Slashdot Mirror

← Back to Stories (view on slashdot.org)

Can Intel's 'Management Engine' Be Repurposed?

Posted by EditorDavid on from the messing-with-Minix dept.

Long-time Slashdot reader iamacat writes: Not a day goes by without a story about another Intel Management Engine vulnerability. What I get is that a lot of consumer PCs can access network and run x86 code on top of UNIX-like OS such as Minix even when powered off.

This sounds pretty useful for tasks such as running an occasional use Plex server. Like I can have a box that draws very little power when idle. But when an incoming connection is detected, it can power itself and the media drive on and serve the requested content.
The original submission ends with an interesting question. "if Intel ME is so insecure, how do I exploit it for practically useful purposes?"

5 of 139 comments (clear)

  1. Repurposed... by Type44Q · · Score: 3, Interesting

    Repurposed... to mine bitcoins!

  2. Repurposed? That's exactly what it is intended for by MobyDisk · · Score: 5, Interesting

    The submission is confusing because the author proposes "repurposing" the ME, but the example is something that it what it is intended for in the first place. Back when it was first introduced, I worked for a company that created a program that would wake a remote computer on demand and run a few sundry tasks: a defrag and a backup. Intel partnered with various software vendors to create demos of what ME could do. And heck, even without ME, most network cards have a wake-on-LAN feature anyway.

    Intel clearly didn't do a good job marketing the feature if nobody thought of how to use it until a vulnerability was found in it.

  3. Re:Unless someone discloses the signing key... by MobyDisk · · Score: 3, Interesting

    since it loses code on poweroff

    Yeah, but then when power is restored, the OS boots, and the application just re-registers itself with AMT again. There's a public API to do it. It doesn't have to be burned into the firmware to work. It just needs to wake the OS when a request is made.

  4. Lights Out Management Engine by Anonymous Coward · · Score: 5, Interesting

    The Intel ME (I think) was a combination Light Out mangement management engine and a VNC server, basically IPMI over IP with a remote console.

    It wasn't that secret as I recall it started with something like the P68 chipset on Intel motherboards and was ubiquitous, the weird path to obscurity was when they tried to monetize and license it..

    The best thing Intel could do today would be to fully document and open it up. People would probably choose to either disable it, or more probably add-on a seperate ethernet card for secure traffic, and reserve the built-in NIC for management activities like on HP servers with its iLO interface.. they also had a "shared" mode stealing interstitial ethernet CDMA intervals to virtualize two seperate Ethernet MAC addresses on the same physical hardware.. duty cycle something like 80/20 but they had the lesson learned to also make it disabled and use (only) a seperate add-on interface connected to different pins on the motherboard, for 100/100 across two different NIC interfaces for practical reasons. Ironically it all started with the Gas and Oil industry, Exxon back in the days when they wanted remote mangement on their servers.. in pre-HP Compaq days.. Intel saw that and wanted some of that business.. so it crept into the base designs later.. without a lot of thought.. which has come home to roost

  5. Not safely by sjames · · Score: 3, Interesting

    For years now, servers have had a Baseboard Management Computer (BMC) that was always on and could control power, press reset, and provide serial console over LAN. Newer ones provide virtual media and built-in KVM capabilities. At first it was an add-on card that cost an extra $50-$100, then it got so cheap it was simply built in. They spoke IPMI and in some cases also provided http and ssh interfaces. Often they have the option of a physically seperate LAN interface so you can put them on a private LAN. Those are really great for remote management.

    Since they had no access to the flash, main memory, or PCI bus, they had little of the nefarious capability of the ME. They couldn't read data off the drive or snoop the keyboard, for example.

    The ME, on the other hand, is loaded with nefarious potential, so much so that exploiting the ME means game over for the main computer. It already has all of the capabilities TFA suggests, it's just that the chintzy bastards are holding out for more money to turn it on. You can have all the bad parts for free though.