some comments - last guy says the same as u ie it's been known for 10 yrs now
Just commenting to say don’t confuse the ME flaw with the Spectre and Meltdown vulnerabilities.
Spectre and Meltdown have nothing to do with the Intel Management Engine. They have to do with hardware and software-level exploits targeting speculative execution that allow Ring-3 programs to dump Ring-0 Kernel memory, and with it, obtain secure keycodes in plaintext, and so on.
IME has an NSA backdoor in it, and it can be partly disabled by flipping a bit on a switch that was specifically installed for intelligence agencies to use to secure their own computers against their own backdoor being exploited by third parties:
www.theregister.co.uk/2017/08/29/intel_management_engine_can_be_disabled/ www.tomshardware.com/forum/id-1816242/secret-intel-chip-snoops-backdoor-access.html“Intel actually embedded the 3G radio chip in order to enable its Anti Theft 3.0 technology. And since that technology is found on every Core i3/i5/i7 CPU after Sandy Bridge, that means a lot of CPUs, not just new vPro, might have a secret 3G connection nobody knew about until now,”reports Softpedia.
That's copied from InfoWars which copied from this piece -
popularresistance.org/new-intel-based-pcs-permanently-hackable.
It's untrue. Intel's Anti-Theft can use 3G the same way it can use LAN or WLAN but you need a 3G modem (and working SIM of course).
www.intel.de/content/dam/doc/product-brief/mobile-computing-protect-laptops-and-data-with-intel-anti-theft-technology-brief.pdfAll concerning stuff, but no need for total FUD.
You don’t need a working sim to call 911 ... nor likely the NSA.
A lot of business-class laptops include WWAN - and a valid SIM may not be necessary for the spooks (cell phones can make emergency calls without a SIM.) But, thank you for clarifying my incorrect remarks. I remembered reading about years ago, but was too quick with the reply and didn't see "InfoWars." I feel dirty.
yep - you don't even need to be connected to the internet to get hacked by big brother.
This post from last year pretty much proves the ME is not flawed but purposely compromised. Everyone on the planet that has an intel chip in their device is at risk. We're being lied to, again.
People that hang out in the Qubes Google Group and around the GNU camp have known about this sort of issue for a very long time. The tech facts of this image of the blog are completely correct but there is always the chance that someone just took the known facts and dressed it up with a fictional backstory. Its kind of irrelevant as far as I'm concerned because there isn't any new information there.
ME is what?
Management Engine, You can install a IME server in a corporate environment, and connect remotely to machines for troubleshooting purposes, even if the OS has issues (It's out of band management) so even if windows is crashed etc, you can still control the computer. The bigger problem is the underlying full access these techs have, and whose to say if intel worked hand in hand knowingly or unknowingly to implement this on a global scale. Your computer can be compromised by 3 letter agencies. Hell they did it to cisco by placing hardware backdoors in their equipment at the post office while in route to customers. Not much of stretch to imagine the NSA would want backdoors to every pc in the world.
How does a hardware back door work?
They would physically open a cisco switch, and implant an additional chip that would allow them to piggyback onto the device.
arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/It could be since the Intel Management Engine can send a lot of information back to Intel. If you’re really worried about your privacy you should look into getting a Thinkpad that can run Libreboot. Libreboot disables all traces of the Intel Management Engine so they can’t spy on you. The only downside is that you can’t get use Libreboot on any modern Thinkpads that have an i3, i5, and i7; only Core 2 Duo works at the moment iirc.
As I said in the other thread that claimed the same thing as this one, this is bullshit. ME has been a concern for 10 years now. The 4channer just capitalized on what was already known, and roleplayed it as a Intel insider. Look up coreboot and libreboot. None of this info was new. Its a decade old. The only difference between this year a d ten years ago is that researchers developed a working exploit and that's why it was finally made into a CVE. OP is not tech literate and will believe anything they read if its bombastic enough.