[tor-talk] Intel ME / AMT + NSL vs Tor Nodes
ktr-theonionrouter at dea.spamcon.org
Sun Dec 18 10:22:21 UTC 2016
On 12/17/2016 3:58 PM, podmo wrote:
> Agree Intel needs to do a much better job documenting the capabilities,
The most detailed documentation Intel has issued on the ME is probably
the 2014 book "Platform Embedded Security Technology Revealed" by Dr.
Xiaoyu Ruan, who is an Intel employee who has a major role in designing
software for the ME. It's not really a ME design document so much as a
book about designing hardware/software secure platforms that uses the ME
as an example and goes into some detail about its design.
Not all Intel chipsets support AMT (check Intel's website for which ones
do, but most consumer PC/laptop chipsets don't), and for every version
of ME firmware there are two releases, one for chipsets with AMT support
and one for chipsets without. Chipsets which support AMT can have the ME
firmware updated remotely if it's signed properly and the AMT password
is entered or bypassed somehow. Chipsets without AMT support cannot be
updated remotely AFAIK.
If somebody got their hands on the Intel ME toolset and private signing
keys they could create a custom version of ME firmware that could do
just about anything, including accessing almost all the PC's RAM at any
time. But getting it on the machine is the trick. Without AMT support it
would require physical access to the machine, but then you can do just
about anything anyway with physical access.
> Could always use a third party NIC instead of the
> onboard one too.
More information about the tor-talk