Remote code execution on almost all Intel processors: this is again the Management Engine fault

[GlitchyDot]

Interesting.
I always imply this: if hacker/government/other entity wants to hack you - they will.
So does ME = microcode in some ways or its a different thing ?

 

[Phishfry]

Allow me to say this too. You will find a shit ton more Dell Servers in gov racks than SuperMicro.

Gov buys in bulk contracts over multiyears. SuperMicro is not a big vendor.

Heck DOD paid Dell more for VMWare licenses than SuperMicro made all last year..

Please DOGE them DOD guys too. They should be abandoning VMWare extortion fees..

 

[Phishfry]

What is Intel® Management Engine?

Overview of Intel® Management Engine

www.intel.com

 

[GlitchyDot]

I checked thats why i got confused with ME and microcode...

 

[Phishfry]

I always imply this: if hacker/government/other entity wants to hack you - they will.

I would say so.
CryptoAG always cracked me up. For over 20 years the supreme encryption device for embassies was owned by spooks.
And nobody caught it.

Crypto AG - Wikipedia

en.wikipedia.org

 

[ralphbsz]

Source ?

Me.

 

[Crivens]

Check out "to protect and infect" on YT, by Applebaum.

Data was also transmitted outwards by adding little delays to regular traffic, kinda Morse code. You would not pick up any unwanted packets in your lab, you are still leaking passwords.

 

[Espionage724]

I've disabled Intel ME via HAP bit on a few Acer and Dell computers. Latest I did was a Dell Latitude 5591 with Coffeelake, and interestingly it still passed Dell's Trusted Boot checker

ME can apparently provide power-management details on laptops early-boot and afaik HAP bit is the most graceful way to disable ME but still have that (default iirc with me_cleaner is to remove partitions and break ME so it fails to start)

I'm not too sure about it being able to have free-reign of the OS in default consumer config without the remote stuff/vPro, but I like not having the devices present and taking up resources