24 September 2022

Disable Intel ME thanks to the NSA


Corporations lie to you, they lie to you every single day, period.

It's all in the language they use.

What's more important, is that no one really cares until you take it to court, and even then.

Over the years, Intel's "Management Engine" has been discussed to death, about it's "backdoor" capability to be exploited by others.

Intel refuted those backdoor accusations, saying, “Intel does not put backdoors in its products nor do our products give Intel control or access to computing systems without the explicit permission of the end user. In short, Intel does not participate in efforts to decrease security in technology.”

So, let's put emphasis on the word "backdoor", where we can use the words, feature or portal or let's even thrown in a few TLAs (Three Letter Acronyms) like AMT (Advanced Management Tool) or an an IMF (Integrated Management Feature).

quie simply put, Intel got caught out in with their propriatary architecture and still continued to provide false information (i.e. lie).

Intel is a term used by government 'defence' (or more accurately offence) personnel to that described intelligence gathering.

What most important with this whole fiasco is that a government 'intel' organisation requires their computer to have the ME (Management Engine) disabled.

Therefore the government does not want the government to spy on itself, which makes perfecrt sence.

See the following:

As Positive Technologies researchers Mark Ermolov and Maxim Goryachy poked into the firmware, they discovered an undocumented HAP field. HAP, which stands for the High Assurance Platform (pdf) program, was developed by the NSA. The framework was for the “development of the ‘next generation’ of secure computing platforms.”

The researchers discovered an undocumented field called “reserve-hap” and that HAP could be set to “1” for true. Apparently, the NSA wanted to ensure the agency could close off any possible security risk by disabling Intel ME. The researchers wrote, “We believe that this mechanism is designed to meet a typical requirement of government agencies, which want to reduce the possibility of side-channel leaks.”

When told about the research, Intel told Positive Technologies:

In response to requests from customers with specialized requirements, we sometimes explore the modification or disabling of certain features. In this case, the modifications were made at the request of equipment manufacturers in support of their customer’s evaluation of the U.S. government’s “High Assurance Platform” program. These modifications underwent a limited validation cycle and are not an officially supported configuration.

If you want to disable Intel ME, you should first read the in-depth technical explanation about the researchers finding “an undocumented PCH strap that can be used to switch on a special mode disabling the main Intel ME functionality at an early stage.” Positive Technologies also made its Intel ME 11.x firmware image unpacker utility available on GitHub. Use at your own risk; the methods to disable Intel ME were described as “risky and may damage or destroy your computer.”

Source: CSO Australia.

These actions of spying on the general population is deliberate by design part of the Nanny State agenda.

No comments: