SoylentNews is people
SoylentNews
Submission Preview
Disabling Intel ME 11 via undocumented mode
From TFA (the friendly article) [ptsecurity.com] . . .
Our team of Positive Technologies researchers has delved deep into the internal architecture of Intel Management Engine (ME) 11, revealing a mechanism that can disable Intel ME after hardware is initialized and the main processor starts. In this article, we describe how we discovered this undocumented mode and how it is connected with the U.S. government's High Assurance Platform (HAP) program.
[ . . . . ]
Intel Management Engine is a proprietary technology that consists of a microcontroller integrated into the Platform Controller Hub (PCH) chip and a set of built-in peripherals. The PCH carries almost all communication between the processor and external devices; therefore Intel ME has access to almost all data on the computer. The ability to execute third-party code on Intel ME would allow for a complete compromise of the platform . . .
[ . . . . ]
Unfortunately, analysis of Intel ME 11 was previously impossible because the executable modules are compressed by Huffman codes with unknown tables. Nonetheless, our research team (Dmitry Sklyarov, Mark Ermolov, and Maxim Goryachy) managed to recover these tables and created a utility for unpacking images. The utility is available on our GitHub page [github.com].
[ . . . . more omitted . . . . ]
Hey, the government isn't the only one who wants "high assurance" for their computers. We trolls and average peons would like to think our systems are secure as well.
But it gets better.
From these utilities, you can extract a large number of XML files (detailed description of the process [troopers.de]). These files contain a lot of interesting information [ . . . ]
. . . The second search result said that the name belongs to a trusted platform program linked to the U.S. National Security Agency (NSA). A graphics-rich presentation describing the program can be found here [sri.com] (non working link at time of soylent submission). Our first impulse was to set this bit and see what happens. [ . . . ]
