I wonder if anyone ever completely trusted AMT - maybe some naive excessive cool-aid drinkers :)
-vb On Tue, May 2, 2017 at 11:27 AM, ron minnich <[email protected]> wrote: > I wonder if anyone is going to completely trust AMT after this problem. It > goes back almost 10 years. So for all those users who had it on for almost > 10 years, the question becomes, how much did we lose and when did we lose > it? The answer? We'll never know. Are we still owned? We don't know. Can we > actually trust any reflash procedure, if the ME is owned while we try to > reflash? Well, I hope so, but how can we know? > > It's a worrisome situation. > > ron > > On Tue, May 2, 2017 at 11:01 AM Patrick Georgi via coreboot < > [email protected]> wrote: > >> Semi-Accurate only claims accuracy according to what's on the box. The >> official documentation of the issue can be found at >> https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075 >> >> It looks like a software bug in the AMT firmware. Therefore: >> - No AMT (eg on non-business consumer devices) -> no (bug | exploit). >> - Present but disabled AMT (eg. on business devices without AMT >> enrollment) -> no (bug | exploit). (although there's apparently a way >> to enable AMT unsupervised under some circumstances with some level of >> local access. or something.) >> >> >> Patrick >> >> 2017-05-02 19:31 GMT+02:00 John Lewis <[email protected]>: >> > https://semiaccurate.com/2017/05/01/remote-security-exploit- >> 2008-intel-platforms/ >> > >> > The article says "all" Intel boards since 2008 are locally vulnerable >> > (ME exploit), but the Intel advisory (linked within) says consumer >> > devices are okay. >> > >> > What the article says about even low end devices still having the >> > features albeit turned "off" rings true to me, based on stuff I've read >> > here and elsewhere. What's your take (bearing in mind the technical >> > details aren't available, yet)? >> > >> > >> > -- >> > coreboot mailing list: [email protected] >> > https://mail.coreboot.org/mailman/listinfo/coreboot >> >> >> >> -- >> Google Germany GmbH, ABC-Str. 19, 20354 Hamburg >> Registergericht und -nummer: Hamburg, HRB 86891, Sitz der Gesellschaft: >> Hamburg >> Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle >> >> -- >> coreboot mailing list: [email protected] >> https://mail.coreboot.org/mailman/listinfo/coreboot > > > -- > coreboot mailing list: [email protected] > https://mail.coreboot.org/mailman/listinfo/coreboot >
-- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
