A blockbuster Intel flaw, repairing the Nintendo PlayStation, and more news

A Haskell shell rounds out the news. Read on...

Share this using the hashtag #SWE.

Intel has a problem. A remotely (and locally) exploitable flaw in Intel’s AMT system leaves many small business and enterprise computers running a Nehalem-era Intel chip through current ones vulnerable to what is basically a complete takeover attack, potentially even while the machines are turned off.

For more details, check out the Intel security advisory, this Ars Technica piece, and this analysis from security Googler Matthew Garrett. There’s more technical details of the bug in this writeup [pdf warning] from the discoverer. The mitigation for the exploit? Pray for a patch from your OEM, because Intel ain’t releasing one, even though they’re the ones that shipped the vulnerable firmware in the first place. How bad is it? Well, Shodan has close to 9,000 machines listed with AMT exposed directly to the Internet. You do the math.

A better shell through Haskell. Want to make your shell more fun...ctional? FuncShell is a project that provides Haskell-based extensions to parsing shell output in a way that cleverly replaces awk. Check out the project on GitHub.

The Nintendo PlayStation lives! Yes, you read that correctly, there was/is a Nintendo PlayStation. Check out this video that explains how a group of hackers resurrected it and got it playing a homebrew SNES CD-ROM game.

Apple, just build a regular computer already. That’s the takeaway from this Ars Technica piece about Hackintoshes, machines built on commodity hardware that people coerce OS X into running on. Apple has somewhat neglected the “Pro” market since, well, forever, and so folks are taking the problem into their own hands.

How do online communities create loyalty? Take a look at this examination of the question [pdf warning] from a group of Stanford and Cornell researchers. They assess how loyal people are to certain subreddits. Surprising nobody, the most loyal subreddits were ones about sports and sports teams.

One password to rule them all. Unbelievably, there is a site out there that not only doesn’t allow you to change your password, it also unapologetically stores it in plain text. This site? Greyhound.com. I guess the bus company is just hoping that nobody would think a free trip on their buses is worth breaching their horrible authentication system?

The security corner is taking the week off because of the crazy Intel exploit. That’s what you should be paying attention to.

Thanks for reading – as always, if you have feedback, or think there’s something I should cover next time, leave a comment!

Cover photo: You might need a clean suit to take care of the aftermath of Intel's AMT vulnerability. In the photo, a technician prepares to enter the cleanroom at Intel's Santa Clara facility. Bob Sacha / Getty Images