Does AMD also implement this nonsense?
Sigh. When are we going to stop seeing this canard bandied about? Yes, I know, itâs an article of some peopleâs religious faith, but that doesnât make it true. Heartbleed, shellshock, freak⌠The list of security flaws in open source software that went unnoticed for years, even decades, is long and getting longer.
Open source is no better than closed source at fixing security flaws. Arguably it is worse, to the extent that OSS is coded by volunteers, so there is nobody whose paycheck depends on finding and fixing flaws.
Millions of eyes have no effect on the depth of bugs because finding security flaws is hard, un-fun work, and nearly all those eyes are volunteers doing things they enjoy⌠Which does not include auditing code for security holes. Only security researchers and hackers do that kind of thing for fun, and there arenât enough of them to audit all the code that needs auditing.
Security through obscurity is stupid, and Intel should know better. But creating a FOSS alternative will not help. It will, rather, hurt, because then there will be two bundles of software (intels and the OS alternative) that need to be checked for security holes by the too small community of security researchers, instead of one.
Not with the same enthusiasm as Intel: Server motherboards, pretty much regardless of vendor, will have an IPMI-or-more implementation ofâŚwidely varyingâŚquaility; but âIntel AMTâ is widespread across desktops and laptops(itâs mostly a âbusinessâ feature, so itâs often gimped or disabled in consumer gear; but that still means that the capability is widely present in non-server chipsets.)
This isnât so much a matter of virtue on AMDâs part; but of tardiness: theyâve thrown in their lot with technology based on the âTrustZoneâ stuff traditionally found in ARM cores; and are making a go of rolling out some similar capabilities. They just donât have much leverage in the business-boxes market.
Speaking from my limited experience with Intel AMT(we donât use it at work; but some of the hardware we have is capable of it so weâve tested it), one can see why it would be an attractive IT management feature; but one can also see why it would make people nervous.
The capabilities depend both on firmware and on hardware(minor version bumps are usually doable with firmware; major version bumps occur when a new chipset is rolled out, wikipedia has a roundup of the versions).
At least with reasonably new AMT, the capabilities are quite sophisticated. The ARC(or, amusingly enough, SPARC in newer versions; who would have thought that Intel is probably one of the worldâs leading SPARC vendors, by volume?) core remains active at all times when power is available(so all the time for desktops, most of the time for laptops) and has its own IP stack, so you can talk to it even if the main computer is powered off, has no OS, or even has all the RAM pulled. The AMT device can also(sometimes this requires cooperation with the guest OS, exactly when it does and doesnât gets really tedious really quickly) establish VPN links back to HQ even if the device is on an external network.
One particularly impressive(if, equally, disconcerting) capability is the ability to act as an IP KVM: so long as the host computer is using intel graphics, you can connect through AMT and view the screen(including POST and boot stuff, prior to the OS loading) and use a virtual keyboard and mouse for remote control, as well as mounting ISOs over the network. Itâs based on a slightly oddball implementation of VNC; but itâs a version of VNC that is baked into the hardware and works regardless of the state of the host OS.
The capabilities are pretty cute; but, as always, âpretty useful for the IT guysâ and âzOMG rootkit from hell!â is less a technical difference than a difference in ownership and motive.
So this gives anything running this a remote lights out connection like all the HP servers have? Well provided the device has power and network.
While I really enjoy this for servers (that are already behind firewalls and such, you arenât putting your prod servers directly on the net are you?) cause I donât have to do things like fly to Australia just to load the OS. This gives me concerns about workstations and laptops as an attack vector.
this is most likely not the case anymore for the big projects, e.g. the majority of Linux kernel devolopers are employed or sponsored by software companies or similar organisations and do this as a day job
Which, if weâre all living in a simulation, could be a very Bad Thing.
There is another theory which states that this has already happened. â Douglas Adams
I am actually far more interested in what Qualcomm and Huawei are doing with ARM. Although phones, tablets and Chromebooks have their own problems, for the moment they are running less legacy code with fewer services on simpler systems. I have doubts as to whether it is realistically possible to secure any modern desktop.
What I would really like to see is Android Minimal Attack Vector - limited services, no bloat by default and a very limited app store (banking, payment, messaging.)
Isnât AMD Platform Security Processor also present on most modern AMD consumer / enthusiast CPUs and pretty much equivalent to Intel ME in capability?
P.S.:
https://libreboot.org/faq/#amd
I think itâs a good place to plug Purism companyâs petition to Intel for release of ME-less CPUs
Hope Iâm not violating any rules by linking it
https://puri.sm/posts/petition-for-intel-to-release-an-me-less-cpu-design/
I donât see why this would fall afoul of any spam rules.
Youâre promoting a petition, not a product or a company, and the petition is directly opposing the behaviour that this article is critical of.
In short: youâre not gaining anything by it, so I donât see what the problem would be.
Jeez how hard is it to disable this? Cause I know where I work for another week anyway would do anything and everything possible to disable this in laptops. When I hear about security practices elsewhere I just boggle but then I work where just having admin access to servers hosting PII data means quarterly workstation audits, quarterly conformation of IS THIS THE DEVICE YOU USE and background checks every two years even though you do not have actual access to the data. So yeah I would expect enterprise environments to disable this or request the vendor to remove it.
ETA I see that HPs iLO is IPMI with extra doodads. Again on a server in a secure environment this is a really cool thing doubly so in today headless blade server world. I get woken up at 2am cause server is offline I can start my vpn and pull up a console and see ooh stuck on post cause a power supply is hosed. Lets bypass that and get a ticket out to the vendor. I donât have to get dressed and waste up to an hour getting on site to check, though the data center is manned 24x7 so physical check can happen if needed.
Also this can be disabled in BIOS if you donât want remote access this way.
That is literally apples and oranges.
âOpen Sourceâ and âvolunteersâ have no fundamental connection between them.
Or are you telling us that projects like NodeJS or Microsoftâs .NET are being maintained by volunteers?
I was under the impression that the ME is part of the chipset on the motherboard, not the CPU?
That said, I canât think of any recent motherboards for Intel CPUs that havenât used an Intel chipset.
For servers it most certainly will be. Cause you are going to have multiple daughter boards with possible 2 CPUS per daughter board which would be a major PITA to manage.
I canât see them doing it otherwise for a PC either.
The holographic universe suggests that the simulation might use holographic memory, but then String Theory with its curled up dimensions suggests a multidimensional hard drive. Fine till thereâs a head crash and your sun disappears.
Itâs conceptually pretty much the same; with some differences because itâs designed for devices that donât have a dedicated management NIC and which may roam around(hence various features for piggibacking on the hostâs NIC/wifi and being able to VPN back to the mothership); and because Intel didnât do a total NIH job; but built AMT largely as they wanted it to be; not with the intention of being compliant with any particular standard or industry consensus(with the server stuff, your mileage can vary considerably but it is nominally standard in a many aspects).
It is definitely the case, though, that the AMT agent can quite plausibly show up on an open network(especially when built into laptops, which it is); so the security of the system cannot rely on a trusted management network or VLAN. There arenât any (known) horror stories, which suggests that AMT is more competent than some vendorâs LOM firmware; but itâs not a terribly well known little subsystem; and if it were to be exploited it would be magnificently powerful, so it makes people a little nervous.
Ok, so does this mean that P â NP due to resource constraints of the host machine?
I like your thinking.
The observable universe canât be a complete Turing machine* because the number of particles isnât infinite, so the infinite tape isnât possible.
*Yes, I do mean âcomplete Turing machineâ, not âTuring-completeâ.