Hacker News new | past | comments | ask | show | jobs | submit login

Ok, so you're Intel, and your business customers say they'd like to remotely fix their workstations via IPKVM and other stuff so they don't need to dispatch a tech each time someone wedges their laptop.

Someone suggests adding AMT to certain chips then charging to enable it. You say that's evil. Why and what's your suggestion?

With the details released so far, this isn't remotely exploitable unless your company set the feature up. And if Intel didn't provide this feature, you'd get it from the OEM just like Dell's DRAC or HP iLO.

What is evil is not providing a hardware lockout to disable it if you don't want that ME. AMT is only one application running on ME, there are others and the whole thing could be insecure. If you don't need it it is better not to have it.

It's like locally exploitable. And you cannot disable the ME.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact