THIS LAPTOP YET!!!!!!!!!!! This is intended mainly for developers at the moment (libreboot developers, and developers of libre GNU/Linux distributions). This laptop currently has zero support from libre distros. Parabola theoretically supports it, by installing Arch first and then migrating to Parabola using the migration guide on the Parabola wiki, but it's not very well tested and does not have many packages - in our opinion, Parabola does not really support this laptop. There are also several issues. Read this page for more information. This laptop can still be used reasonably, in freedom, but it requires a lot of work. Most users will be disappointed
>>54906092
>implying it doesn't have a different vulnerability
lelnovo not even once
>>54908933
>>54908637
Has anyone already installed the update?
(from lelnovo)?
It's like hell:
not installing the update:
> livinig in constant fear to have more than one backdoor (Intel ME and so on ...)
installing the update:
> I am downloading my own death
> update is hack, laptop destroyed (won't boot)
>inb4 don't have furry porn on your laptop
I don't have any porn on my laptop (I don't need it :^) )
Daily reminder that if you use any modern x86 architecture you shouldn't expect security.
Use your x86 for the same things you would use some random public desktop computer in your university.
Use pic related+Gentoo if what you want is security/privacy.
>>54907441
BTFO of the week right here
>>54908887
>all you need
>is remote cmd.exe with admin access
well, okay then...
>>54909004
Absolutely this.
>>54908994
>inb4 don't have furry porn on your laptop
*raises paw*
The fbi still wouldn't be able to figure it out even if they had your thinkpad.
>>54909004
yeah bro google is synonym with privacy/security after all ;^)
5 poos have been deposited in your loo
>>54909004
Why would be a chromebook safe
>>54909004
Is pic related really working with librebot?
I can't find any proof that it works.
>>54909110
Did you mean NVIDIA?
>>54909099
what are you even trying to say?
>>54909135
What's the problem with Coreboot?
>>54909132
The FSF got Libreboot running on it, so it's possible to use without any proprietary blobs.
>>54909181
'cant unlock' single iphone
requests more backdoors that are easier
>>54909246
*facepalm* didn't think about that.
>>54909280
fbi needs more pajeets
>>54904677
My x201 is not on that list
>>54909004
Oh the irony:
The most hipster lookng device is the one that grings all /g/entooman freedom!
>>54909246
Regardless of this "terible" news (hehe not)
Coreboot (or libreboot) is BEST. We all should use it... especialy all Gentoo neckbeards/
(sorry, im new. but coreboot needs yur help)
>>54909659
>hehe not
why?
>>54909659
Has anyone here got Thinkpad T420 with coreboot working?
Would coreboot solve at least these SMM issues (I know Intel ME backdoor is still there)?
>>54908625
>Using X86 OS
>He thinks he will be free!
>>54904658
Wait so this could fix their stupid shit like wifi card incompatibility?
>>54904559
so twitter feeds are official news now?
I love this reddit meme
Good luck installing Gentoo on a Tegra...
>>54904559
>following /g/s advice
>2016
If you seriously bought a thinkpad just because some neckbeard on /g/ told you too, you deserve what you get.
>>54906546
So could this be used to unlock those locked x220s on ebay?
>>54907300
>he thinks the world is round
ahahahaha :)
t. mac user
>>54904658
I actually asked him about this, he responded that this would work if Intel bootguard is misconfigured
>>54910173
hollow too
>>54904559
>have to have physical access
>thinking your shit is going to be okay once someone has physical access
>>54904559
It sounds like I don't want to patch this, it could be useful if I want to do some modding in the future.
>>54905293
>>54908579
>But does the CD work on linux with source code? Or does it contain some proprietary *.exe like I assume.
Lenovo bootable CD BIOS updates boot DOS with a driver for an embedded floppy virtual image that contains the flasher and image. You can (and people do) write their own modded BIOSes.
>>54904644
fucking summer
>>54909004
security by obscurity is still bad security
>>54904559
HAHAHA! I'll keep using my macbook. It'll never happen on it.
>>54911966
Well you're not having this particular vulnerability, but there's still more for you, you can be sure about that!
>>54908383
>Japanese backdoors in your headphones.
Had a sensible chuckle because I'm in public.
Has ANYONE already installed the update? Specificly T420 owners?
Or is this a good oppurtunity to switch to coreboot?
Do you use coteboot on your t420?
>>54913978
>Specificly
>oppurtunity
FUCK, I can't type anymote
>>54914045
>anymote
ANYMORE!
>>54904644
>>54904644
wat?
this is proprietary..
>>54909041
It seems like a lot, but remember with this they can install a hidden virus that can't be removed by erasing your drives
>>54914160
Nigger if they already have remote access to a root shell on your OS what's the point of this exploit? You're already fucked
>>54913978
There is no coreboot for 420
And yes I have and it's fine
Did the bootable as I'm not a Win fag
>>54905227
>T420 and X220 are for manlets
>implying T520 and W520 aren't for manlets over compensating for there small dicks
>>54914216
Exactly, lol. Remote admin cmd shell = already pwnd.
>>54905023
No shit? Cryptographically signed firmware has been a thing for awhile.
>>54914455
Learned that the hard way with Android a couple of years back
>>54904559
BASED APPLE
A
S
E
D
APPLE
Couldn't this be exploited in a positive sense, to bump your own hooks into the chinkpad BIOS?
Thinkpad user here, it's time to admit that we lost guys!
It's over, Apple won
>>54914502
>Connect special dongle to thunderbolt port
>unlimited access
>>54914684
>X2**
>T4**
>no mentions of T5** or W series
Manlets, when will they ever, EVER learn?
>>54914684
Nice false flag, pajeet
>>54904559
I wonder how many neckbeards are currently having a stroke and how many drives are being wiped.
>>54914788
Not me. I'm using Libreboot and Trisquel GNU/Linux.
>>54914684
> Even FBI can't get into Apple's security
t o p
k e k
>>54905548
not windows only
>>54906546
no one ever include physical security in their threat analysis
>>54905415
>>54905842
>>54905853
>>54906312
>>54909321
my x200 isnt on the list either
>Thinking about piece of hardware post 1999 isnt backdoored for the government.
>>54904609
Or dropping it in a piss filled toilet...
>>54904677
>X220 Minimum version including fix 1.42
>X220 latest bios is still 1.42
>>54904559
>version 1.42 has the same vulnerability code
This is literally nothing new. Lenovo have been known to do this for like two years now...
>>54906350
How is the Management Engine Ring -3? Also, SMM is considered Ring -2.
Gotta love hardware persistence. Most people are so focused on software compromise and are so deterred by the technical requirements of understanding hardware compromise that they never even care for it.
Hardware persistence is the scariest thing anyone that is looking for privacy can hear.
>>54904763
Just like free software allowed the bash bug to be detected immediately and fixed. It definitely didn't allow such a serious and glaring bug to sit there for literal decades before being seen...
>>54910084
the lamestream media will cover this in 2 months time if at all
>>54914234
https://www.coreboot.org/Supported_Motherboards
It only says flashrom is not supported, could you still install coreboot with physical access (opening + attaching programmer)
>>54921010
Forgot pic.
>>54914234
>>54921010
https://www.phoronix.com/scan.php?page=news_item&px=Coreboot-Ported-To-T420
Only t420 without nvidia graphics are supported.
I'm happy that I don't have nvidia.
>MemePads
You get what you pay for.
>>54921152
https://www.coreboot.org/Board:lenovo/t420
>>54904559
>lenovo
>Chinese multinational technology company with headquarters in Beijing, China
serves you right
>>54904559
I think it is naive to think any modern consumer device is not backdoored.
