Disabling Intel's Management Engine (ME)

DrMrLordX

Lifer
Apr 27, 2000
18,521
7,398
136

whm1974

Diamond Member
Jul 24, 2016
9,460
1,566
96
Correct me if I'm wrong, but the Intel Management Engine is really only useful for system administrators that handle more then just a few computers?

This feature sounds like it not very useful at all for most users and that it is in fact a backdoor in disguise .
 

DrMrLordX

Lifer
Apr 27, 2000
18,521
7,398
136
That's the general idea . . . that it's an NSA backdoor. One of the reasons why foreign concerns are trying to develop their own hardware platforms and avoid Intel ones.
 

whm1974

Diamond Member
Jul 24, 2016
9,460
1,566
96
That looks to be a major reason why several countries such as India are funding development of CPUs using the RISK-V ISA. Since RISC-V is a FOSS specification anybody can look at and use, it has the potential to replace both x86 and ARM.
 

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
It's supposed to be a backdoor for system administrators on a corporate network. But a backdoor for someone is a backdoor for everyone who can figure it out.

For those who want to disable it, here's a potential way, but it's not well tested yet.
And the disable attempt can have your computer "pining for the fjords".
 
  • Like
Reactions: Ken g6

Phynaz

Lifer
Mar 13, 2006
10,140
817
126
That looks to be a major reason why several countries such as India are funding development of CPUs using the RISK-V ISA. Since RISC-V is a FOSS specification anybody can look at and use, it has the potential to replace both x86 and ARM.
RISC-V is to allow CPU's to be developed using common components to reduce development cost - not reinventing the wheel each time. The BSD license that RISC-V is licensed under allows for closed implementations. You can bet that any implementation that will see any successful use will have closed security features.
 

IEC

Elite Member
Super Moderator
Jun 10, 2004
14,024
3,844
136
Jesus people it's not an NSA backdoor. You're not that important.
A backdoor can be exploited by anyone. If you think only the NSA can utilize their exploits, you are wrong.

Quite a few nation-state grade exploit toolkits have been leaked this year by the "Shadow Brokers" and other groups.
 
  • Like
Reactions: whm1974

whm1974

Diamond Member
Jul 24, 2016
9,460
1,566
96
RISC-V is to allow CPU's to be developed using common components to reduce development cost - not reinventing the wheel each time. The BSD license that RISC-V is licensed under allows for closed implementations. You can bet that any implementation that will see any successful use will have closed security features.
I'm sure there will some open implementations available.
 

SarahKerrigan

Senior member
Oct 12, 2014
227
250
116
Correct me if I'm wrong, but the Intel Management Engine is really only useful for system administrators that handle more then just a few computers?

This feature sounds like it not very useful at all for most users and that it is in fact a backdoor in disguise .
Remote management is only one feature. A more consumer-relevant one is DRM - PAVP runs over ME/AMT, afaik. I believe Intel Anti-Theft runs on it as well, but I'm just going off memory for that one.

I seriously doubt the ME was created as a nation-state backdoor, but I would not be shocked to find it's been used as one.

Note, also, that AMD has an equivalent to the ME: the Platform Security Processor.
 
  • Like
Reactions: Phynaz

PottedMeat

Lifer
Apr 17, 2002
12,365
471
126
the researcher's technical blog post (layman's history & technical details): http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

that's interesting, intel recently switched to an x86 microcontroller arch running MINIX from an ARCCompact running ThreadX RTOS.

people that used to want AMT disabled dumped the blob firmware, reconstructed it, and tried omitting blocks to see what would work and what wouldn't.
these researchers extracted an xml file from an intel management utility and found a flag that may disable it - how everything is tied together they're still trying to find out.
 

whm1974

Diamond Member
Jul 24, 2016
9,460
1,566
96
Remote management is only one feature. A more consumer-relevant one is DRM - PAVP runs over ME/AMT, afaik. I believe Intel Anti-Theft runs on it as well, but I'm just going off memory for that one.

I seriously doubt the ME was created as a nation-state backdoor, but I would not be shocked to find it's been used as one.

Note, also, that AMD has an equivalent to the ME: the Platform Security Processor.
The Anti-Theft feature would probably be the only useful feature for consumers.
 

SPBHM

Diamond Member
Sep 12, 2012
5,002
358
126
my main concern with it is not "NSA", but it being exploited by hackers in the future
still, there are probably so many easier weak points to exploit before that, so...
 

Ratman6161

Senior member
Mar 21, 2008
616
75
91
That looks to be a major reason why several countries such as India are funding development of CPUs using the RISK-V ISA. Since RISC-V is a FOSS specification anybody can look at and use, it has the potential to replace both x86 and ARM.
Not really. Countries like India are trying to jump start their own industries to be less reliant on the west, to include the US.
 

DrMrLordX

Lifer
Apr 27, 2000
18,521
7,398
136
India is not the only country. Russia has the Elbrus-8S. China has produced multiple MIPS variants.
 

Dufus

Senior member
Sep 20, 2010
675
119
101
What about the BIOS option to disable ME, does that not do what it says?
 

Phynaz

Lifer
Mar 13, 2006
10,140
817
126
What about the BIOS option to disable ME, does that not do what it says?
You can't disable ME completely, your system won't boot without it. Most likely your BIOS option is to turn off AMT.
 

ASK THE COMMUNITY

TRENDING THREADS