Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Trouble With Intel's Management Engine (hackaday.com)

Posted by Soulskill on from the probably-not-NOx-emissions dept.

szczys writes: You've used many devices that have Intel's Management Engine built into them, even if you haven't heard of it before. This is the lowest level of security, built directly into the chips. But obscurity is part of its security and part of its weakness. Nobody knows exactly how ME works, yet it includes a wide range of features that would be frightening if exploited. The ME is always listening, able to receive packets even when the device is asleep. And it has the lowest level of access to every part of the computer system.

2 of 106 comments (clear)

  1. Stopped reading after... by CajunArson · · Score: 5, Insightful

    Stopped reading the conspiracy rant after this delicious gem:

    Instead of a proper BIOS that can trace its origins to the first x86 computers, computers today have UEFI and Secure Boot, a measure designed to only allow signed software to run on the device.

    Yeah, so because they finally abandoned BIOS, modern computers are suddenly insecure. With the implication that BIOS was somehow secure. Yeah, bullshit.

    I'm not even saying that the IME is necessarily perfect, but conspiracy-theory drivel doesn't do much for me. That goes double for when it seems to be directed at one vendor and one vendor only while pretending that everybody else out there (AMD [which flat-out embeds an ARM processor in its parts to copy the functionality of IME], anything running ARM, etc.) is all magically secure.

    --
    AntiFA: An abbreviation for Anti First Amendment.
    1. Re:Stopped reading after... by Anonymous Coward · · Score: 5, Funny

      ...with absolutely no visibility by anyone outside of Intel or without strict NDAs...

      Not true. As one who is under strict NDA, I'm pretty sure that Intel doesn't even know how it works or what it does.