Intel Acknowledges ME Flaws, Announces Fixes

Status
Not open for further replies.

shrapnel_indie

Distinguished
Jan 21, 2010
2,152
10
20,465
277
The closed source proprietary model of the firmware also denies most people—except the NSA—the ability to see what it does on a computer, which means it might come with security flaws that could be exploited by sophisticated attackers.
they think they should still be able to use the undocumented mode that the NSA has also been using to continue to disable the ME in their laptops, as the recent vulnerabilities announced by Intel don't seem to relate to it.
IOW: the alphabet soups still have their unmonitored back-door(s) in place so they can exploit it whenever they wish. Hopefully only under a valid warrant, but somehow I don't think that will stop 'em. If they're there (the access points, undocumented or not) SOMEONE will take advantage of it, not just guv snoops either. -- Shame on you Intel!
 

Glock24

Distinguished
Sep 5, 2014
75
8
18,635
0
I imagine there are other flaws affecting pervious products too, but they are too old for Intel to invest any effort to patch.

But then, those "flaws" may actually be features requested by the NSA.
 

TripleHeinz

Reputable
Aug 29, 2014
106
3
4,715
9
I executed the tool in a machine with a 4th gen core processor and this is the output just in case you were wondering what happens if you do:

Risk Assessment
Based on the analysis performed by this tool: This system is not vulnerable.

For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 21-11-2017 16:05:21

Host Computer Information
Name: TRIPLEHEINZ
Manufacturer: Gigabyte Technology Co., Ltd.
Model: B85N-WIFI
Processor Name: Intel(R) Core(TM) i3-4330 CPU @ 3.50GHz
OS Version: Microsoft Windows 10 Pro

Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 9.0.30.1482
SVN: 1

Copyright(C) 2017, Intel Corporation, All rights reserved.
 

hellraiser06

Distinguished
Aug 11, 2006
709
0
19,360
131
And, TH still embeds videos that autoplay. You know guys, it becomes really awkward at work when everybody is suddenly looking at you just because you forgot to mute your browser. Just sayin
 

geekguy

Distinguished
Aug 25, 2010
12
0
18,510
0
So basically it's not a backdoor if the "right" guy is using it, if I understood correctly.
"... worried that ME could be used as a backdoor.
The closed source proprietary model of the firmware also denies most people—except the NSA..."
Moral of the story, buy Intel, you will be safe, you need to be safe! At least that's how the saying goes...
 

grumpigeek

Honorable
Nov 29, 2012
47
0
10,530
0
Wow!
Intel are desperately trying to cover up this secret ME backdoor used by the NSA for warrantless spying on all Americans. I bet the Russians, Chinese and other malware authors are also using it.
 
Status
Not open for further replies.

ASK THE COMMUNITY

TRENDING THREADS