Intel ME's Undocumented Manufacturing Mode Suggests CPU Hacking Risks

[Lucian Armasu]

Positive Technologies found a second undocumented mode for Intel ME that could allow attackers to remotely control Intel CPUs if the mode is not disabled before shipping as intended.

Intel ME's Undocumented Manufacturing Mode Suggests CPU Hacking Risks : Read more

 

[PellehDin]

AMD is looking better and better for my next build.

 

[acme64]

amd has trustzone

 

[Karadjgne]

Intel is the Big Dog on the block, has been for a while. Even had claims of 90% of the internet being run by Intel processors at one point not so long ago. Of course it's the target for such specific hacks trying to find back doors. And everyone has them, even Apple did. They are there. But Ryzen is still pretty new and is not yet fully established in business applications, won't be for a while, until ppl upgrade. That leaves Intel. Most ppl running amd are still using FX processors and haven't updated yet, and really, it's a pretty sad waste of time trying to hack an FX user. It's the same as Microsoft. Most ppl run a version of Windows, so guess who gets hacked. You can hack Linux just as easy, but what's the point, not enough users to make any real splash in the headlines.

Amd only looks better because either hackers aren't bothering, or those that are just haven't found the security lapses yet.

 

[TCA_ChinChin]

Its a shame that intel did this, but one has to also consider AMD. Although there hasn't been specific research published or public about AMD's equivalent to ME, fact of the matter is that it exists, and thus, the similar possibilities for exploits on AMD's platforms as well. That said, it might be better executed or less vulnerable than Intel's.

 

[derekullo]

Intel ME reminds me of Windows ME.

Automatically making it sound bad.

 

[rantoc]

So where to forcefully disable ME, its just adding headaches. No wonder why clever companies like Google is working towards that end!

 

[ein4rth]

AMD's PSP is quite different (and simpler) from Intel's ME which controls everything, networking included. And it's very simplistic to assume that vulnerabilities are not being found because "hackers aren't bothering".

 

[Christopher1]

I will be totally blunt: This should not be enabled in the damned first place on customer systems. As soon as all testing is done, a special daisy version that it is known that this functionality is disabled should be pushed out for customers.
This is a failure in the extreme by Intel, by Microsoft, and by the computer manufacturers.

Congress, if you are reading this? Do a hearing on this subject and lambaste those three levels of companies for this stuff.