Take a look at our
ThinkPads.com HOME PAGE
For those who might want to contribute to the blog, start here: Editors Alley Topic
Then contact Bill with a Private Message

a BIOS BUG discovered..?!

General Questions, Rumors, Real news & More
Post Reply
Message
Author
BillMorrow
*Senior* Admin
*Senior* Admin
Posts: 7330
Joined: Tue Apr 13, 2004 9:40 pm
Location: San Francisco -> Florida -> Georgia
Contact:

a BIOS BUG discovered..?!

#1 Post by BillMorrow » Tue Jul 05, 2016 5:09 pm

Bill Morrow, kept by parrots :parrot: & cockatoos
Sysop - forum.thinkpads.com

*
She was not what you would call refined,
She was not what you would call unrefined,
She was the type of person who kept a parrot.
~~~Mark Twain~~~

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2693
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: a BIOS BUG discovered..?!

#2 Post by Puppy » Tue Jul 05, 2016 5:11 pm

ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8
Huawei MateBook 13

ajkula66
SuperUserGeorge
SuperUserGeorge
Posts: 16540
Joined: Sun Feb 25, 2007 11:28 am
Location: Brodheadsville, Pennsylvania, USA

Re: a BIOS BUG discovered..?!

#3 Post by ajkula66 » Tue Jul 05, 2016 6:59 pm

Heh...I guess that Kržanić now has an excuse to lay off more Intel employees, after those 12K sacked recently...not that heads shouldn't roll at Lenovo.

Will they? I highly doubt it.
...Knowledge is a deadly friend when no one sets the rules...(King Crimson)

Cheers,

George (your grouchy retired FlexView farmer)

FlexView AARP club members:A31p, T43pSF, X60T

Abused daily: X200s


PMs requesting personal tech support will be ignored.

evening_hunger
Junior Member
Junior Member
Posts: 266
Joined: Thu Nov 26, 2015 2:55 pm
Location: Normandy, France

Re: a BIOS BUG discovered..?!

#4 Post by evening_hunger » Wed Jul 06, 2016 3:06 pm

Who is Kržanić?
x320/i7-2620M/8GB/256gb.ssd/FHD13.3''IPS/debian_testing (main driver)
x230/i5/8GB/500gb.hdd+256gb.m2ssd/IPS/debian_stable+win7 (better half)

RealBlackStuff
Admin Emeritus
Admin Emeritus
Posts: 20018
Joined: Mon Sep 18, 2006 5:17 am
Location: Dublin, Ireland
Contact:

Re: a BIOS BUG discovered..?!

#5 Post by RealBlackStuff » Wed Jul 06, 2016 4:24 pm

Kržanić is the CEO of Intel.
Lovely day for a Guinness! (the Real Black Stuff). And pigs CAN fly!

Kilkenny
Freshman Member
Posts: 67
Joined: Sat May 16, 2015 2:46 pm
Location: New Brunswick, NJ

Re: a BIOS BUG discovered..?!

#6 Post by Kilkenny » Thu Jul 07, 2016 6:41 am

Not surprising given the cavalier attitude towards adding feature bloat to the BIOS. The BIOS is way, way too complex these days.
T23, T42, T43p, T60, X201, and T420 all running OpenBSD

erik
Moderator
Moderator
Posts: 3596
Joined: Sun Apr 25, 2004 12:52 pm
Location: United States

Re: a BIOS BUG discovered..?!

#7 Post by erik » Thu Jul 07, 2016 10:14 pm

Kilkenny wrote:The BIOS is way, way too complex these days.
That's because it's UEFI now, not BIOS. True BIOS is still simple... or basic, more accurately. :)
ThinkStation P700 | ThinkPad P40 · 600

dr_st
Moderator
Moderator
Posts: 7898
Joined: Sat Oct 29, 2005 6:20 am
Location: Israel

Re: a BIOS BUG discovered..?!

#8 Post by dr_st » Fri Jul 08, 2016 9:02 am

A complete UEFI source tree is several hundred megs in size, and when you build it, it produces >1GB of intermediate stuff, before everything is somehow packed into a single 16MB binary. It's pretty mind boggling how it all works (and that it even works). :)
Thinkpad 25 (20K7), X1 Carbon (20HQ), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad, A21m 2628-GXU

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2693
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: a BIOS BUG discovered..?!

#9 Post by Puppy » Fri Jul 08, 2016 11:23 am

dr_st wrote:A complete UEFI source tree is several hundred megs in size, and when you build it, it produces >1GB of intermediate stuff, before everything is somehow packed into a single 16MB binary. It's pretty mind boggling how it all works (and that it even works). :)
There is nothing wrong about that, especially if at least half of the source tree size are automatic tests :) Software just become complex because the hardware is complex. Remember what kind of various devices and features you had 15 years ago and now.

These bugs are different issue. Pushing for low-cost software developers and saving on them pays back.
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8
Huawei MateBook 13

dr_st
Moderator
Moderator
Posts: 7898
Joined: Sat Oct 29, 2005 6:20 am
Location: Israel

Re: a BIOS BUG discovered..?!

#10 Post by dr_st » Fri Jul 08, 2016 1:52 pm

Puppy wrote:These bugs are different issue. Pushing for low-cost software developers and saving on them pays back.
