Intel vPro Expert Center Blog

2 Posts tagged with the code tag
Click to view tcduncan's profile
0

Last month's post of the open source packet decoder is just the first of a strong list of tools planned by the team that brings you the Technology Test Utility. The iCSO software engineering team is charted with making utilities and applications available to the public that accelerate and simplify the adoption and activation of Intel vPro technology.

We will be maintaining these tools and look forward to your feedback, suggestions, and participation in making these tools the best they can be for you and the marketplace. Our commitment is to post new versions of each tool at least every other month and of course post earlier if issues are found that render the tool less than useful.

The next tool we will be posting is a Pre-Installation Utility intended to speed the first user experience and automate as much as possible the initial setup of the Intel® AMT(tm) Setup and Configuration (aka SCS) environment in enterprise mode. Coupled with post setup wizards it will enable users to provision devices with minimal effort and time.

We look forward to hearing your feedback on our efforts.

Intel's iCSO Software Engineering Team

0 Comments 0 References Permalink Tags: amt, centrino_pro, client_management, developer, intel, pro, scs, tool, tools, vpro, source, open_source, code
Click to view Ylian Saint-Hilaire's profile
0

I am been taking a two day class on C/C++ secure coding, a required class for every coder within my group at Intel. First, I am so thankful I mostly don’t code in C/C++ because as I learned in the class, it’s quite challenging to write secure code that is not susceptible to stack overflow attacks or any number of other attacks. My co-worker Sandeep who works on Intel AMT Switchbox and Guardpost, both entirely built in C/C++ is going to have a challenge.

This said, C# is not immune to security issues and there is an ongoing debate whether the Intel AMT DTK C# and C/C++ tools should complete a security review. One argument is that as long at Intel AMT is secure and does not expose vulnerabilities, any Intel AMT tool is also safe and does not need to be reviewed. On the other hand, many people use the DTK source code for other projects and which we make no claims of security; it’s probably not a bad idea to check.

Right now, the DTK is not being checked for any security issues, but there are so design considerations that can, at a high level, help with security. One of them is to minimize or remove completely any listening sockets. In Intel AMT Commander there is one listening for SNMP traps, in Intel AMT Terminal there is also a socket used to connect debug terminals to pass serial-over-LAN information thru for debugging. On the agent side, Intel AMT Outpost have no incoming sockets, its powerful serial agent is connected to the serial-over-LAN COM port and so, relies on Intel AMT authentication.

I would like to invite the community to comment or post me directly any security issues you find with the DTK. I will certainly try my best to fix all of the issues.

Ylian (Intel AMT Blog)

0 Comments Permalink Tags: code, security, review, commander, outpost, dtk, amt