One of my coworkers told me he previously worked on the motherboard team for Intel and was regaling the office with stories about testing the motherboards against the latest games. Apparently many of the Intel engineers personally tested overclocking the processors to see how much they could take before they fried.
At some point I asked him if he knew anything about the Management Engine. He said that they were starting to become a thing right around the time he was leaving, so he didn't know too much about them. I said, "Well, there's a bunch of paranoid people that are uneasy about it because, to my understanding, it's a blackbox second processor and we really have no idea what it's doing."
Without prompt, he replied, "Oh, you mean like the FBI using it to listen in? Yeah, that happened. It happened on AT&T's when I went over there as well."*
That's my story. I apologize if it looks like I'm spreading FUD here, since I'm not going to give up my name or my coworker's to verify the story, but I sincerely doubt that Intel would acknowledge such a capability anyway, so, take it as you will. Libreboot, the Management Engine cleaner, and other such projects need to exist. My coworker's comment convinced me of that.
* I'm not sure what he's referring to here. Maybe someone else can shed some light. Does AT&T make processors?
I'm skeptical that the FBI have the technical capabilities to turn the IME into a trojan horse (in the biblical sense). More likely NSA-levels of sophistication. Plus there's also the issue of doing the actual implants (either via postal intercepts, physical access, or breaking into networks) which are illegal for the FBI to do but semi-legal for the NSA to do against foreign targets.
If Intel was cooperative, then all the FBI would need to do is ask them to help. That would fit with an Intel employee being aware of it happening. Pure speculation on my part, of course.
Isn't this a two edged thing in legal courts - if there is a widely available backdoor to hack Intel systems, how can any digital evidence be taken without some measure of doubt?
That is the whole "parallel construction" debacle. Once they have the evidence, they come up with a cover story for how they could have legally obtained it.
One of my coworkers told me he previously worked on the motherboard team for Intel and was regaling the office with stories about testing the motherboards against the latest games. Apparently many of the Intel engineers personally tested overclocking the processors to see how much they could take before they fried.
At some point I asked him if he knew anything about the Management Engine. He said that they were starting to become a thing right around the time he was leaving, so he didn't know too much about them. I said, "Well, there's a bunch of paranoid people that are uneasy about it because, to my understanding, it's a blackbox second processor and we really have no idea what it's doing."
Without prompt, he replied, "Oh, you mean like the FBI using it to listen in? Yeah, that happened. It happened on AT&T's when I went over there as well."*
That's my story. I apologize if it looks like I'm spreading FUD here, since I'm not going to give up my name or my coworker's to verify the story, but I sincerely doubt that Intel would acknowledge such a capability anyway, so, take it as you will. Libreboot, the Management Engine cleaner, and other such projects need to exist. My coworker's comment convinced me of that.
* I'm not sure what he's referring to here. Maybe someone else can shed some light. Does AT&T make processors?