As per your link:
Source: https://www.fsf.org/blogs/community/active-management-technology
In other words, the Management Engine is a back door into the system,
potentially providing remote access to anyone else, including those with
malicious intentions.
There is a lot more information about this, on websites such as
http://me.bios.io/Main_Page, http://io.smashthestack.org/me/, the coreboot
wiki and more.
The ME has full access to RAM.
And guess what? It is proprietary software (meaning, no source code). What's
more alarming, is that the ME is cryptographically signed by Intel, and only
Intel has the private key. If you try to remove the ME, your system will
simply not boot at all; if you try to use a modified ME, the signature check
will fail and again, your system will not boot.
While on some older Intel chipsets, it is possible to remove the ME firmware
(and disable the ME), this is impossible on the latest gener305800ation of
Intel hardware that purism is using.
Does this sound scary? Considering that it's a backdoor, has full access to
RAM (for instance, it could leak your private encryption keys), has full
networking (the ME can use the onboard ethernet NIC or wifi), you could
hardly describe any system that comes with the ME as being one that respects
the users privacy.