A new article on BoingBoing argues that Intel’s implementation of the IME and the microcontroller that runs it are fundamentally insecure, cannot be trusted, and could be used to perform potentially devastating exploits. Intel has publicly revealed very little about the precise function of its onboard microprocessor and the security system that guards it — and that, in turn, means that the company is essentially relying on security through obscurity to secure its own standard.
Concerns about IME and AMT are nothing new; Joanna Rutkowska discussed vulnerabilities found in a much earlier version of the standard in 2009, and research into exactly how the Intel Management Engine secures data and maintains a trusted environment has been ongoing for years.
Read More
I wonder if Intel release a software fix for their CPU to make it more secure.
Concerns about IME and AMT are nothing new; Joanna Rutkowska discussed vulnerabilities found in a much earlier version of the standard in 2009, and research into exactly how the Intel Management Engine secures data and maintains a trusted environment has been ongoing for years.
Read More
I wonder if Intel release a software fix for their CPU to make it more secure.
