Posted on 06/25/2016 9:26:23 PM PDT by Enlightened1
Recent Intel x86 processors implement a secret, powerful control mechanism that runs on a separate chip that no one is allowed to audit or examine. When these are eventually compromised, they'll expose all affected systems to nearly unkillable, undetectable rootkit attacks. I've made it my mission to open up this system and make free, open replacements, before it's too late.
The Intel Management Engine (ME) is a subsystem composed of a special 32-bit ARC microprocessor that's physically located inside the chipset. It is an extra general purpose computer running a firmware blob that is sold as a management system for big enterprise deployments.
When you purchase your system with a mainboard and Intel x86 CPU, you are also buying this hardware add-on: an extra computer that controls the main CPU. This extra computer runs completely out-of-band with the main x86 CPU meaning that it can function totally independently even when your main CPU is in a low power state like S3 (suspend).
On some chipsets, the firmware running on the ME implements a system called Intel's Active Management Technology (AMT). This is entirely transparent to the operating system, which means that this extra computer can do its job regardless of which operating system is installed and running on the main CPU.
The purpose of AMT is to provide a way to manage computers remotely (this is similar to an older system called "Intelligent Platform Management Interface" or IPMI, but more powerful). To achieve this task, the ME is capable of accessing any memory region without the main x86 CPU knowing about the existence of these accesses. It also runs a TCP/IP server on your network interface and packets entering and leaving your machine on certain ports bypass any firewall running on your system.
(Excerpt) Read more at boingboing.net ...
Linux lets this happen?
I think I saw another thread on this, and the information I saw there made me think this is not an issue.
However I will let those of you much more knowledgeable than I comment.
I am just posting this quickly, to say wait for more information. I think this is not an issue.
Ping.
AMD has something similar, but it is optional, it is an ARM chip added in, and it doesn't have the lack of transparency Intel has kept on what it can do. For AMD, the ARM chip portion can do two things: 1) serves as a general offload device for encryption/decryption work and 2) Independently check all x86 modules for appropriate checksums of programs/modules and terminate unauthorized code, if desired. Intel's approach does program a permanent back door for remote monitoring for which you can not know this is occurring over your network or through the Internet.
This is how I understand the Intel and AMD approaches, as of today.
Does this additional device get a unique IP# or use the connection of the main processor(s)? MAC addresses?
MAC address. I have a Mac. :)
Does NSA know this? Snowden? Putin?
The traffic could be seen on the network, because it uses TCP/IP.
I believe the main x86 chip portion would be as blind as Windows is to a device with no driver.
This is an outgrowth of the Trusted Platform Module, as I recall.
Folks, this is not new. I believe some Intel chips have it and some don’t.
You can’t spell news without “new”....
Old news, this stuff has been around since 2008.....
Uhn huh.
I’m trying to imagine how this works.
I self-identify as the Secretary of State, so this doesn’t affect me.
I take this to mean No Such Agency.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.