_____ ____ _
| ____|_ _____ _ __ _ _ / ___|___ _ __ ___ _ __ _ _| |_ ___ _ __
| _| \ \ / / _ \ '__| | | | | | / _ \| '_ ` _ \| '_ \| | | | __/ _ \ '__|
| |___ \ V / __/ | | |_| | | |__| (_) | | | | | | |_) | |_| | || __/ |
|_____| \_/ \___|_| \__, | \____\___/|_| |_| |_| .__/ \__,_|\__\___|_|
_ _ _ _ _
(_)___ | |__ __ _ ___| | ____| | ___ ___ _ __ ___ __| |
| / __| | '_ \ / _` |/ __| |/ / _` |/ _ \ / _ \| '__/ _ \/ _` |
| \__ \ | |_) | (_| | (__| < (_| | (_) | (_) | | | __/ (_| |
|_|___/ |_.__/ \__,_|\___|_|\_\__,_|\___/ \___/|_| \___|\__,_|
All computers since 2003 can read your keystrokes, screen, files
Full remote backdoor available in all Intel and AMD computers since 2003
All your keystrokes, screens, files can be remotely read or modified on demand at any time by MOSSAD, even if your PC is turned off. That includes your encryption password.
Pre-PSP and pre-ME cpu’s are not safe. ASF and DASH are previous versions of PSP/ME botnet. ASF –> DASH –> ME/PSP
Alert Standard Format (ASF) (also sometimes referred to as Alert Standard Forum, Alerting Specifications Forum, Alert Specification Function, etc.) is a DMTF standard for remote monitoring, management and control of computer systems in both OS-present and OS-absent environments.
“DASH provides support for the redirection of KVM (Keyboard, Video and Mouse) and text consoles, as well as USB and media, and supports the management of software updates, BIOS (Basic Input Output System), batteries, NIC (Network Interface Card), MAC and IP addresses, as well as DNS and DHCP configuration. DASH specifications also address operating system status, opaque data management, and more.”
they can access your keyboard, video, mouse over the internet
Desktop and mobile Architecture for System Hardware (DASH) is a Distributed Management Task Force (DMTF) standard.
“Intel Active Management Technology is a compliant implementation of DASH.”
“Intel Active Management Technology (AMT) is hardware and firmware technology for remote out-of-band management of personal computers, running on the Intel Management Engine, a separate microprocessor not exposed to the user, in order to monitor, maintain, update, upgrade, and repair them.”
“Intel confirmed a Remote Elevation of Privilege bug (CVE-2017-5689, SA-00075) in its Management Technology on May 1, 2017. Every Intel platform with either Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME.  Some manufacturers, like Purism and System76 are already selling hardware with Intel Management Engine disabled to prevent the remote exploit. Additional major security flaws in the ME affecting a very large number of computers incorporating Management Engine, Trusted Execution Engine, and Server Platform Services firmware, from Skylake in 2015 to Coffee Lake in 2017, were confirmed by Intel on November 20, 2017 (SA-00086).”
“AMD PRO A-Series platforms utilizing DASH manageability enable manageability features you need and want. These affordable, easy-to-use management tools and features enable remote management of client systems, whether they are powered on (in-band) with a responsive operating system (in-service), or when the clients are powered off (out-of-band) or have a non-responsive operating system (out-of-service). Our powerful management tools also offer remote diagnostics and troubleshooting, asset management, automated system startup and shut down.”
“Client systems that support out-of-band management help IT administrators perform tasks independent of the power state of the machine or the state of the operating system. Examples of out-of-band management tasks include: 1) Securely starting up a system remotely, even if it is currently powered off; 2) Viewing asset inventory information for a system that is powered off; 3) Retrieving health information about system components even if the OS is unavailable.”
“Since the DMTF’s Desktop and Mobile Working Group (DMWG) was announced, the group has attracted more than 180 members from over different companies, demonstrating a strong commitment by vendors and users across the industry to collaborate on this effort. Statements of support for the new DASH Initiative have been provided by (((AMD))), (((Avocent))), (((Broadcom))), (((Dell))), (((HP))), (((IBM))), (((Intel))), (((Microsoft))), (((Novell))), (((NVIDIA))), (((Symantec))), and (((WBEM Solutions))).”
“Extra emphasis has been placed in the development of DASH to enable lightweight implementations which are architecturally consistent. This has been done to enable a full spectrum of implementations without sacrificing the richness of the CIM heritage. This includes software-only solutions and small footprint firmware solutions. Emphasis has been placed on ensuring that these implementations will be interoperable, independent of implementation, CPU architecture, chipset solutions, vendor or operating environment.”
"Through the DASH Initiative, the DMTF will provide the next generation of standards for secure out-of-band and remote management of desktop and mobile systems.
“As a leader in industry standards for PC manageability for over two decades and as a founding member of the DMTF, Intel supports DASH as another advancement for IT as we move into the WS-Management era,” said Gregory Bryant, vice president and general manager of Intel’s Digital Office Platform Division. “Intel vPro technology was originally designed to support a seamless transition to this new standard, and our 2007 product roadmap enables one of the industry’s first DASH and WS-Management supported enterprise PCs through our next-generation Intel vPro technology.”
