Submitted via IRC for TheMightyBuzzard
Since 2008, most of Intel's chipsets have contained a tiny homunculus computer called the "Management Engine" (ME). The ME is a largely undocumented master controller for your CPU: it works with system firmware during boot and has direct access to system memory, the screen, keyboard, and network. All of the code inside the ME is secret, signed, and tightly controlled by Intel. Last week, vulnerabilities in the Active Management (AMT) module in some Management Engines have caused lots of machines with Intel CPUs to be disastrously vulnerable to remote and local attackers. While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one.
[...] EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.
It's a crying shame the what the EFF says doesn't hold a whole lot of weight.
Source: The Electronic Frontier Foundation
(Score: 0) by Anonymous Coward on Monday May 15 2017, @08:22PM
High level overview flowcharts from maybe a year ago?
The PSP was prominently shown alongside the cpu cores connected to the in-chip interconnect alongside the cache, memory controller and pci bus controllers.
Go look for one of those old flowcharts and you should find it.
Having said that, yes there has been a pretty MUM attitude towards it and the only real 'official' proof that it was in AM4 is the Reddit AMA where that discussion with an engineer about how many people would buy it if the PSP was unlocked/disabled/could run unsigned firmware. Obviously met to a diplomatic rejection while claiming they would consider it.