[tor-talk] Intel ME / AMT + NSL vs Tor Nodes
podmo at sigaint.org
Tue Dec 20 01:04:19 UTC 2016
On 19 Dec 2016 23:05 Roman Mamedov wrote:
> It can mess with your apps, OS and
> security in all sorts of interesting ways, and you can NOT be absolutely
> certain that it doesn't.
No, but you can say the same about any complex system unless you built it
yourself. How do you know for sure the processor you are using doesn't
have an undisclosed equivalent to ME? If it's been audited, how do you
know the company doing the audit isn't compromised? Not much point
rehashing the entire Trusting Trust discussion.
I'm going to rely on Intel not wanting to sabotage their own company but
still wish they would provide better documentation and while I'm at it, an
easily accessible jumper or BIOS switch to disable it. Meanwhile, I'll
focus on standard security practices such as OS hardening, network
firewalling, sandboxing, etc. I'm fully prepared to retract this if actual
evidence shows up but at this point all of these have a better ROI against
attackers than chasing shadows or worrying about FUD.
More information about the tor-talk