It's probably reasonable to assume that half the attendees at DEFCON can use that backdoor. There are several known vulnerabilities listed in the linked Wikipedia article which have to be patched with a firmware update that some OEMs didn't bother to provide and most users didn't bother to install.
Really? I am curious to know what observations or evidence you base your arguments/predictions on? Do you believe they have an (even better than 'post-Snowden leaks') search-engine like PRISM, but for private networks all around the world?
Could a user tell it's happening? What signals would indicate this? Is it increased CPU usage disguised as a system process?
And are you talking about mainstream proprietary OS'es like MacOS and Windows? I already know a little about Intel ME and proprietary silicon, but I don't know where to find a proper analysis, or a blog or book that deep dives into the ramificitions of the existense of these backdoors.
It seems to also not be in the mainstream consciousness just how serious it could be?
> Could a user tell it's happening? What signals would indicate this? Is it increased CPU usage disguised as a system process?
Intel AMT allows redirecting graphics output and keyboard/mouse/USB input over network connection. It's like a hardware device connected to HDMI port to capture screen and to USB ports to send inputs, but it's built right into the motherboard. It doesn't spawn a process in the operating system or use resources to any meaningful degree. The OS knows about AMT only what the hardware tells it, if anything at all.
Unlike software-based remote desktop solutions (VNC, TeamViewer), it's independent from the operating system. As long as the system is connected to power, AMT can run. You can log into a fully shut down computer, power it on and see boot logos and access BIOS before the OS even begins to load. You can use AMT to install operationg system on a PC with completely empty hard drive by virtually attaching a CD/DVD or USB install media.
It's extemely powerful management interface, but it's close-sourced and has a history of serious security flaws.
It is documented and accessible. Not to the extent many people want, but enough to use it. If your CPU and motherboard combination supports remote management, you can usually turn it on by pressing Control+P during boot (launches configuration screen; see motherboard's manual if it doesn't) and then use freely available software like Manageability Commander from Intel's site to manage the PC.
Mandatory disclaimer: it's highly recommended to keep the network port with active management interface isolated in a separate network with no internet access.
The mere fact that you would expect a system process or anything else visible to the operating system, indicates that you haven't read much about Intel ME :/
> indicates that you haven't read much about Intel ME :/
I wrote in my comment:
> I already know a little about Intel ME and proprietary silicon
So yes this is true, I know only 'a little'. I have only understood that it is a small proprietary OS running underneath the user's OS. I guess from your comment I learned now that this means it is something you can only get at with a diagnostic tool, and it is outside the control of the user's operating system.
Yes I do not have a CS degree, and I am not a classically trained SWE. Instead I am a self-taught web app developer, with mainly skills in web apps, and not much knowledge yet around OS'es and computing hardware. Yet I am curious to go deeper into Intel ME, since it's existence and the consequences of that do affect me (since I have an intel chip in my computer), hence my questions.
You write:
> The mere fact that
This sounds like you're not wiling to step into a teaching role or share your insights. Do you think it is beneath you to answer questions? It sounds like you want to shame me for my technical incompetence in this area. Is this accurate? If yes, I would like to request that you please not reply to my posts, unless you answer my question authentically and with basic respect/kindness.
I wish HN was friendlier to beginners, or people willing to ask 'stupid' or 'naive' questions and who have a beginners mindset.
> I have only understood that it is a small proprietary OS running underneath the user's OS.
It's not running underneath the user's OS. Both Intel ME and AMD's equivalent run on on a completely separate processor; think of it as a small CPU hidden next to the main CPU. This means that, for instance, "increased CPU usage" will not happen.
> a completely separate processor; think of it as a small CPU hidden next to the main CPU
Damn that seems a sneaky strategy by Intel, especially since they retain the master key. So are all these big chipset manufacturers selling chips with this massive backdoor that not many people know about? Scary stuff.
Thank you for sharing this! If you know of any beginner-friendly sources on this, I'd be grateful to see those.
Do non-US based chipmakers like Samsung have a similar systems in their chips?
> Usually, snark remarks like "really?" mean that all venues for learning are excluded. Why would someone step in to teach in this case?
Text does not translate intention well... It was a 'really?' filled with curiosity, and an eagerness to try to understand what the original poster was basing his statements on (that the NSA and others can all use this backdoor). I feel that there is within me an eagerness to learn more. It was not meant as a snarky comment at all. Thanks for telling me how my comment came across to you! (not snarky again.)
