Intel embeds Management Engine into all of its computers since 2008. Intel Management Engine has been criticized for its security risks and has been called a backdoor with rootkit possibilities by many security experts and researchers.
This is Intel Management Engine. A subsystem microprocessor that’s operating inside every Intel CPU platform made from 2008 onward.
Despite its name and some basic functions, we don’t know anything about what Intel Management really does.
What we do know is that this microcontroller works completely independently from the main CPU. It can’t be manually removed or disabled. Even if the main computer is powered off, as long as it is plugged in to the mains or the battery, IME will continue to run.
Intel Management Engine is a computer within a computer. It is running it’s own operating system, called Minix, and is installed by default on every modern computer with an Intel CPU. This probably makes Minix the most widely used operating system in the world. But unlike Windows, Mac OS or Linux, Minix is completely outside of user control. It cannot be scanned by an antivirus or malware detection software. It can bypass any firewall configuration and has a dedicated network connection that can circumvent the main CPU and the main operating system.
Sources and further reading
Intel Management Engine security problems
Purism's approach to Intel ME https://puri.sm/learn/intel-me/
Music by CO.AG Music https://www.youtube.com/channel/UCcavSftXHgxLBWwLDm_bNvA
The footage and images featured in the video were for critical analysis, commentary and parody, which are protected under the Fair Use laws of the United States Copyright act of 1976.
the value of older computers may increase. lightweight OSs for an older PC: antiX base runs really well and I think a netinstall of Debian that is customized would, too. We the people need to stop doing business with those who mistreat us. To heck with the latest and greatest - give me freedom instead.
I hope that one day libreboot will be accessible to a normal human
Mental Outlaw did a video about it. looks difficult!
Looking forward to more RISC-V chips in the market to compete with Intel.
As far as I understand, AMD has an equivalent technology, called PSP.
The difference is that at least AMD let’s you disable that, by allowing motherboard manufacturers to distribute BIOS binaries without PSP, that the user can download and install… But this is up to the motherboard OEMs 😕
thanks. hadn’t heard that it could be disabled on some.
ain’t capitalism great?!
fascism. use correct terminology. when gov’t works in a partnership with conglomerates, that is called fascism. poop by any other name would stink as badly.
I wonder what will happen as China begins producing more of it’s own chips that can compete with intel/amd? Also, what happens with risc/arm? and hopefully allowing us as end users to have machines without this shit on it
I would not put any trust in China to not have backdoors in their chips. Historically speaking, they’ve done this more than once. Frankly I wouldn’t trust any large company - many companies have also done this historically and there’s an incentive for them to do so, government money and backing.
When did China put backdoors in chips?
and if they did, how will they use it against us? Possible, but so difficult than it is unlikely.
There’s a chip on display at the Spy Museum that is supposedly bugged by China. I think it was targeted and meant for equipment going to a military installation though.
What spy museum?
In Washington DC. It’s run by a nonprofit. Very cool place.
Oh, so you mean that “bugged chip” was provided by the CIA. I gues they made a pinky swear that its really, really from evil China.
You know, revisiting some of these articles I read back in the day makes me wonder whether it was actually propaganda spun up by the US govt (or agents on behalf of it) to sow distrust in the Chinese government. With that being said, however, I wouldn’t trust any government or company with being any more truly secure - there’s too many incentives not to be.
Yeah, still the case. Even if ME is not made for malicious purposes, it is a very bad idea to begin with. It is only useful for enterprise customers and not in a way that would not have been possible before.
Some say that Netflix has a blob in ME :)
Good watch: https://media.ccc.de/v/34c3-8782-intel_me_myths_and_reality