Hacker News new | past | comments | ask | show | jobs | submit login

Nice breakdown of how ME works, but nothing new here.

Still, I'm glad I hold on to a ton of older, pre Core i-series Intel machines, AMD machines, and ARM boards. If ME is ever truly compromised at least I have a fallback or three.

Indeed, there was another recent HN thread on this: https://news.ycombinator.com/item?id=11880935

When people realize that it has been "truly compromised" it will be too late. The whole thing is a huge mess from a security stand-point.

Watch out for TrustZone. There are definitely flaws in it too, for example:


Seems like this has already been patched

In fact, I still don't see much of a reason to upgrade quad core Yorkfield Q9xxx servers except for cheap SSD upgrades. An 8 year old desktop still compares favorably to a $700 laptop (except, of course, for electricity).

all intel chipsets since 2006 have had AMT/ME, including yours

Thank you.

You use three different platforms and every have backdoors in it.

Name one that doesn't. Sorry, name a modern, useful hardware platform that is 100% guaranteed not to have a backdoor or vulnerability of some sort.

It's about mitigating threats, because it's impossible to do more than that today. If you don't design and build the hardware yourself from the board and chips on up, it's not guaranteed to be safe. Even then, without being tested by the masses, you're bound to accidentally design a weakness in your system that you won't discover until you've been compromised.

So yes, I'm happy that I have older platforms with known, documented, manageable vulnerabilities to fall back on should ME's mysterious, undocumented vulnerabilities become compromised by a bad actor.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact