For all you paranoids: these slides on GitHub are for a presentation detailing techniques for disabling ME / AMT:
2 Likes
and itâs a different network connector. donât want it? donât plug in a cable.
if I understood the article correctly it sounds as if Intelâs system can piggyback on the normal NIC* managed by the running OS and users have no chance to decide if they want to use the remote management access.
* though Iâm unsure how this should work (âsorry OS, you cannot open a socket on port 1234. this one is already in use by me, the mighty MEâ)
1 Like
Many forums have rather silly rules about what sort of links you can post.
2 Likes
fixed : )
1 Like
The reason why these problems surfaced was because the projects in question were brutally understaffed and under-financed. Fortunately, now companies finally got a wakeup call (kind of sad that we need security problems of this magnitude to make people care about security) and are finally pumping money and time into these projects.
2 Likes
A good resource, thanks for the link. Itâs worth noting, though, that (unless I really screwed up in reading it) the moral of the story is âhere are a few ways of disabling it without its consent; which all brick the host system; here are the ways to ask it nicely to stop running and hope it responds.â Certainly detail on how it works than one would otherwise have; but this isnât light outpatient surgery.
2 Likes
It certainly appears so. Iâd heard that they were looking to use âTrustzoneâ stuff; but honestly I havenât dealt with many recent AMD systems. My personal one is a little too old to make the cut; and theyâŚdonât exactly have a commanding presenceâŚin business/enterprise desktops these days. Looks like the implementation is totally different; but the effect is largely the same.
1 Like
Iâve not had the chance to observe collisions in practice; but yes, the AMT system piggibacks on the hosts NICs(Intel ethernet/wifi required for full functions). By default, either port 16992 or 16993 will have a little http server running on them, courtesy of the AMT chip; and I think that the AMT system can poke at other traffic under certain conditions(I apologize for the vagueness; but âAMTâ is versions 1.0-9.0, all with different capabilities, is sold with some features enabled or disabled for product differentiation purposes; and works differently on wired NICs vs. roaming wireless devices, so itâs difficult to make absolute statements about âwhat AMT doesâ Thereâs additional variation because AMT is capable of functioning without a host OS, even with dealbreakers like âno RAM installedâ; but with suitable drivers can also cooperate in various ways with supported host OSes).
It definitely doesnât involve a physically distinct management NIC, however.
3 Likes
thanks, the more you know : )
donât like. donât want. lights-out management is important and has real purposes, but itâs up to the customer to decide how and when to use it - not some always-on system rooted deep in the hardware.
2 Likes
Yeah I read a bit more and as I stated, for workstations that generally sit about on site behind firewalls this is iffy⌠but for laptops that get used on public networks, nope nope nope nope.
ETA Having worked in a huuuuugue enterprise environment I kinda get what they want to do but conversely for security this is not a good thing on a laptop/workstation.
1 Like
I disagree. Open source code is half the battle in finding these security flaws⌠the other half being coders learning how to write secure code.
Heartbleed was a menace. And a theoretically exploitable flaw. But practically?
Tell me⌠had any luck fixing Microsoftâs security flaws they refuse to acknowledge? No. Because no one has ever. We depend on them to fix them⌠and that only started happening because security researchers started announcing the flaws after big companies didnât do shit.
Not so with open source. If the original coders wonât fix it, go ahead and do it yourself.
5 Likes
I understand the NSAâs need for backdoors to grow the governmentâs stock portfolio (easier than raising taxes), but since when is an on-chip ROM secure? Watch two guys de-cap a chip and reverse engineer a masked ROM here: https://www.youtube.com/watch?v=7Q82FkthDx8
1 Like
Is closed-source software better?
Not many people are saying that open-source is proof against all security problems. But it doesnât take much to beat e.g. Microsoftâs record on security.
2 Likes
Thatâs because Microsoft came from a lets share everything very naive approach to the early versions of windows and paid for it for years.
Starting with w2k3/vista (and my headaches with vista were not security related) which was a major kernel rewrite and forward they are a lot better.
As far as things go before then when I was the local security guy back in the NT4 days, I got just as many alerts for linux security patches as I got for Microsoft at least for the server side. So honestly I donât know which is better.
I think M$ gets the bad rap for being on so so so many desktops that never got patched and users that just installed shit without thinking.
1 Like
âMEâ is obviously an abbreviation for âMalicious Entityâ.
2 Likes
Or - the complete opposite might be more probable. People who need to be bribed into doing a job were never as interested as those who were doing it anyway.
1 Like
I suspect that this kind of supervisory processor also includes a secret amnesia component as well, because these have been around for at least ten years, and every time thereâs an article about them, there are âzomgâ responses as if it was always the first time. That might be the most insidious thing about these - nobody ever remembers that they are there!
1 Like
This topic was automatically closed after 5 days. New replies are no longer allowed.
