Intelligence agencies and the tech sector have been debating encryption for a few years now. Spy agencies and cops want to be able to break encryption with the help of big tech companies to access sensitive data from devices belonging to suspects. At the same time, some of them fear hacks, especially those coming from other nation-states, and agree that encryption is needed both at the hardware and software level. But officials from several governments around the world would want secret keys that can access encrypted chats, emails, and calls. And they’d want those keys to be safe to handle. That’s an impossible dream at this point, and Intel’s newest chip flaw is proof of that.
Researchers discovered a flaw in Intel’s chips that opens encrypted data to hackers. It’s a brand new security issue, different from the vulnerabilities discovered a few years ago that affected chips from Intel, AMD, and ARM — those flaws were fixed via software updates, by the way.
The new flaw should not be a cause of concern for most people. The hacks aren’t necessarily easy to perform, according to researchers at Positive Security. But if you rely on encrypted hardware to safeguard sensitive information, someone that could be the target of a nation-state, or an executive at a company that’s about to announce a breakthrough innovation, then pay attention. Someone may try to steal data from your computer.
With enough time and resources, someone could crack your Intel-based laptop without you even knowing. Intel’s chips from the last five years all shipped with this vulnerability, and Intel can’t do anything about it. Anyone capable of accessing it would be able to hack into the latest MacBook Pro by cracking its encryption.
The flaw allows attackers to hack the computer’s encryption process, and then gain access to everything on board.
“For example, they can extract it from a lost or stolen laptop in order to decrypt confidential data,” Lead Specialist of OS and Hardware Security at Positive Technologies Mark Ermolov said. “Unscrupulous suppliers, contractors, or even employees with physical access to the computer can get hold of the key. In some cases, attackers can intercept the key remotely provided they have gained local access to a target PC as part of a multistage attack, or if the manufacturer allows remote firmware updates of internal devices, such as Intel Integrated Sensor Hub.”
Because it’s a read-only memory (ROM) flaw, Intel can’t offer a permanent fix. The only thing you can do is buy a brand new device featuring another chip, or replace your processor with a brand new Intel processor that doesn’t have the same flaw. That’s Positive Technologies’ recommendation, at least. If you suspect you may have been targeted by hackers, you might want to have your device inspected as well:
Since it is impossible to fully fix the vulnerability by modifying the chipset ROM, Positive Technologies experts recommend disabling Intel CSME based encryption of data storage devices or considering migration to tenth-generation or later Intel CPUs. In this context, retrospective detection of infrastructure compromise with the help of traffic analysis systems such as PT Network Attack Discovery becomes just as important.
Intel has a patch for the issue that should make it harder to exploit. But, again, this isn’t a permanent fix, and resourceful hackers will probably find ways to bypass it.
Now, imagine that tech companies installed backdoors into their devices and/or software to comply with law enforcement requests to access data from users. The minute those backdoors are discovered, anyone would be able to hack the encrypted devices with ease. Security vulnerabilities in software, like a backdoor, could be patched, of course. But once the word gets out that a company is building backdoors into their products, every dedicated hacker will keep hunting for security issues in all future products from said companies, regardless of software updates, in search of a new backdoor.