09-29-2013, 10:31 AM
If there were a backdoor in vpro then it would likely only be used for targeted attacks, not random mass monitoring. So unless you were targeted in such an attack, and logged all traffic coming out of the PC, then no, you would never see it. And (like Stuxnet) the "backdoor" wouldn't be called a backdoor, it would officially be a "bug" that the NSA happened to find and exploit. Zero power remote bugs were created about 70 years ago, I'm sure things have advanced since then, so no, it is not impossible. A buffer overflow in vPro microcode could enable remote upload of code, which could covertly communicate over the WiFi chip on an unassigned channel, or frequency hopping.
Originally Posted by RealNC
Remember that Stuxnet had network command and control, and spread across local LANs of secured networks, and yet these crackshot admins didn't notice the odd network traffic at all, for years, until the authors released a version that accidentally spread across the open internet. It is entirely possible that they have even better exploits that they reserve for non-worm local only usage.
09-29-2013, 11:46 AM
Yes the idea has been around for a long time.
Originally Posted by DrYak
Tags for this Thread