Intel AMT Allows BitLocker Bypass In Under A Minute

Status
Not open for further replies.
"First of all, F-Secure recommends to never leave your laptop unwatched in an insecure location. The company also said that IT departments should either set strong passwords for AMT or, if possible, completely disable it."

Welp, there goes remote working from companies!

THANKS INTEL.
 

Footloose

Distinguished
Oct 19, 2011
4
0
18,510
0
You might also want to get your facts straight next about AMT being present in consumer based systems because it most certainly is not. The AMT features have always been and continue to be only on corporate based chipsets.
 

TJ Hooker

Champion
Ambassador

Remote desktop doesn't use AMT, and thus has nothing to do with this...
 


And remote desktop is not what I'm talking about.

Cheers!
 

mras

Distinguished
Oct 7, 2011
11
0
18,510
0
Intel Amt is only enabled, on Q based intel chipsets, as FOOTLOOSE already said. It has _ALLWAYS_ been disabled by default, on the roughly 200 different machines I've iver come in contact with. The default password is indeed not very secure, but neither is the default password on any devices, and again, its not accessible by default.
Take a look at 0:42, that splashing border effect, is AMT noticing users that AMT is active. If people dont notice such..., what will they notice?
And yes, of cause, if you leave your computer in hands of others, they can access vital parts, like reseting your bios password, which afaik, isn't that hard. It's neither hard to hotwire the AMT chip, so you can set a new password, but you need physical access to the machine, knowledge, and time. Most devices has this form of 'security flaw'.
AMT is only reachable on local network port. AMT doesn't start a remote server up, that others can reach from internet, unless doing so intentionally.
Intel's ME utility on Windows, warns users, if someone is trying to access, even with or without success, on top on that previously splash screen shown.

AMT can best be compared to iKVM chip.
If you leave that in others hands, with enough time, it will be exact same.

This story more shows how desperately firms are seeking for qualified personal, when this 'storm in a glass of water' can get any attention, by anyone.

FSecure will for sure not ever get my application after this video!
Are you sure you want to give them yours?
 
Status
Not open for further replies.

ASK THE COMMUNITY