Hacker News new | past | comments | ask | show | jobs | submit login

From http://mjg59.dreamwidth.org/48429.html

> What do we not know?

We have zero information about the vulnerability, other than that it allows unauthenticated access to AMT. One big thing that's not clear at the moment is whether this affects all AMT setups, setups that are in Small Business Mode, or setups that are in Enterprise Mode. If the latter, the impact on individual end-users will be basically zero - Enterprise Mode involves a bunch of effort to configure and nobody's doing that for their home systems. If it affects all systems, or just systems in Small Business Mode, things are likely to be worse.

> What should I do?

Make sure AMT is disabled. If it's your own computer, you should then have nothing else to worry about. If you're a Windows admin with untrusted users, you should also disable or uninstall LSM by following these instructions.

And that's a good part of the reasons I'm categorically against any 'rider' computers next to the one that I control. It's hard enough to keep a regular system secure, if you have to factor in ghost computers that are effectively running with a privilege level above your local root then the situation becomes untenable. Intel really should allow for a simple way to turn off all this bull-shit without any way for it to be remotely re-enabled. And without any crippling effects on clock frequency or power management or networking.

Otherwise we don't really own our computers.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact