Intel Leak: 20GB of Secrets Just the Start, Says Perp

A large cache of confidential documents has been exfiltrated from Intel and leaked. By now, it’s all over Bittorrent and your favorite file-sharing sites.

Tillie Kottmann (pictured) leaked the data. They say it was someone else who hacked it from inside Intel, though. Okay, sure, let’s go with that.

And there’s more to come, Kottmann claims. In today’s SB Blogwatch, we can’t wait.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Orbiter info.


Swiss Cheese Security

What’s the craic? Thomas Claburn reports—“20GB of source code, schematics, specs, docs – spill onto web”:

 The first tranche of documents … weighs in at about 20GB. The data dump contains sensitive Intel files subject to … a non-disclosure agreement.

This reminds us of the time Microsoft’s private Windows 10 source code intended for “qualified customers, enterprises, governments, and partners for debugging and reference purposes” leaked online in 2017.

Meanwhile, sources familiar with Intel’s investigation told us the shared documents may not be up to date, as it’s unclear when the information was fetched from the center, and that no personal or customer data was included in today’s dump. At this stage, Intel does not believe it was hacked, we’re told.

And Catalin Cimpanu adds—“Intel investigating breach”:

 The data was published by Till Kottmann, a Swiss software engineer, who said [they] received the files from an anonymous hacker. [They] said today’s leak represents the first part of a multi-part series of Intel-related leaks.

Per our analysis, the leaked files contained Intel intellectual property respective to the internal design of various chipsets. The files contained technical specs, product guides, and manuals for CPUs dating back to 2016.

None of the leaked files contain sensitive data about Intel customers or employees. … However, the question remains to what else the alleged hacker had access to.

Intel denied getting “hacked,” disputting Kottmann’s claim. … “The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties. … We believe an individual with access downloaded and shared this data.”

Happy birthday, Tillie Kottmann—@deletescape:

 This is the first 20gb release in a series of large Intel leaks. Most of the things here have NOT been published ANYWHERE before and are classified as confidential, under NDA or Intel Restricted Secret.

They were given to me by an Anonymous Source who breached them … sometime around May. … More details about this will be published soon.

There will be some more stuff, not sure yet when. Might take a little while, while my source goes under the radar for a while.

I fundamentally believe hardware and the firmware for it should be entirely open and free. … I love helping companies open-source their code.

But how? FrozenGerbil suggests how it went down:

 What likely happened was that a computer in the offices of Centerm Information Co, located in the Fujian province of China, got hacked and the NDA files that Intel shared with Centerm got stolen, which is far different from the (cough) crown jewels secrets of Intel’s designs being stolen.

Being that China has been designing their own CPUs and OS for the past 10+ years now because they no longer trust the CPUs and Microsoft Windows provided by American companies … I seriously doubt Intel is sharing their crown jewels of knowledge with … Centerm. So this is nowhere near as juicy as the hackers like to brag about. … Hackers and scammers always like to brag about stealing stuff that they don’t really have.

All tech companies are very aware that NDA information that they share with others is still susceptible to leaks, either purposely or accidentally … so the really top-secret company-confidential stuff will not get shared to even Intel’s closest partners.

How? brucethemoose suggestifies thuswise:

 It looks like yet another public, unsecured server that someone stumbled upon. Misconfigured cloud instances are the gift that just keeps on giving.

But rtb61 vehemently disagrees:

 Always going to be insiders. How much does the damage cost, often billions of dollars, and that leaves a lot for bribes.

Any competitor to Intel will benefit massively by this and so the incentives to pay for the damage to occur are high, especially during harsh economic times. Often dangerous to pass the information privately but sneakily publish it and those who wanted it can access it and of course the target computer is hugely economically damaged by it.

Private for profit corporations are more likely to do this publicly. Government agencies will do it as quietly as possible and don’t want you to know anything happened.

Could it be put to constructive use? Yes, suggests stingraycharles:

 I hope this leads to more understanding about the internals of the Intel [Management Engine]. Last few years have shown that it’s a tremendous security liability, and the best way to mitigate this is if we all get a better understanding of how it works.

It’s been proven to be … completely missing its purpose. Will be interesting to see how Intel responds, [but] I’m not optimistic.

So how will Intel respond? hrsIGotOut claims to know:

 If [they] release this, [they] can expect criminal proceedings with a healthy case of bankruptcy. Swiss law allows discovery … to be used in civil [cases].

Meanwhile, alumine should be fired:

 So, did someone manage to get intel on Intel’s Intellectual property?

And Blueyezboi has looked at it:

 I’ve looked at this stuff and I can see why Intel can’t make 7nm chips.

And Finally:

How did the Shuttle work?

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or sbbw@richi.uk. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Image sauce: Tillie Kottmann (with their permission)

Featured eBook
The Dangers of Open Source Software and Best Practices for Securing Code

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or ... Read More
Security Boulevard

Richi Jennings

Richi is a foolish independent industry analyst, editor, writer, and fan of the Oxford comma. He’s previously written or edited for Computerworld, Petri, Microsoft, HP, Cyren, Webroot, Micro Focus, Osterman Research, Ferris Research, NetApp on Forbes and CIO.com. His work has won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 170 posts and counting.See all posts by richi