Recently, Swiss software engineer Tillie Kottmann posted a message on Twitter that a large number of confidential files within Intel had been leaked, and the first known 20GB version was only part of a series of large data breaches.
He then added: "This information was leaked to me by an anonymous person earlier this year, and more details about this information will be announced soon." Then, he attached a public link for netizens to view and download.
According to the content posted by the engineer on Twitter, *** posted the stolen confidential files on Telegram, explained the leaked content in detail, and attached the Mega file at the bottom.
The following are some of the contents of the 20GB leaked file:
Intel ME Bringup guide + (flash) tools + examples on each platform
Kabylake (Purley platform) BIOS reference code and sample code + initialization code (some of which are exported git repositories with complete history)
Intel CEDFK (Consumer Electronics Firmware Development Kit) SOURCES
Chip/FSP source code package for various platforms
Various Intel development and debugging tools
Simics Simulation for Rocket Lake S and other potential platforms
Various road maps and other documents
Binary file of the camera driver made by Intel for SpaceX
Unreleased Tiger Lake platform schematics, documents, tools + firmware
Kabylake FDK training video
Intel Trace Hub + decoder files for various Intel ME versions
Elkhart Lake Silicon reference and platform sample code
Some things like Verilog for each Xeon platform, I’m not sure what exactly it is
Debug BIOS/TXE build for various platforms
Bootguard SDK (encrypted zip)
Intel Snowridge / Snowfish Process Simulator ADK
Various schematics
Intel Marketing Material Template (InDesign format)
other
Tillie Kottmann 在推特上补充称,如果你在泄露的文件中发现有密码保护的压缩包,那密码可能是 “Intel123” 或 “intel123”。这不是我或给我透露消息的人设置的,这是英特尔自己设置的。
目前,英特尔方面已经了解相关情况并做出回应。英特尔公司的一位女性发言人称,这些数据(在这篇文章发表之时,这些数据已经被公布在了 BitTorrent 上)包含了英特尔按照保密协议(NDA)要求向合作伙伴和客户提供的数据。这位发言人还表示,英特尔高层不相信数据来自网络漏洞。他们正忙于确定到底泄露了多少资料,到目前为止,没有迹象表明这些数据中包含任何客户或个人信息。
英特尔公司某位高层在 一份 声明中说:“我们正在调查此次数据泄露事件。” “ 这些信息似乎来自于英特尔资源与设计中心 ,该中心托管着供我们的客户、合作伙伴和其他已注册访问权限的外部方使用的信息。我们认为具有访问权限的个人也可以下载并共享这些数据。”
未发布芯片设计遭泄露
根据已泄露的材料显示,这里包含了英特尔客户所需的用于设计主板、BIOS 或其他与英特尔 CPU 和其他芯片兼容的机密材料。有媒体在泄露的内容中发现了 2018 年第四季度到几个月之前这段时间的设计和测试文档、源代码和演示文稿。
这些文件和源代码包中的大多数都适用于英特尔 CPU 平台,例如 Kaby Lake 或即将推出的 Tiger Lake。也还有另外一些与其他产品有关的文件,例如英特尔为 SpaceX 开发的传感器包。
泄露的文件中还包括一个专用于英特尔管理引擎(Intel Management Engine)的文件夹,其中内容英特尔集成商是知晓的,包括设计带有英特尔 CPU 和 ME 的系统时,何时以及多久一次运行这些自动化测试的测试代码和建议。
转储的更新版本之一包括 5 月 5 日发布的“ Whitley/Cedar Island Platform Message of the Week”。Cedar Island 是位于 Cooper Lake 和 Ice Lake Xeon CPU 下的主板架构。这些芯片中的一些已于今年早些时候发布,而另一些尚未面市。Whitley 是 Cooper Lake(14nm)和 Ice Lake(10nm)Xeons 的双槽架构 dual-socket architecture。Cedar Island 仅适用于 Cooper Lake。
内容包括许多图表和图形,如下所示:
一些内容为某些 Ice Lake 样品中的电压故障提供了隐秘的参考。目前尚不清楚这些故障存在于交付给客户的实际硬件中,还是存在于英特尔提供给 OEM,让他们用于设计自己的主板的参考板上。
就在一周之前,InfoQ 曾报道过一则消息:微软、华为海思、小米等全球 50 家知名企业 内部源代码批量外泄, 这次事件是否属于上一次大规模泄密事件的后续目前尚不知晓, 当时这一事件的曝光人同样也是 Tillie Kottmann。
漏洞问题已发生不止一次
有些用户可能还对 2018 年英特尔 CPU 的漏洞事件心有余悸。
2018 年 1 月, 英特尔 CPU 被发现有严重漏洞,该 漏洞使得在同一物理空间的虚拟用户 A 可以任意访问到另一个虚拟用户 B 的数据,包括受保护的密码、应用程序密匙等。当时亚马逊、微软和谷歌三个云计算厂商都深受其害。
In May 2018, new vulnerabilities reappeared . The out-of-order execution processor cores of Intel, AMD, and Arm, as well as IBM's Power 8, Power 9, and System z CPUs all suffered. The new vulnerabilities can be exploited by script files that the program runs (such as web page JavaScript in a browser tag) to extract sensitive information from other parts of the application, such as obtaining personal details from another tag.
Two serious CPU vulnerabilities incidents caused Intel to be utterly devastated, and the delayed release of new products and the backward process technology have become reasons for many Intel customers to find another home.
Apple has announced that it will transfer the entire Mac product line to Apple chips in the next two years. At the time, this move was considered to be due to Intel’s inability to meet the market’s demand for small processes, but now it is clear that such an approach also stems from security issues.
The various confidential files that were leaked this time are harmless in themselves, but they contain BIOS information and proprietary Intel technology source code that can be used to build malware. Some *** may be hidden in files or physical drives, so users must Pay attention to the source of the hardware or software used.
Fortunately, so far, there is no evidence that the leaked documents have any signs of external use.