nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq05gxtz00vfxzdela6xrhyvtqxmaxqz65d9hws3d56e72trqgcmvsxk52hs It has been 50 years since I wrote or cared to write all the bits of an entire machine...
@nprofile1q...
I wouldn't dispute that the backdoor in the ME is a bit overplayed. However, it's merely an example of why we should be concerned whether or not it's being actively used. It's probably not used at scale, but rather selectively.
There is a bit that has to be set to partially disable the ME and one of the developers who wrote one of the solutions was silenced. If you go look at the repository you'll see it hasn't been updated in many years and the reason is pretty apparent. If you look at what he was saying prior and the fact he can't talk about it now... there is something to be concerned about here. I just don't think the US government is using this particular backdoor outside of selective targets.
Intel has gone back with each successive generation and tweaked things to hinder anyone's ability to partially disable the ME.
What I think is worth pointing out is that the government doesn't have one solution, but many. They don't need a backdoor in the ME to target average joe. They need a bit to flip to disable vulnerabilities that that intel has placed there on behalf of the government however such that the government itself can mitigate said vulnerabilities and it's more along those lines that I believe the evidence lies.
Is it overblown? Yes, for most users this is a non-issue. For some users I'd be a bit more concerned.
My company has the option to partially disable the ME on the computers in our catalog on some models. It's not something we push, but is a reaction to peoples concerns.
There are plenty of other security issues that ship in EVERY router just about. UPnP for instance. I'm not sure if it's in the default images for OpenWRT, but I know it's just one component not included in libreCMC's default images.
I wouldn't dispute that the backdoor in the ME is a bit overplayed. However, it's merely an example of why we should be concerned whether or not it's being actively used. It's probably not used at scale, but rather selectively.
There is a bit that has to be set to partially disable the ME and one of the developers who wrote one of the solutions was silenced. If you go look at the repository you'll see it hasn't been updated in many years and the reason is pretty apparent. If you look at what he was saying prior and the fact he can't talk about it now... there is something to be concerned about here. I just don't think the US government is using this particular backdoor outside of selective targets.
Intel has gone back with each successive generation and tweaked things to hinder anyone's ability to partially disable the ME.
What I think is worth pointing out is that the government doesn't have one solution, but many. They don't need a backdoor in the ME to target average joe. They need a bit to flip to disable vulnerabilities that that intel has placed there on behalf of the government however such that the government itself can mitigate said vulnerabilities and it's more along those lines that I believe the evidence lies.
Is it overblown? Yes, for most users this is a non-issue. For some users I'd be a bit more concerned.
My company has the option to partially disable the ME on the computers in our catalog on some models. It's not something we push, but is a reaction to peoples concerns.
There are plenty of other security issues that ship in EVERY router just about. UPnP for instance. I'm not sure if it's in the default images for OpenWRT, but I know it's just one component not included in libreCMC's default images.
2