
Publicly available information about Intel ME - server_bot
https://www.cs.cmu.edu/~davide/bad_thing.html
======
O1111OOO
I wonder if anyone has given thought to the possible dangers (some of) the
engineers at Intel could be in. Intel has created, from my understanding, the
ultimate backdoor.

This is something that governments worldwide, large criminal organizations and
others would be interested in.

I can't believe I'm even typing something like this! It reads like something
from a bad dystopian film. To even have something like Intel ME considered
would have been mind-blowing enough. To have implemented it... there are no
words.

~~~
TrainedMonkey
Putting on a conspiracy theory hat - ME sounds like something that would be
mandated of Intel in the interest of national security.

~~~
AstralStorm
Funny thing, there is some undocumented suspected DoD mode for high
certification that disables almost all of it, because it is unverified code.

------
forapurpose
The list, which is only 6 links and a small part of the blog post, is only a
tiny, unrepresentative part of the ME research corpus.

The real title of the blog post is "The Bad Thing"; I'm glad that's not the HN
title, but our current one is unrepresentative of the content. Perhaps, "Intel
ME: The Bad Thing".

------
TD-Linux
I have had pretty good luck running me_cleaner on various computers - the main
difficulty is the hardware access to the SPI flash, but once you have that
it's not too difficult, and low risk because you can always flash a backup of
the original back on.

It is a bit unfortunate that all we can do is disable some modules or set the
HAP bit without knowing exactly what has been neutralized, but it's certainly
far better than the extremely limited control Intel provides the user over the
ME.

It will be interesting to see if Intel tries to make this more difficult with
future iterations (it will certainly be even more suspicious if they do).

~~~
nullc
TD-Linux deMEed my new T470p (HAP bit and removed many of the modules), went
without a hitch.

It's no replacement for a system with a trustworthy firmware, but right now
the available choices aren't good.

------
wmf
Misleading information about Intel ME (your ME probably can't access the
network and probably doesn't contain a Web server) filtered through black-and-
white thinking instead of risk analysis.

Also, this topic has been rehashed to death on HN already.

~~~
amluto
> your ME probably can't access the network

Your ME can trivially pwn your OS and can therefore access the network.
Moreover, I'd be shocked if the ME couldn't reflash your full firmware. How?
By subverting early boot or by subverting SMM. This means that an ME code
execution exploit can very likely become persistent. I bet it can also fairly
bypass Boot Guard. Secure Boot doesn't help at all.

The upshot being that it's very likely that a malicious USB stick can
persistently compromise any modern Intel box in a fairly generic way.

This is _bad_.

~~~
ethbro
To turn the tinfoil hat the other way though... until recently it would have
been trivial for a nation-state to intercept and add a hardware implant to a
motherboard.

So on the one hand SecureBoot & ME are terrible, but on the other hand the
pre-existing security regime was also terrible.

The ideal would of course be for Intel to be more open about the ME, but who
knows if that will ever happen.

~~~
AstralStorm
SecureBoot is fine actually as long as you can replace the root keys. (It is
about add trustworthy as TPM hardware and Intel's SINIT blob, which does not
say much.)

