Anonymity

Hardware Backdoors: Intel Management Engine

telegra.ph

Posted by righttoprivacy in Privacy (edited by a moderator )

The First Part of the Series of Articles "Hardware Backdoors" – Intel ME

Article content:

  1. Introduction to hardware backdoors.

  2. Explanation of what “Intel ME” is. Closed source code, big rights, your own MAC and IP addresses, bypassing firewalls, and much more.

  3. Threats that “Intel ME” can pose. What “Intel ME” is potentially capable of – from accessing the web camera and microphone to remotely turning the computer on and off and "enhanced" remote access to the computer.

  4. Why “Intel ME” is dangerous even if you’re not a target to intelligence agencies. Vulnerabilities found in “Intel ME” and threats from hacker groups, including from “Conti”.

  5. “Intel ME” can bypass almost any firewall. Potentially, “Intel ME” is dangerous even when there is no internet connection.

  6. Disabling “Intel ME”. Various methods to significantly interfere with an attacker from “Intel ME”.

  7. Due to what reasons, fully protecting against “Intel ME” or completely disabling it is almost impossible. Even “Coreboot/Libreboot with the HAP” method does not fully disable “Intel ME”.

  8. Protection methods (Spoiler – fully protecting against “Intel ME” is almost impossible), and a suggestion of an alternative solution to the “Intel ME” problem.

  9. “Intel ME” is only one of the potentially numerous hardware backdoors, and even if you solve the “Intel ME” issue, there will likely still be many other backdoors on your computer.

  10. Evidence of intelligence agencies' involvement with “Intel ME”, in fact, “Intel ME” closely resembles a backdoor, and likely is one.

  11. Why “Intel ME” is perhaps one of the most effective potential backdoors for intelligence agencies.

It’s likely that one of the biggest “holes” in security, privacy and anonymity are hardware backdoors.

[ ARTICLE DATE JAN 2025-continued at link ]

I definitely believe there is merit to the backdoor thing - how could you not see it this way? An unremovable highly obfuscated co-processor with full network access, wifi hardware whitelisted connected to wifi card offering remote access AMT and interesting vulnerabilities that seek to hide access in various ways including ipv6.

I'm perfectly happy on Intel ME neutered thinkpads. Just feels "cleaner".

Good article IMHO. Much longer than I could share here (character limit).

6

Comments

You must log in or register to comment.

Saint_Cuthbert wrote

I have heard about Intel putting backdoors in their chips. Is there a good alternative? The puri.sm librum computers theoretically wouldn't be safe, since I believe that they use intel chips.

2

righttoprivacy OP wrote (edited )

Personally, I've been using older models allowing at least majority neutering of Intel management engine.

coreboot Thinkpads come to mind.

My personal machines are not the "full ME removal", but vast majority partitions, leaving just what is needed to bring up hardware.

Outside this, there are more "modern" options out there from companies, albeit not removed in same way (disabled under HAP bit and others). Some prefer Arm.

But everyone has a different use cases. I want to be able to use Qubes as an option at times, and some older models are not capable of this. T430 (i5-3320M and greater CPU) and later mostly have the right virtualization options for it.

I see UEFI / BIOS being #1 concern along with some network cards that work along with it. Some for AMT.

It is a shame there aren't more options out there.

1

blueraspberryesketimine wrote

The management engine cannot be completely disabled in intel chips that ship with it because some of the things it handles are required for the chip to actually work. Really, you are better served by getting a chip without a management engine. Most AMD chips have their own version of the intel management engine, so they aren't safe. ARM boards are usually a little safer but not all. All of the Apple chips have a technology very similar to management engine built in. I don't know about the RISC-V boards but they are borderline trash so far anyway so they aren't a great escape route either.

2

codrus wrote

I forget what it is called, but AMD has their own version as well.

1