When it comes to Intel Management Engine, I actually think it’s not a threat if you neutralize it. I mean to just set the HAP bit on it. Because if that isn’t enough then that means all computers in the world which use Intel CPU can be accessed by NSA but if NSA had this much power then it seems obvious that they aren’t using it and why wouldn’t they use it?

There’s a github project to neutralize/disbale Intel ME: https://github.com/corna/me_cleaner Disable is overwriting intel ME as much as possible with zeros, leaving only a little remaining to be able to boot the computer. The newer the intel chips are, the less likely it is to be able to disable it. But all chip sets can be neutralized which means to set the HAP bit which is an official feature. In theory we can’t actually trust the HAP bit to really disable intel ME permanently. It’s more like asking Intel to do what they have promised because it’s proprietary. But I think it really does permanently disable it because otherwise NSA would be abusing this power.

That’s why I think the newer laptop models are better because it’s probably not necessary to disable, it’s enough to just neutralize withthe HAP bit. And with a newer modern laptop they can have open source Embedded Controller firmware which is better than proprietary Embedded Controller firmware.

I’m interested to hear what you think as well.

  • chappedafloat@lemmy.wtfOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    Good suggestion about analyzing network packets. I don’t know anything about how to do that except there are tools like wireshark which can help but I still have no knowledge on doing that. And I think you would need to make a script to monitor it for you because it would probably only (talking theoretically now) phone home very quickly on rare occasions, it wouldn’t be continous. So your script would have to be able to detect these short and rare anomalies. I don’t know anything about how to do any of this though but I will add it to my todo list down the road.

    Another problem is you might need to get the NSA’s attention first and make yourself a target. You also need to make sure there is no other way for them to spy on you, so they are left with only using intel me as their last resort.

    So because I don’t know anything about analyzing network packets I can’t say if you’re right but it does seem convincing. And it would be great for security in general as well, not only for investigating intel ME. I will definitely learn more about this later.