As if bugs are only introduced by "low-cost software developers"... ;)
Thinkpad 25 (20K7), X1 Carbon (20HQ), Yoga 14 (20FY), T430s (IPS FHD + Classic Keyboard), X220 4291-4BG
X61 7673-V2V, T60 2007-QPG, T42 2373-F7G, X32 (IPS Screen), A31p w/ Ultrabay Numpad, A21m 2628-GXU

erik
Moderator
Moderator
Posts: 3596
Joined: Sun Apr 25, 2004 12:52 pm
Location: United States

Re: a BIOS BUG discovered..?!

#11 Post by erik » Sat Jul 09, 2016 6:12 am

Speaking of UEFI complexity, the author of the exploit admits himself that one is more likely to be hit by lightening than affected by this issue.

http://blog.cr4.sh/2016/06/exploring-an ... enovo.html

Not mentioned in the public media is the fact that someone would have to have physical access to a machine to run the exploit, the system not have a boot password and USB would have to be enabled as a boot device. Anyone who keeps their system(s) secure with either a boot password or a BIOS password and USB excluded as a boot device have zero probability of being affected by this. And, it's not like there are a bunch of people running around with this exploit on USB keys in the first place.
ThinkStation P700 | ThinkPad P40 · 600

jaspen-meyer
Senior Member
Senior Member
Posts: 831
Joined: Wed May 19, 2010 11:21 pm
Location: Pardubice, Czech Republic
Contact:

Re: a BIOS BUG discovered..?!

#12 Post by jaspen-meyer » Sat Jul 09, 2016 8:07 am

Importantly, because Lenovo did not develop the vulnerable SMM code and is still in the process of determining the identity of the original author, it does not know its originally intended purpose. But, as part of the ongoing investigation, Lenovo is engaging all of its IBVs as well as Intel to identify or rule out any additional instances of the vulnerability's presence in the BIOS provided to Lenovo by other IBVs, as well as the original purpose of the vulnerable code.
That's a quote appearing in the article bill linked to - noteworthy no source is named.

Eric, I wonder about the need for a usb drive. My understanding is the 'Intel Management Engine' is designed to facilitate remote intrusion. I recently read the spec speet for the bios chip in an R30, circa 2003, and was surprised to learn it could be programed with 125kHz radio waves. Surely technology has improved since 2003.
T420 i7 3612QM seabios; T420 i7 3630QM; T400 Q9100 seabios; T61 P9600; T60 libreboot; x62; x60s libreboot, led; x24 xiphmont led

erik
Moderator
Moderator
Posts: 3596
Joined: Sun Apr 25, 2004 12:52 pm
Location: United States

Re: a BIOS BUG discovered..?!

#13 Post by erik » Sat Jul 09, 2016 10:11 am

It's standard practice not to name sources when they don't come forth to the vendor first. It's a way to mitigate those seeking fame rather than doing this to truly help the industry.

It's certainly possible to write an executable that writes this exploit to memory, reboots a system and attempts to run the code at the EFI level just like a flash update. However, I'm not confident at this time that anything could be done with the data dump since there wouldn't be a place to retain it while a system boots. This would be needed to retrieve it later and potentially send over a network. That's where booting via USB becomes an important key in the process.

I'd also want to know if disabling the "Flash UEFI by end user" option would prevent this exploit from running. I've not inspected the exploit in detail to see what calls it makes.

IME/AMT might be usable in lieu of USB depending on the system. I'm not sure at this time if this exploit could run over AMT. Plus, AMT would have to be enabled. Many organizations disable it based on standard security practices.

The impact of this seems immeasurably low. The PR impact will certainly be higher than anything.

Lenovo released an affected systems list and is keeping it updated as research is completed on each system.
ThinkStation P700 | ThinkPad P40 · 600

Puppy
Senior ThinkPadder
Senior ThinkPadder
Posts: 2693
Joined: Sat Oct 30, 2004 4:52 am
Location: Prague, Czech Republic

Re: a BIOS BUG discovered..?!

#14 Post by Puppy » Tue Aug 02, 2016 6:37 am

erik wrote:Lenovo released an affected systems list and is keeping it updated as research is completed on each system.
One positive comment, Lenovo has tested even old .20 series models and very likely release BIOS updates for them. This is good support after all :thumbs-UP:
ThinkPad (1992 - 2012): R51, X31, X220, Tablet 8
Huawei MateBook 13

Post Reply
  • Similar Topics
    Replies
    Views
    Last post

Return to “GENERAL ThinkPad News/Comments & Questions”

Who is online

Users browsing this forum: No registered users and 4 guests