Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday June 20 2016, @10:12AM   Printer-friendly
from the One-ring-to-bring-them-all-and-in-the-darkness-bind-them... dept.

From Damien Zammit, we have this fun little tidbit:

Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly un-killable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.

The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an extra general purpose computer running a firmware blob that is sold as a management system for big enterprise deployments.

When you purchase your system with a mainboard and Intel x86 CPU, you are also buying this hardware add-on: an extra computer that controls the main CPU. This extra computer runs completely out-of-band with the main x86 CPU meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend).

On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.

The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.

Yeah, and I'm sure they pinky-swear never to allow the NSA access to any computer via it. I'll be using AMD from now on, slower or not, thanks.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by pTamok on Monday June 20 2016, @11:04AM

    by pTamok (3042) on Monday June 20 2016, @11:04AM (#362819)

    Remote management is great, useful, and cool. When YOU control it.

    If you can't load modified firmware onto the hardware (you are locked out), but somebody else can (anyone with the supplier's signing key, or any other signing key that may or may not be in the hardware), how much control do you actually have?

    Starting Score:    1  point
    Moderation   +4  
       Insightful=4, Total=4
    Extra 'Insightful' Modifier   0  

    Total Score:   5  
  • (Score: 0) by Anonymous Coward on Tuesday June 21 2016, @02:00AM

    by Anonymous Coward on Tuesday June 21 2016, @02:00AM (#363122)

    Who says the end user doesn't control it? You? Some dumb fuck who read shit and is now spreading FUD?

    Some douche read well known, public info on wikipedia, started posting about it to tech news web sites. And all of you idiots reacted and now claim the sky is falling.

    Just because it's there doesn't mean the government already controls your computer. Hell, if you have it, and you have not locked it down, then you actually deserve to have your machine compromised. Like all those fucking retards who turned IPMI on, left it exposed to the internet, with a default password.

    Honestly, this would be a problem if it was hidden, but the technical details are in plain view for anyone.

    And like I said above, you can probably configure AMT onto a separate VLAN, which doesn't go anywhere, and the problem would most likely be solved.

    • (Score: 0) by Anonymous Coward on Tuesday June 21 2016, @09:41AM

      by Anonymous Coward on Tuesday June 21 2016, @09:41AM (#363221)

      Now whose the dumb fuck spreading nonsense?

      Tell us how to turn it off then, this should be fun...