As the saying goes, hindsight is 20/20. It may surprise you that the microchip that we all know and love today was far from an obvious idea. Some of the paths that were being explored back then to cram more components into a smaller area seem odd now. But who hasn’t experienced hindsight of that sort, even on our own bench tops.
Let’s start the story of the microchip like any good engineering challenge should be started, by diving into the problem that existed at the time with the skyrocketing complexity of computing machines.
Legendary sudomod forum user [banjokazooie] has once again demonstrated their prowess in Wii U console modification — this time by transforming it into a powerhouse portable computer!
We loved [banjokazooie]’s RetroPie Wii U mod, and happy to see them back again with this build. What’s in this thing this time around? Buckle up ’cause it’s a ride: an Intel M5 processor core M on their Compute Stick, 4GBs RAM, a 64GB solid-state drive, a 2K LCD touchscreen, Bluetooth, WiFi, a 128GB SD card slot, two 3.7V 4000 mAh batteries, a Pololu 5V,6A step-down voltage regulator, a Teensy 2.0++ dev board, a battery protection PCB, a USB DAC sound card, stereo amp, a USB hub for everything to plug into, and a TP5100 battery charging board. Check it out!
There was a time when owning a computer meant you probably knew most or all of the instructions it could execute. Your modern PC, though, has a lot of instructions, many of them meant for specialized operating system, encryption, or digital signal processing features.
There are known undocumented instructions in a lot of x86-class CPUs, too. What’s more, these days your x86 CPU might really be a virtual machine running on a different processor, or your CPU could have a defect or a bug. Maybe you want to run sandsifter–a program that searches for erroneous or undocumented instructions. Who knows what is lurking in your CPU?
This looks like the end of the road for Intel’s brief foray into the “maker market”. Reader [Chris] sent us in a tip that eventually leads to the discontinuation notice (PCN115582-00, PDF) for the Arduino 101 board. According to Intel forum post, Intel is looking for an alternative manufacturer. We’re not holding our breath.
We previously reported that Intel was discontinuing its Joule, Galileo, and Edison lines, leaving only the Arduino 101 with its Curie chip still standing. At the time, we speculated that the first wave of discontinuations were due to the chips being too fast, too power-hungry, and too expensive for hobbyists. Now that Intel is pulling the plug on the more manageable Arduino 101, the fat lady has sung: they’re giving up on hardware hackers entirely after just a two-year effort.
According to the notice, you’ve got until September 17 to stock up on Arduino 101s. Intel is freezing its Curie community, but will keep it online until 2020, and they’re not cancelling their GitHub account. Arduino software support, being free and open, will continue as long as someone’s willing to port to the platform.
Who will mourn the Arduino 101? Documentation was sub-par, but a tiny bit better than their other hacker efforts, and it wasn’t overpriced. We’re a little misty-eyed, but we’re not crying. You?
Sometimes the end of a product’s production run is surrounded by publicity, a mix of a party atmosphere celebrating its impact either good or bad, and perhaps a tinge of regret at its passing. Think of the last rear-engined Volkswagens rolling off their South American production lines for an example.
Then again, there are the products that die with a whimper, their passing marked only by a barely visible press release in an obscure corner of the Internet. Such as this week’s discontinuances from Intel, in a series of PDFs lodged on a document management server announcing the end of their Galileo (PDF), Joule (PDF), and Edison (PDF) lines. The documents in turn set out a timetable for each of the boards, for now they are still available but the last will have shipped by the end of 2017.
It’s important to remember that this does not mark the end of the semiconductor giant’s forray into the world of IoT development boards, there is no announcement of the demise of their Curie chip, as found in the Arduino 101. But it does mark an ignominious end to their efforts over the past few years in bringing the full power of their x86 platforms to this particular market, the Curie is an extremely limited device in comparison to those being discontinued.
Will the departure of these products affect our community, other than those who have already invested in them? It’s true to say that they haven’t made the impression Intel might have hoped, over the years only a sprinkling of projects featuring them have come our way compared to the flood featuring an Arduino or a Raspberry Pi. They do seem to have found a niche though where there is a necessity for raw computing power rather than a simple microcontroller, so perhaps some of the legion of similarly powerful ARM boards will plug that gap.
So where did Intel get it wrong, how did what were on the face of it such promising products fizzle out in such a disappointing manner? Was the software support not up to scratch, were they too difficult to code for, or were they simply not competitively priced in a world of dirt-cheap boards from China? As always, the comments are open.
At the Bay Area Maker Faire last weekend, Intel was showing off a couple of sexy newcomers in the Single Board Computer (SBC) market. It’s easy to get trapped into thinking that SBCs are all about simple boards with a double-digit price tag like the Raspberry Pi. How can you compete with a $35 computer that has a huge market share and a gigantic community? You compete by appealing to a crowd not satisfied with these entry-level SBCs, and for that Intel appears to be targeting a much higher-end audience that needs computer vision along with the speed and horsepower to do something meaningful with it.
