Two gentlement associated with a firm calling itself "Positive Technologies" have documented a manner for acquiring JTAG access to the "Intel Management Engine" on a machine running an 'Apollo Lake' family Intel Celeron (archived). Their recipe involves creating a special debug mode dongle of the sort used for opening up other consumer devices. This has been a very rough year for Intel's marketing wank.
Intel has begun attaching a license clause prohibiting comparative benchmarking to its CPU microcode updates (archived). Intel has spent the past year deluged with reports of critical flaws in their CPUs related to speed optimizations which fundamentally compromise the ability of their chips to be secure, especially in multi user systems. This fumbling by Intel to supress comparative benchmarks between patched and unpatched chips is only their latest attempt to paper over how much of their chips' fradulent speed advantage is lost with anything resembling effective mitigations1 for these engineered holes.
Semiconductor Fabricator TMSC annouced that they were hit with a virus that multiple pieces of their production operation in Taiwan. TMSC alleges the virus entered their systems as they were installing software for a new tool. TMSC's full announcement:
Issued by: TSMC
Issued on: 2018/08/05
Hsinchu, Taiwan, R.O.C., Aug 5, 2018 – TSMC today provided an update on the Company’s computer virus outbreak on the evening of August 3, which affected a number of computer systems and fab tools in Taiwan. The degree of infection varied by fab. TSMC contained the problem and found a solution. As of 14:00 Taiwan time, about 80% of the company’s impacted tools have been recovered, and the Company expects full recovery on August 6.
TSMC expects this incident to cause shipment delays and additional costs. We estimate the impact to third quarter revenue to be about three percent, and impact to gross margin to be about one percentage point. The Company is confident shipments delayed in third quarter will be recovered in the fourth quarter 2018, and maintains its forecast of high single-digit revenue growth for 2018 in U.S. dollars given on July 19, 2018.
Most of TSMC’s customers have been notified of this event, and the Company is working closely with customers on their wafer delivery schedule. The details will be communicated with each customer individually over the next few days.
This virus outbreak occurred due to misoperation during the software installation process for a new tool, which caused a virus to spread once the tool was connected to the Company’s computer network. Data integrity and confidential information was not compromised. TSMC has taken actions to close this security gap and further strengthen security measures.
The US Department of "Justice" has charged a Chinese man, Micheal Yin of Beijing, with 14 felony charges of securities fraud in the Southern District of New York. Yin is alleged to have traded shares of Lattice Semiconductor using non-public information. A second man, Benjamin Chow who worked for a private equity firm in Palo Alto is alleged to be the source of the information following Chow's own guilty plea. The full text is below: Continue reading
A great many types of vulnerability-by-design in consumer routers have been public for a rather long time: Linksys, MikroTik, NETGEAR, TP-Link, and other vendors, have — for the entire history of this product type — been selling boxes that are, essentially, public toilets, free for the remote taking by any reasonably-intelligent teenager.
It appears that this "news" has finally percolated down through the drains and into the dark cellars where USG gendarmerie dwell. As part of their regular work to force the replacement of systems containing old, burned NSA-authored vulnerabilities, with new and fresh ones — USG.FBI have recently turned their attention to consumer routers.
The lively petri dish of self-propagating shitware now commonly known to be dwelling in the NSA victims' home routers, has been officially blamed on Putin's omnipotent DNC-diddling brigade. Respectable, non-terrorist USG subjects will, presumably, be issued new, "clean" routers, in the nearest future.
The burning of these vulnerabilities was handled by having "researchers" affiliated with Cisco unveil the presence of a botnet populated by ~500,000 small routers commandeered by an artful piece of malware which persists across device reboots (archived). Meanwhile, Cisco continues having its own profound and self-inflicted security issues.
The latest reports on the situation in Syria indicate the Arleigh Burke class destroyer USS Donald Cook1 is in Syrian waters where it is being intimately buzzed by Russian warplanes. With diplomatic channels between the US and Russia dramatically reduced following British aggitation, Pantsuit just might get their war if this dance continues. Make Green, Great Again!
Launched May 1997 ↩
The Israelis bombed a Syrian airbase in their latest effort to escalate the conflict Pantsuits refuse to abandon. Meanwhile for similar "humanitarian reasons", nearly 40 corpses have been generated on the Israeli border with Gaza as the Israelis continue defending a flimsy fence instead of constructing a Trump spec wall.
Pinoy President Rodrigo Duterte has praised Russia and China for providing arms for his forces to use in their struggle against Islamist rebels in the south of the Phillipines (archived). The Phillipines has until recently aligned itself strongly with the US, but relations have soured as the Great Again free USG State Department has worked to thwart Duterte's efforts to try making the Pinoys great. Duterte further aired his concerns that the USG.CIA with its own anti-Great faction may move to assassinate him.
In response to economically nationalist moves made by the US Trump administration, China has moved to impose tariffs on a number of US agricultural products including pork and ginseng. Notably absent from tariffs at this time are soybeans. With Brazilian soybeans demanding a price premium for their higher dry weight protein content, a tariff on US soybeans would have likely have ended their marketability in China.
Reports are emerging that aerospace giant Boeing's production process has been crippled by malware utilizing exploits farmed by the United States NSA. According to local media reports the ransomware outbreak has crippled commercial airline production equipment and an effect on military products production is likely though unmentioned in the popular press (archived).