Announcement

Collapse
No announcement yet.

A Workaround To Disable Intel Management Engine 11

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • A Workaround To Disable Intel Management Engine 11

    Phoronix: A Workaround To Disable Intel Management Engine 11

    Many Phoronix readers have written in over the past day being excited over the prospects of being able to disable a newer version of Intel's Management Engine...

    http://www.phoronix.com/scan.php?pag...l-Disable-ME11

  • #2
    Typo:

    Originally posted by phoronix View Post
    Positive Technologies is now reporting on a discovery by one of their researches to be able to dissable Intel Management Engine 11 (Skylake era) after discovering an undocumented mode.
    Last edited by tildearrow; 08-30-2017, 06:23 PM.

    Comment


    • #3
      A few days after the vurn came out I told my boss that all his laptops (about 50) where vurnerable to this hole. I told him about a UEFI update but he didn't give a rats ass.

      Comment


      • #4
        These vulns within ME are very serious and Intel better have a good fix for them, even for those older machines from the likes of Dell, HP, Lenovo et al. If the ME were coded using secure coding practices vulns within the ME code won't be enough to crash or take over a system. Fortunately AMD devices aren't affected but I am sure there's a platform similar to Intel's ME that run on the AMD platform.

        Comment


        • #5
          Intel did issue a fix and the OEMs did release updates. The issue is that no one ever updates their firmware. Ever. My coworker was saying that his company updates the firmware on switches when they go onsite. The FTC even sued D-Link because of this. Image your EDGE DEVICE with a perpetual security hole. It just oozes evil.
          https://www.ftc.gov/news-events/blog...hings-security

          Comment


          • #6
            I think it's time for lawsuits in places where agencies don't make the standards, like EU.

            Comment


            • #7
              The new workaround has been implemented in ME_cleaner's dev branch: https://github.com/corna/me_cleaner/tree/dev

              Comment


              • #8
                It was for the NSA and their High Assurance Platform requirements. Because the NSA was afraid of the ME and its possibilities and weaknesses in computers - well, in their own. Everyone else got the ME backdoor(s) forced down their throats.
                I wish AMD would just open up PSP or at least give us an opportunity to switch it off / run a dummy in it / make a unit without it. Maybe we wouldn't be able to watch Netflix in 4 K then but I gladly relinquish.
                Stop TCPA, stupid software patents and corrupt politicians!

                Comment


                • #9
                  The main question is: how easy will this be for the average user to implement?

                  Comment


                  • #10
                    If the Management Engine was intended as a feature for the customer Intel would provide an easy way for customers to disable it. It's obvious it's all about providing the NSA with a backdoor to everyone's computer.

                    Comment

                    Working...
                    X