Just a fancy ad for a brand, with words around it
Disabling Intel’s backdoors on modern laptops
Submitted 1 year ago by muaveri@lemmy.world to technology@lemmy.world
https://hackaday.com/2023/04/12/disabling-intels-backdoors-on-modern-laptops
Comments
sramder@lemmy.world 1 year ago
Since that “article” wasn’t a quick search turned up this python script. I haven’t tried it yet, but it seems almost risk free… and if nothing else a decent way to test my motherboards bios recovery routine.
afa@sh.itjust.works 1 year ago
That just modifies an image, you still need to flash it using something like UEFITool to do the rest, and a good guide to follow.
Wander@yiffit.net 1 year ago
Can someone explain what the Intel ME actually does / is? Thank you.
takeda@kbin.social 1 year ago
Intel Management Engine is a component that has access to your computer on a level that even you, the computer owner, don't have access to. It can be operated remotely, even when your computer is off.
And traditionally you can't even disable it (remember, you're not the trusted party in that mix).
otter@lemmy.ca 1 year ago
My understanding is that it’s meant to be an enterprise tool for Sys admins of business and schools to allow for remote monitoring and troubleshooting, but because it’s expensive to make two sets of devices, it’s in everything.
Relevant bits from that wiki:
The Intel Management Engine always runs as long as the motherboard is receiving power, even when the computer is turned off.
Intel’s main competitor AMD has incorporated the equivalent AMD Secure Technology (formally called Platform Security Processor) in virtually all of its post-2013 CPUs.
.
Critics like the Electronic Frontier Foundation (EFF), Libreboot developers, and security expert Damien Zammit accused the ME of being a backdoor and a privacy concern. Zammit stresses that the ME has full access to memory (without the owner-controlled CPU cores having any knowledge), and has full access to the TCP/IP stack and can send and receive network packets independently of the operating system, thus bypassing its firewall. In the context of criticism of the Intel ME and AMD Secure Technology it has been pointed out that the National Security Agency (NSA) budget request for 2013 contained a Sigint Enabling Project with the goal to “Insert vulnerabilities into commercial encryption systems, IT systems, …” and it has been conjectured that Intel ME and AMD Secure Technology might be part of that program
Draconic_NEO@lemmy.world 1 year ago
IntelME is an embedded Microcontroller in the Intel Chipset (in the south-bridge chip) which depending on variations in generation, has a multitude of different features such as Active Management Technology used in IT department, clock controls and a few more things.
Because it is closed source there are security concerns about possible vulnerabilities in it which could possibly be exploited, as well as several conspiracy theories about it. Due to that hobbyists as well as certain OEMs have found out ways to disable it in attempt to mitigate these issues.
For more detailed information on it I would highly recommend this video by CCC on the subject, it covers what IntelME does and how it was able to be disabled.
[34C3 - Intel ME: Myths and reality (Youtube)}(yewtu.be/watch?v=wsmHmYxyoxg)
corsicanguppy@lemmy.ca 1 year ago
AMT is a great way to get a passworded VNC session into the terminal.
Amilo159@lemmy.world 1 year ago
As a tech enthusiast and it support personnel i can tell you this: no one knows, possibly not even Intel.
BarbecueCowboy@kbin.social 1 year ago
I asked our Intel guy about it once. After you've dealt with vendors and sales engineers for long enough, you start to learn to detect when they have no clue how one of their offerings work. I'm not sure that I've ever heard so many non-specific comments, meaningless buzzwords, and attempts to redirect the conversation.
I didn't get it even a little bit until I found an open source project based on Intel AMT, and that's apparently just a piece of ME.
Brkdncr@kbin.social 1 year ago
It’s used for out of band management. With the correct hardware items (nic and gpu) it’s called vPro. With the proper certificate and supporting infrastructure it can auto-enroll into a management service such as SCCM. It allows companies to remotely view logs, bios settings and other items. With vPro it can include a complete remote KVM solution.
You can disable it from most UEFI settings interfaces without worry of causing other issues.
flying_monkies@kbin.social 1 year ago
It's a microcontroller that runs within Intel based systems allowing full control access at the processor level. It runs outside of your processor and any time the system is plugged in or is on battery. It doesn't require the main processor up for it to be accessible. More info on it on [wikipedia]https://en.wikipedia.org/wiki/Intel_Management_Engine).
AMD's equivalent is called AMD Secure Technology.
jet@hackertalks.com 1 year ago
The article really doesn’t call out explicitly: The management engine never stops running, turning it off is nearly impossible, and if you do succeed the computer resets in 30 seconds. So this untrusted entity is constantly looking at everything happening, and the best we can do is load some dummy configuration so it doesn’t do anything, or perhaps it doesn’t do anything, because we don’t know.
Having an architecture without the big brother chip sitting on the bus would be a huge huge bonus.