Intel Management Engine (ME) explained | disabling the potential backdoor

Pantherina@feddit.de · 9 months ago

Intel Management Engine (ME) explained | disabling the potential backdoor

TexMexBazooka@lemm.ee · 9 months ago

I have mixed feelings on ME tbh. It shouldn’t be in consumer grade hardware at all, but it definitely has applications in enterprise environments as far as device management goes. Having an out of band solution that runs independently of a given OS on your devices is handy.

Kinda like iDRAC for Dell servers

RandoCalrandian@kbin.social · 9 months ago

But without someone forcing that, for consumer hardware they will just “disable” (read: not mention) the ME, because there are entities (the ones that should be enforcing secure consumer hardware) that very much enjoy the ME being there for them to take advantage of on consumer hardware.

PipedLinkBot@feddit.rocks · 9 months ago

Here is an alternative Piped link(s):

https://piped.video/watch?v=LzWy49LeI3U

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I’m open-source; check me out at GitHub.

vosagoy@futurology.today · edit-2 9 months ago

Removed by mod

vosagoy@futurology.today · edit-2 9 months ago

Removed by mod

Rustmilian@lemmy.world · edit-2 9 months ago

…antisemitism… chud

Brain rot grows strong within this one.

ReakDuck@lemmy.ml · 9 months ago

How do you know?

Snot Flickerman@lemmy.blahaj.zone · edit-2 9 months ago

https://puri.sm/posts/reverse-engineering-the-intel-management-engine-romp-module/

Because parts of it have already been reverse engineered, we know it runs a modified version of Minix, and I would think that if a backdoor had been found during the reverse engineering process, that it would have been huge fucking computer security news.

It’s only a backdoor in the sense that Intel was practicing security through obscurity instead of real security. There is proof an attacker could abuse the IME, but there is not proof it’s an intended backdoor for use by Intel in spying on their customers.

EDIT: Further, as an all-AMD user, I almost never see this same scrutiny applied to the AMD Platform Security Processor. We know far less about it, and it deserves the same level of scrutiny, honestly.

Treczoks@kbin.social · 9 months ago

that it would have been huge fucking computer security news.

Nope. If someone found such a backdoor, it is more likely he/she sold it to the three letter agencies, who love hoarding vulnerabilities like that.

ReakDuck@lemmy.ml · 9 months ago

Damn, thanks.

I was afraid for a second if my decision was bad for the server to use Intel with ME instead of a very specific hardware with coreboot.

I think this would cost me 1000€ instead of 120€ just for being paranoid.

Pantherina@feddit.de · 9 months ago

I agree the word “backdoor” is used too often

vosagoy@futurology.today · edit-2 9 months ago

Removed by mod

davel [he/him]@lemmy.ml · edit-2 9 months ago

Brand new Lemmy user account, what exactly are you trying to get at with these vague semitic allusions? What does @Pantherina@feddit.de’s post have to do with antisemitism? Why are you calling @SnotFlickerman@lemmy.blahaj.zone “goy”? Do you know them personally and so know they are not Jewish?

haui@lemmy.giftedmc.com · 9 months ago

Probably an anti something false flag troll.