On Thursday, November 23, 2017 at 4:34:07 AM UTC, [email protected] wrote: > On 11/22/2017 10:54 PM, jkitt wrote: > > > On Wednesday, 22 November 2017 13:34:26 UTC, Sandy Harris wrote: > >> From a crypto list, seemed relevant here. > >> ..... > >> Oh joy... > >> > >> Intel finds critical holes in secret Management Engine hidden in tons > >> of desktop, server chipsets > >> https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/ > >> ..... > > So I have my ME "turned off", and I understand off never means off, but can > > it still be remotely exploited? I'm using a wireless NIC. > If you use me_cleaner as of now there are no *public* exploits that > allow for that, although I wouldn't be using an intel wireless NIC as I > am sure they have some unpublished extra ME features besides the vPro > ones that are documented.
So for example, there is no issue buying a motherboard (and cleaning it up), with an intel NIC, just as long you do not use the nic, right? I mean, it cannot execute commands inwards to the motherboard, but only whatever passes through the NIC when its in use? So if for example inserting a more trusted PCI nic card, and just ignoring the intel nic, it should be no problem? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/66789f67-31bd-4482-b938-4dc38fe15996%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
