Announcement

Collapse
No announcement yet.

Intel Confirms Vulnerability In Intel AMT/ME

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #31
    Originally posted by L_A_G View Post

    Oh, so we're moving into the tin foil hat and InfoWars territory here? I'd rather stay out of the realm of pure speculation and conspiracy theories myself...
    Hardly. InfoWars is a disinformation site intended to discredit organisations like WikiLeaks which actually reports on issues like surveillance and privacy incursion. Unless you think the agencies like the NSA and the GCHQ only exist in the minds of "tin foil hat conspiracy theorists"?
    • Likes 2

    Comment

    • #32
      Originally posted by M@GOid View Post
      Intel said this do not affect home computers, but what about the Thinkpads Lenovo sells? Mine have this thing, witch I disabled last year as soon as I knew about it being in my T430.
      I think it is off by default though. And requires that you bought the vPro Intel Ethernet option, that cost a little extra for a little extra insecurity.

      Comment

      • #33
        Originally posted by torsionbar28 View Post

        Doubtful. Obama's NSA was targeting domestic consumers. Domestic consumers don't use the business peecee's that have this feature, and foreign entities will be behind many firewalls so the feature isn't exposed. ... As fond as Obama was of spying on us, getting a backdoor into the Windows OS is a lower cost proposition and would give broader results than a business pc firmware exploit.
        Reality check: the NSA spying shit was a Bush-the-Second program. ...not that I like how no effort was made to repeal it.

        Comment

        • #34
          Now would be a REALLY good time for AMD to open up their PSP and collaborate with the OpenBSD and other security-focused developers.

          HINT HINT HINT.

          Or, y'know, they can just join Intel in loosing business to the eoma68 project, OpenPOWER systems, or even the AmigaOne X5000.

          Comment

          • #35
            Originally posted by sarfarazahmad View Post
            Will setting rpi as a firewall/gateway on my wifi network ensure that this doesn't get outside this lan network ?
            Anything supporting decent firewall programs can be used as firewall. The fun part is telling the firewall what to block. You'd need to look up the docs about Intel AMT to know how to block its traffic with your firewall.

            Comment

            • #36
              Originally posted by M@GOid View Post
              Intel said this do not affect home computers, but what about the Thinkpads Lenovo sells? Mine have this thing, witch I disabled last year as soon as I knew about it being in my T430.
              FYI: Thinkpads aren't exactly for home.
              They are businness-class laptops, so it's normal that they have businness-class features like AMT. Same for other businness-class laptops and mobile workstations.

              Comment

              • #37
                Originally posted by starshipeleven View Post
                FYI: Thinkpads aren't exactly for home.
                They are businness-class laptops, so it's normal that they have businness-class features like AMT. Same for other businness-class laptops and mobile workstations.
                The Management Engine is everywhere and not only inside business class hardware. It is running on a level of rights higher than your kernel.

                Comment

                • #38
                  Originally posted by artivision View Post
                  The Management Engine is everywhere and not only inside business class hardware. It is running on a level of rights higher than your kernel.
                  For example, consumer-grade Macs do movie decoding on the ME as a DRM measure and, given that PAVP (Protected Audio/Video Pipeline) is a term I first heard in the context of Windows Vista, I'm assuming Windows does likewise.

                  Comment

                  • #39
                    Originally posted by ssokolow View Post

                    For example, consumer-grade Macs do movie decoding on the ME as a DRM measure and, given that PAVP (Protected Audio/Video Pipeline) is a term I first heard in the context of Windows Vista, I'm assuming Windows does likewise.
                    If you remove ME all internal devices will stop working. No ME no PC.

                    Comment

                    • #40
                      In case you don't know about it, https://github.com/corna/me_cleaner is a tool that allows you to erase as much of the ME's code as possible from your motherboard's firmware flash. It erases the ME's OS and drivers, so pretty much all the security concerns should be neutralised. It only leaves the bare minimum ME code needed to initialise and boot the PC.

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X