More than 20GB of Intel source code and proprietary data
dumped online
By Dan Goodin
Published: 2020-08-06 · Archived: 2026-04-05 21:05:04 UTC
Most of these documents and source code packages apply to Intel CPU platforms, like Kaby Lake or the
upcoming Tiger Lake, although there is a smattering of other documents relating to other products, such as a
sensor package Intel developed for SpaceX.
There is also a folder dedicated to the Intel Management Engine, but its contents, too, aren’t anything Intel
integrators don’t already know. They’re test code and recommendations for when and how often to run those
automated tests while designing systems that include an Intel CPU with the Intel ME.
One of the dump’s newer bits included “Whitley/Cedar Island Platform Message of the Week,” dated May 5.
Cedar Island is the motherboard architecture that lies beneath both Cooper Lake and Ice Lake Xeon CPUs. Some
of those chips were released earlier this year, while some have yet to become generally available. Whitley is the
dual-socket architecture for both Cooper Lake (14nm) and Ice Lake (10nm) Xeons. Cedar Island is for Cooper
Lake only
The contents include plenty of diagrams and graphics like the one below:
Some contents provide a cryptic reference to voltage failures in some Ice Lake samples. It’s not clear if the
failures apply to actual hardware delivered to customers or if they’re happening on reference boards Intel provided
to OEMs for use in designing their own boards.
https://arstechnica.com/information-technology/2020/08/intel-is-investigating-the-leak-of-20gb-of-its-source-code-and-private-data/
Page 1 of 2

How done it?
While Intel said it doesn’t believe the documents were obtained through a network breach, a screenshot of the
conversation Kottmann had with the source provided an alternate explanation. The source said that the documents
were hosted on an unsecured server hosted on Akamai’s content delivery network. The source claimed to have
identified the server using the nmap port-scanning tool and from there, used a python script to guess default
passwords.
Here’s the conversation:
source: They have a server hosted online by Akami CDN that wasn’t properly secure. After an internet
wide nmap scan I found my target port open and went through a list of 370 possible servers based on
details that nmap provided with an NSE script.
source: I used a python script I made to probe different aspects of the server including username
defaults and unsecure file/folder access.
source: The folders were just lying open if you could guess the name of one. Then when you were in the
folder you could go back to root and just click into the other folders that you didn’t know the name of.
deletescape: holy shit that’s incredibly funny
source: Best of all, due to another misconfiguration, I could masqurade as any of their employees or
make my own user.
deletescape: LOL
source: Another funny thing is that on the zip files you may find password protected. Most of them use
the password Intel123 or a lowercase intel123
source: Security at it’s finest.
Kottmann said they didn’t know the source well, but, based on the apparent authenticity of the material, there’s no
reason to doubt the source’s account of how it was obtained.
Source: https://arstechnica.com/information-technology/2020/08/intel-is-investigating-the-leak-of-20gb-of-its-source-code-and-private-data/
https://arstechnica.com/information-technology/2020/08/intel-is-investigating-the-leak-of-20gb-of-its-source-code-and-private-data/
Page 2 of 2