“We have been a strong advocate of standards, such as WS-Management, as part of our Dynamic Systems Initiative (DSI) and have accelerated the adoption of these technologies in Windows Vista and our System Center family of management solutions.”
“As a founding member of the DASH working group and key contributor to the specification, AMD is pleased to see the broad adoption of DASH in the industry,” said Terri Hall, vice president, Software Alliances and Solutions, AMD.
About Distributed Management Task Force (DMTF)
With more than 3,500 active participants representing 39 countries and nearly 200 organizations, the Distributed Management Task Force, Inc. (DMTF) is the industry organization leading the development, adoption and promotion of interoperable management initiatives and standards.
DMTF was founded in 1992. Board member companies included [2007-03] Cisco Systems; Dell Computer Corp.; EMC; HP; Hitachi, Ltd; IBM; Intel; Microsoft; Novell; Oracle; Sun Microsystems; Symantec; and WBEM Solutions.
The DMTF works closely with its Alliance Partners, including (…) Federation Against Software Theft (FAST)
“DASH will use another better-known DMTF specification, Web Services for Management (WS-Management), to enable management software to pull status information from PC hardware components and peripherals stored in flash memory, Bumpus said. That would allow machines that are”out-of-band," or not running normally, to be diagnosed and even fixed remotely. Most existing management software and monitoring technology rely on software agents running on the machines to send back status information, said Lars Ewe, a division marketing manager at AMD Inc., which is a supporter of DASH. But software agents don’t work if the machine’s operating system can’t boot because the latter is hung, corrupted by a virus, or not yet deployed. “If you have a savvy administrator, DASH will let him diagnose whether an operating system is fried and let him remote boot it with a gold standard image of the OS,” Ewe said. Or “if the hard drive is dead, you can see that. Or you can wake up a PC and read the POST BIOS test data, as long as the power isn’t totally switched off.” […] Bumpus predicted that PCs with DASH capabilities will start shipping within the next six to 12 months. He declined to predict how long it would take for DASH to become mainstream, but noted that DASH’s predecessor, Alert Standard Format (ASF), was introduced in mid-2003 and is now used in “tens of millions” of PCs, mostly within businesses."
“Several members were launched in the end of 2007 and the first half of 2008, others launched throughout the rest of 2008.”
DASH 1.0 support
even old AMD chipsets had this botnet. even 10+ year old laptops contain DASH or it’s predecessor, ASF.
Two embedded 8051 controllers, and one dedicated for DASH compliance
special chip in your old motherboard dedicated for DASH botnet
Intel motherboards. It is a part of Intel Active Management Technology, which allows system administrators to perform tasks on the machine remotely. System administrators can use it to turn the computer on and off, and they can login remotely into the computer regardless of whether or not an operating system is installed.
The Intel Management Engine always runs as long as the motherboard is receiving power, even when the computer is turned off.
The IME is an attractive target for hackers, since it has top level access to all devices and completely bypasses the operating system. Intel has not released much information on the Intel Management Engine, prompting speculation that it may include a backdoor. The Electronic Frontier Foundation has voiced concern about IME.
Starting with ME 11, it is based on the Intel Quark x86-based 32-bit CPU and runs the MINIX 3 operating system.
Starting with ME 7.1, the ARC processor could also execute signed Java applets.
The ME has its own MAC and IP address for the out-of-band interface, with direct access to the Ethernet controller; one portion of the Ethernet traffic is diverted to the ME even before reaching the host’s operating system, for what support exists in various Ethernet controllers, exported and made configurable via Management Component Transport Protocol (MCTP). The ME also communicates with the host via PCI interface. Under Linux, communication between the host and the ME is done via /dev/mei.
In August 2017, Russian company Positive Technologies (Dmitry Sklyarov) published a method to disable the ME via an undocumented built-in mode. As Intel has confirmed the ME contains a switch to enable government authorities such as the NSA to make the ME go into High-Assurance Platform (HAP) mode after boot. This mode disables most of ME’s functions. It is authorized for use by government authorities only and is supposed to be available only in machines produced for them.
Dell, in December 2017, began showing certain laptops on its website that offered the “Systems Management” option “Intel vPro - ME Inoperable, Custom Order” for an additional fee. Dell has not announced or publicly explained the methods used. In response to press requests, Dell stated that those systems had been offered for quite a while, but not for the general public, and had found their way to the website only inadvertently. The laptops are available only by custom order and only to military, government and intelligence agencies. They are specifically designed for covert operations, such as providing a very robust case and a “stealth” operating mode kill switch that disables display, LED lights, speaker, fan and any wireless technology.
(((they))) can disable ME for themselves. it has to be enabled only for goys.
ps contain ASF. They kept improving it and adding more features. We need to discuss, investigate, decide which is last desktop and mobile system that we can safely use. It turns out pre-PSP AMD like AMD FX are not safe.
Spread information about this botnet everywhere.