The ones that the whole ME affair hurts the most is the open source Firmware development. Libreboot (A Coreboot fork that doesn't wants to use binary blobs) has
this to say about Intel ME.
Curiously, I recall having read somewhere a guy with a Notebook that said that after a Processor upgrade, his machine consistently shutted down at the 30 minutes mark, which is something that ME is supposed to do. If I wasn't lazy I would try to look around for that Thread and try to figure out how exactly that happened.
There are a lot of useful things that you could do with a huge backdoor in your systems, like the Intel Anti Theft feature, which for Notebooks seems like a neccesary evil. However, the point here is that YOU need to be able to control it, and that also means that you need to learn how to setup and use it. This is the part that everyone is missing.
I think that its actually more risky to have the feature left there unused, since what rootkits and malware usually does is take advantage of the default, expected options, and chances are that small variations here or there may screw up a few ones. Secure Boot for example isn't that bad once you understand what it does and the type of rootkits that it can prevent. On Linux you can even sign your own files, and load the key to the Firmware. However, the procedure is a pain in the butt explained on very technical terms, and not a lot user-friendly material to actually use it.
What DOES worries me is that UEFI 2.5 is intending to standarized the Firmware flashing procedure (Usually each Flash ROM has its own flashing procedure, that the flashing application does for you). This means that a single exploit there would potentially allow to brick Motherboards en masse - what mitigated the BIOS overwrite capabilities of the infamous W95.CIH.
Facebook
Twitter