As per your link:

Source: https://www.fsf.org/blogs/community/active-management-technology

In other words, the Management Engine is a back door into the system, potentially providing remote access to anyone else, including those with malicious intentions.

There is a lot more information about this, on websites such as http://me.bios.io/Main_Page, http://io.smashthestack.org/me/, the coreboot wiki and more.

The ME has full access to RAM.

And guess what? It is proprietary software (meaning, no source code). What's more alarming, is that the ME is cryptographically signed by Intel, and only Intel has the private key. If you try to remove the ME, your system will simply not boot at all; if you try to use a modified ME, the signature check will fail and again, your system will not boot.

While on some older Intel chipsets, it is possible to remove the ME firmware (and disable the ME), this is impossible on the latest gener305800ation of Intel hardware that purism is using.

Does this sound scary? Considering that it's a backdoor, has full access to RAM (for instance, it could leak your private encryption keys), has full networking (the ME can use the onboard ethernet NIC or wifi), you could hardly describe any system that comes with the ME as being one that respects the users privacy.

Reply via email to