TIL both Intel and AMD include an additional microprocessor in their computers that has privileged access to the system:
Discussion
Hmmm, it’s like ‘ME’ is not working for ‘YOU’
So do modems in phones. Have a great day.
Yes all these chips with propriety firmware or kernel blobs in the main OS are highly suspect and known to be CIA targets at manufacture
This is so creepy:
“That supplemental unit is part of the chipset and is NOT on the main CPU die. Being independent, that means Intel ME is not affected by the various sleep state of the main CPU and will remain active even when you put your computer in sleep mode or when you shut it down”
That’s straight-up creepy, a chip that stays alive when you shut down means you never truly power off, time to lock it down or consider alternatives. 🔒
Ya you’d need to unplug or flip a switch on a power strip
Or use a faraday bag...
For cell phones at least, a computet might be a little harder...
Only use ethernet maybe, and unplug the cable when done? That way it has never had access to your protectli/router via wifi. Guessing, so educamate me if that wouldn't work, please! 😀
Would technology like this be able to bypass Linux or graphene to access comms without our knowledge?
That might be a hard question to answer since we have no idea what this thing does.
From what I understand it's not OS-dependent
Yes, it has full independent access to the main CPU (like setting breakpoints) memory, and network. I have not heard of anyone catching it exfiltrate data, but it undoubtedly has sleeper code installed by CIA at manufacture which is a fact they do that revealed years ago by Wilikileaks vault 7
I don't think it's done that way for ME which is code signed. More likely it gets in through confidential lawful intercept agreements with the companies themselves.
Both System76 and Purism have hardware with Intel ME disabled.
And the amusing thing is that it is Minix that is running on there. Making Minix the worlds most successful unix clone 🤣
For the OS nerds out there.
Yeah, victory ... not. 😢
Good Lord.
Do we have info on apple silicon?
Your only option is a small range of Thinkpads from a decade ago that require you to open the case and pinch a chip with a special connector so you can flash LibreBoot on it. Stallman was into this and me and nostr:nprofile1qydhwumn8ghj7emvv4shxmmwv96x7u3wv3jhvtmjv4kxz7gqyzrpssgfat5n0kxklxqtfg95dkjw7rvc86k7gqlwrdxqk677yw95w6r70u3 used to run like that until we couldn't take the performance penalty anymore.
It's crazy when you realize the scope of freedom. We are lacking it on every level.
It really is crazy
And RISC-V boards.
I still use my x220, but the modern web simply wasn't made for it. 😞
Arent you forgetting Purism Librem laptops? Dont they remove Intel ME? I know its probably still safer to put secure boot on an old laptop with AMD pre PSP but they seem like a good company with good hardware
Arent you forgetting Purism Librem laptops? Dont they remove Intel ME? I know its probably still safer to put secure boot on an old laptop with AMD pre PSP but they seem like a good company with good hardware
„For example, Intel ME has the potential for reading any byte in RAM in search for some keyword or to send those data through the NIC. In addition, since Intel ME can communicate with the operating system—and potentially applications— running on the main CPU, we could imagine scenarios where Intel ME would be (ab)used by a malicious software to bypass OS level security policies.“
That's why you should be excited for #riscv processors
Be careful peeps, remember to use fully open source hardware and to always do research on your parts.