I caught up with Intel’s “Maker Czar”, Jay Melican, at Maker Faire Bay Area last weekend. A year ago, it was a Nintendo Power Glove controlled quadcopter that caught my eye. This year I only had eyes for the two new computing modules on offer, the Joule and the Euclid. They both focus on connecting powerful processors to high-resolution cameras and using a full-blown Linux operating system for the image processing. But it feels like the Joule is meant more for your average hardware hacker, and the Euclid for software engineers who are pointing their skills at robots but don’t want to get bogged down in first-principles of hardware. Before you rage about this in the comments, let me explain.
Betteridge’s Law of Headlines states, “Any headline that ends in a question mark can be answered by the word no.” This law remains unassailable. However, recent claims have called into question a black box hidden deep inside every Intel chipset produced in the last decade.
Yesterday, on the Semiaccurate blog, [Charlie Demerjian] announced a remote exploit for the Intel Management Engine (ME). This exploit covers every Intel platform with Active Management Technology (AMT) shipped since 2008. This is a small percentage of all systems running Intel chipsets, and even then the remote exploit will only work if AMT is enabled. [Demerjian] also announced the existence of a local exploit.
Intel’s ME and AMT Explained
Beginning in 2005, Intel began including Active Management Technology in Ethernet controllers. This system is effectively a firewall and a tool used for provisioning laptops and desktops in a corporate environment. In 2008, a new coprocessor — the Management Engine — was added. This management engine is a processor connected to every peripheral in a system. The ME has complete access to all of a computer’s memory, network connections, and every peripheral connected to a computer. The ME runs when the computer is hibernating and can intercept TCP/IP traffic. Management Engine can be used to boot a computer over a network, install a new OS, and can disable a PC if it fails to check into a server at some predetermined interval. From a security standpoint, if you own the Management Engine, you own the computer and all data contained within.
The Management Engine and Active Management Technolgy has become a focus of security researchers. The researcher who finds an exploit allowing an attacker access to the ME will become the greatest researcher of the decade. When this exploit is discovered, a billion dollars in Intel stock will evaporate. Fortunately, or unfortunately, depending on how you look at it, the Managment Engine is a closely guarded secret, it’s based on a strange architecture, and the on-chip ROM for the ME is a black box. Nothing short of corporate espionage or looking at the pattern of bits in the silicon will tell you anything. Intel’s Management Engine and Active Management Technolgy is secure through obscurity, yes, but so far it’s been secure for a decade while being a target for the best researchers on the planet.
Semiaccurate’s Claim
In yesterday’s blog post, [Demerjian] reported the existence of two exploits. The first is a remotely exploitable security hole in the ME firmware. This exploit affects every Intel chipset made in the last ten years with Active Management Technology on board and enabled. It is important to note this remote exploit only affects a small percentage of total systems.
The second exploit reported by the Semiaccurate blog is a local exploit that does not require AMT to be active but does require Intel’s Local Manageability Service (LMS) to be running. This is simply another way that physical access equals root access. From the few details [Demerjian] shared, the local exploit affects a decade’s worth of Intel chipsets, but not remotely. This is simply another evil maid scenario.
Should You Worry?
This hacker is unable to exploit Intel’s ME, even though he’s using a three-hole balaclava.
The biggest network security threat today is a remote code execution exploit for Intel’s Management Engine. Every computer with an Intel chipset produced in the last decade would be vulnerable to this exploit, and RCE would give an attacker full control over every aspect of a system. If you want a metaphor, we are dinosaurs and an Intel ME exploit is an asteroid hurtling towards the Yucatán peninsula.
However, [Demerjian] gives no details of the exploit (rightly so), and Intel has released an advisory stating, “This vulnerability does not exist on Intel-based consumer PCs.” According to Intel, this exploit will only affect Intel systems that ship with AMT, and have AMT enabled. The local exploit only works if a system is running Intel’s LMS.
This exploit — no matter what it may be, as there is no proof of concept yet — only works if you’re using Intel’s Management Engine and Active Management Technology as intended. That is, if an IT guru can reinstall Windows on your laptop remotely, this exploit applies to you. If you’ve never heard of this capability, you’re probably fine.
Still, with an exploit of such magnitude, it’s wise to check for patches for your system. If your system does not have Active Management Technology, you’re fine. If your system does have AMT, but you’ve never turned it on, you’re fine. If you’re not running LMT, you’re fine. Intel’s ME can be neutralized if you’re using a sufficiently old chipset. This isn’t the end of the world, but it does give security experts panning Intel’s technology for the last few years the opportunity to say, ‘told ‘ya so’.