[PREV - TANNENBAUM_MICROK]    [TOP]

INTEL_ME_NOT_FOR_ME

                                             September 4, 2021

In 2017, Sylvain Leroux wrote:

   "Intel claims that ME is needed to get the best of
   your Intel Chipset. Most useful, it can be used            https://itsfoss.com/fact-intel-minix-case/
   especially in a corporate environment for some
   remote administration and maintenance tasks. But,
   no one outside Intel knows exactly what it CAN
   do. Being close sourced that leads to legitimate
   questions about the capabilities of that system
   and the way it can be used or abused."

   "For example, Intel ME has the potential for
   reading any byte in RAM in search for some keyword
   or to send those data through the NIC. In
   addition, since Intel ME can communicate with the
   operating system—and potentially applications—
   running on the main CPU, we could imagine
   scenarios where Intel ME would be (ab)used by a
   malicious software to bypass OS level security
   policies."



My first thought: is this yet-another-reason to get away
from Intel and use AMD-based computers?

   "But from what I can tell, the AMD Accelerated
   Processing Unit (APU) line of microprocessors have
   a similar feature where they embed an extra
   ARM-based microcontroller, but this time directly
   on the CPU die. Amazingly enough, that technology
   is advertised as 'TrustZone' by AMD. But like for
   its Intel counterpart, no one really know what it
   does. And no one has access to the source to
   analyze the exploit surface it adds to your
   computer."



From Andrew Tannenbaum (the author of Minix):
                                                              https://www.cs.vu.nl/~ast/intel/
    "Companies rarely talk about future products
    without NDAs. I figured it was a new Ethernet
    chip or graphics chip or something like that. If
    I had suspected they might be building a spy
    engine, I certainly wouldn't have cooperated ..."

    "I think creating George Orwell's 1984 is an
    extremely bad idea, even if Orwell was off by about
    30 years. People should have complete control over
    their own computers, not Intel and not the
    government. In the U.S. the Fourth Amendment makes
    it very clear that the government is forbidden from
    searching anyone's property without a search
    warrant. Many other countries have privacy laws
    that are in the same spirit. Putting a possible spy
    in every computer is a terrible development."





    In "Google Working To Remove MINIX-Based ME From Intel Platforms",
    Leon Chan, 2017 wrote:
                                                              https://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html
    "Intel’s ME technology is a hardware-level system
    within Intel CPUs that consists of closed-source
    firmware running on a dedicated
    microprocessor. There isn’t much public knowledge
    of the workings of the ME, especially in its
    current state. It’s not even clear where the
    hardware is physically located anymore. At its
    inception in 2006, the ME was reportedly located
    on the MCH (northbridge), but when that became
    integrated into the CPU beginning with Nehalem,
    ME was moved to the PCH (current-day
    'southbridge')."











--------
[NEXT - CURVED_ARROWS]