Daily Shaarli

All links of one day in a single page.

May 2, 2017

Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege
mjg59 | Intel's remote AMT vulnerablity
Remote security exploit in all 2008+ Intel platforms - SemiAccurate

Every Intel platform from Nehalem to Kaby Lake has a remotely exploitable security hole. SemiAccurate has been begging Intel to fix this issue for literally years and it looks like they finally listened.

Update May 1, 2017 # 3:35pm: Intel just confirmed it, but not to SemiAccurate. You can read their advisory here.

The short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME (Management Engine) not CPU firmware. If this isn’t scary enough news, even if your machine doesn’t have SMT, ISM, or SBT provisioned, it is still vulnerable, just not over the network. For the moment. From what SemiAccurate gathers, there is literally no Intel box made in the last 9+ years that isn’t at risk. This is somewhere between nightmarish and apocalyptic.

Facebook’s ad platform will know who you are, what you buy, even offline | Ars Technica

Facebook has officially relaunched the advertising platform Atlas in a new incarnation that will allow marketers to track users in new dimensions, according to a blog post from the company. Atlas will offer the ability to not only synthesize information about where users are seeing ads, but also to see how and whether those ad views play out into a purchase, even if it's offline.

Facebook se vante auprès d’annonceurs d’être capable de détecter les adolescents vulnérables

Facebook a-t-il tenté de séduire des annonceurs en leur expliquant qu’il pouvait, en temps réel, identifier les adolescents se sentant « vulnérables », « inutiles » et « ayant besoin de regagner confiance en eux » ? C’est en tout cas ce qu’affirme dans un article publié lundi 1er mai le journal The Australian, qui a eu accès à un document interne récent de 23 pages destiné à être présenté à une grande banque australienne.

Report: Facebook helped advertisers target teens who feel “worthless” [Updated] | Ars Technica

According to the report, the selling point of this 2017 document is that Facebook's algorithms can determine, and allow advertisers to pinpoint, "moments when young people need a confidence boost." If that phrase isn't clear enough, Facebook's document offers a litany of teen emotional states that the company claims it can estimate based on how teens use the service, including "worthless," "insecure," "defeated," "anxious," "silly," "useless," "stupid," "overwhelmed," "stressed," and "a failure."

The Australian says that the documents also reveal a particular interest in helping advertisers target moments in which young users are interested in "looking good and body confidence” or “working out and losing weight." Another section describes how image-recognition tools are used on both Facebook and Instagram (a wholly owned Facebook subsidiary) to reveal to advertisers "how people visually represent moments such as meal times." And it goes into great detail about how younger Facebook users express themselves: according to Facebook Australia, earlier in the week, teens post more about "anticipatory emotions" and "building confidence," while weekend teen posts contain more "reflective emotions" and "achievement broadcasting."