Getting into and hijacking the Management Engine means you can take full control of a box, underneath and out of sight of whatever OS, hypervisor or antivirus is installed. This powerful God-mode technology is barely documented and supposedly locked down to prevent miscreants from hijacking and exploiting the engine to silently spy on users or steal corporate data. Positive says it’s found a way to commandeer the Management Engine, which is bad news for organizations with the technology deployed.For some details, we’ll have to wait, but what’s known now is bad enough: Positive has confirmed that recent revisions of Intel’s Management Engine (IME) feature Joint Test Action Group (JTAG) debugging ports that can be reached over USB. JTAG grants you pretty low-level access to code running on a chip, and thus we can now delve into the firmware driving the Management Engine.With knowledge of the firmware internals, security vulnerabilities can be found and potentially remotely exploited at a later date. Alternatively, an attacker can slip into the USB port and meddle the engine as required right there and then.

Source: Intel’s super-secret Management Engine firmware now glimpsed, fingered via USB • The Register

There’s a wall of lava lamps in the lobby of our San Francisco office. We use it for cryptography. Here are the nitty-gritty technical details.
[…]
In cryptography, the term random means unpredictable. That is, a process for generating random bits is secure if an attacker is unable to predict the next bit with greater than 50% accuracy (in other words, no better than random chance).

We can obtain randomness that is unpredictable using one of two approaches. The first produces true randomness, while the second produces pseudorandomness.
[…]
In short, LavaRand is a system that provides an additional entropy source to our production machines. In the lobby of our San Francisco office, we have a wall of lava lamps (pictured above). A video feed of this wall is used to generate entropy that is made available to our production fleet.

We’re not the first ones to do this. Our LavaRand system was inspired by a similar system first proposed and built by Silicon Graphics and patented in 1996 (the patent has since expired).

The flow of the “lava” in a lava lamp is very unpredictable,6 and so the entropy in those lamps is incredibly high. Even if we conservatively assume that the camera has a resolution of 100×100 pixels (of course it’s actually much higher) and that an attacker can guess the value of any pixel of that image to within one bit of precision (e.g., they know that a particular pixel has a red value of either 123 or 124, but they aren’t sure which it is), then the total amount of entropy produced by the image is 100x100x3 = 30,000 bits (the x3 is because each pixel comprises three values – a red, a green, and a blue channel). This is orders of magnitude more entropy than we need.

Source: LavaRand in Production: The Nitty-Gritty Technical Details

“All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine,” Konovalov said.
Konovalov has found a total of 79 Linux USB-related bugsThe 14 flaws are actually part of a larger list of 79 flaws Konovalov found in Linux kernel USB drivers during the past months. Not all of these 79 vulnerabilities have been reported, let alone patched.
Most are simple DoS (Denial of Service) bugs that freeze or restart the OS, but some allow attackers to elevate privileges and execute malicious code.All bugs Konovalov discovered were found using syzkaller, a tool developed by Google that finds security bugs via a technique known as fuzzing.

Source: Linux Has a USB Driver Security Problem