Shame they don’t allow it to be disabled. At least if you use a different NIC then the one managed by the chipset you can get around it.
1 Like
They do allow it to be disabled, it’s very easy to do. It’s disabled by default.
2 Likes
Really? I have yet to see an option in BIOS and the point of the vulnerabilities that came out is the fact it is listening by default.
No, you have to specifically enable it, it is not listening by default.
There are BIOS settings:
You also need to enable OS level services for this exploit to work.
See here for more details: https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/
3 Likes
But that doesn’t actually disable it and the advice is to leave it enabled and disable it using the os level tools.
It’s really hard to say if it is truly not listening since the code can’t be audited.
To even find out how the protocol works you have to sign an NDA so any audits are either from intel or people attempting to reverse engineer it.
https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/563988
Here are the insane lengths people are going to in an attempt to rid their computers of this:
It really is a hardware rootkit running at ring -3 and that’s great if you need to manage a ton of computers but scary if you want to be a bit more sure your computer is actually yours.
5 Likes
It does disable it, if by ‘it’ you mean the AMT services. It doesn’t disable the IME chip, as in turn it off, remove power from it, but so what? you don’t need to do that, it’s not doing anything just sitting there (the reason it doesn’t just switch the hardware off is that it provides other functionality aside from AMT).
It’s very easy to find out, you send a message to it and see if it responds.
Here are the insane lengths people are going to in an attempt to rid their computers of this:
Yes, there are insane people in the world.
Most other parts of the Intel chipset are also proprietary closed tech, the circuit designs and firmware and driver software are also not open to public audit and are under NDAs, and nor should they be open to public audit. They could just as easily put hidden evils anywhere else they wanted, in the drivers, in the CPU, in the memory controller, in the PCI bus, there’s no reason to get any more paranoid about AMT than any other part of system (the only benefit of putting it in the IME would be that it would be simpler).
The same of course also applies to all closed source operating systems as well, which could easily have backdoors up the wazoo if the companies wanted to put them there (or were forced to by the government).
4 Likes
Can we talk about the Apppiancification of Computing?
In the beginng there was UEFI. Then AMT. And now Windows 10 S(hit). Its pretty clear that Microsoft and Intel are hellbent on removing the ability of consumers to pwn their own boxes. The Sony Rootkit was only ahead of its time.
2 Likes
We have never truly owned our boxes, even back when they had to be assembled from kits. Things were just a lot simpler back then, there are very good reasons for all the things people complain about these days, the complexity of modern computing creates lots of problems that need to be solved, we could go back to a simpler way of doing things, but that means abandoning most of the advances that have come along as well. The only computing system you could possibly be in complete control of would be one built entirely of FPGAs (and maybe things like that will be around in the future), but even then we’d be limited in what we could do with such a thing as long as we needed to interact with services which we don’t control.
What’s wrong with UEFI? BIOS was way passed it’s sell by date.
Nothing wrong with Windows 10 S either, it’s just there to be a lower cost alternative to Chromebooks, you’re not even locked into it like you are with one of them, the upgrade to Windows 10 Professional is even free to begin with, and will be around $50 after that IIRC.
3 Likes
The intent of UEFI was to prevent users from installing or even running a liveCD of Linux. It was never designed with protecting users in mind.
The Windows 10 feature removal creep is real. The next SKU will be ad-supported, side loads blocking, OneDrive-only crap.
3 Likes
the comments and discussion here are at least several orders of magnitude more informed then the original piece, imho. 
No it wasn’t. The intent of UEFI was create a modern hardware/software interface to easily work with modern CPU and chipset architectures and other modern devices, BIOS was designed for 16 bit architectures, and was full of hacks to keep it working with modern tech. A ground up redesign was long overdue.
No it won’t, and there have been no features removed from Windows.
4 Likes
Except, you know:
- the ability to schedule updates (without Enterprise)
- the ability to select and remove specific updates
- the ability to defer updates
- the ability to run Win32 applications (Win 10s)
- The ability to set default programs (Win 10s)
- the Ability to remove and bloc pre-installed apps (without Enterprise)
- the Ability to buy a full fledged Windows without being a large company
Even Windows Vista Starter was less crippled and less of an ad-whore.
1 Like
Can still be done, but requires futzing around with the scheduler manually. My main PC (still running the Anniversary build) doesn’t do any automatic updates at all.
- the ability to select and remove specific updates
Huh? This can be done right in the Settings app, and from the command line as well.
- the ability to defer updates
This one was actually removed in the Anniversary Update (IIRC), but added back in in the Creators Update, and even more flexible in Redstone 3.
- the ability to run Win32 applications (Win 10s)
- The ability to set default programs (Win 10s)
Not removed from Windows 10, if you want this feature, run Windows 10, nobody will stop you. Again, nobody will be locked into 10 S, just upgrade if you need the extras. Want to save a few quid, you don’t have to.
- the Ability to remove and bloc pre-installed apps (without Enterprise)
also not true, it’s pretty straightforward to do with a few powershell commands (might need to tweak a few registry settings to clean up some crud depending on the app you want to remove). You can also still create your own custom install images, and you don’t need Enterprise for that either (though there are Enterprise tools that make this easier).
- the Ability to buy a full fledged Windows without being a large company
The only features in Enterprise, the only thing that requires a VLA or similar, are things you need for enterprise management. And actually, you don’t even require a complex licensing agreement, an MSDN subscription would also get you it, I’m not a large company and I have one of them (never had the need to install Enterprise myself though). None of those features were ever in the main SKUs anyway, so it’s not relevant.
Even Windows Vista Starter was less crippled and less of an ad-whore.
The ads are also very simple to disable. I don’t see a single one.
If anything Windows is becoming more and more manageable, and far less of a black box with each release. Microsoft in general are far more involved in open sourcing their core languages and frameworks as well, and their work on adding the Linux subsystem in the latest release is a great boon for interoperability with other OSes and promoting open source software development in general, they even joined the Linux Foundation at the end of last year.
3 Likes
Nopsled?
Windows dev here. This is completely true.
Win10 S is just them trying to maintain market share with a cheaper offering. I look forward to manually enabling the features they sliced out.
5 Likes
I forgot to point out that Windows 10 S can also still run Win32 applications, they just need to be packaged to be installed from the Windows Store. You could also probably manually download an app that wasn’t packaged for the store, package it yourself and sideload it from powershell (I think, not looked into this, but don’t see any reason why this wouldn’t work).
2 Likes
Don Quixote saw giants in windmills. Cory sees DRM in proprietary chip designs. It’s called an idée fixe.
1 Like
I bet it’s a Windows shell thing that prevents Win32 apps from running. (maybe)
Microsoft has a history of implementing things in the shell rather than deeper in the OS, and so calls to CreateProcess() let you run things that are supposedly disallowed.
And to that effect, Powershell script would be the way to go since it is a script that you can P/Invoke CreateProcess().
If the Win10 S boxes are cheap enough I am gonna get one and tinker with exactly this.
2 Likes
Actually I think that’s all it is, I thought it might have been a deeper change in CreateProcess before, so you would only be able to run an app by calling the UWP api, but it just seems to use the SmartScreen filter (which is part of the shell), so yes, you can just run powershell and execute any old .exe from there (and what I said before about having to manually create a package and sideload it was overkill, that would only be required if they had changed CreateProcess).
A segue into this?
Close that General Purpose hole!
1 Like
