Intel botnet confirmed

We know it saves passwords, we don't know what they do with it, but we know the NSA is able to access it. So it is a security threat because that technically means that a criminal might in the future access that shit as well. Which is why Google worries about it so much

So, how does that magic hidden os know when you are just typing whatever and when you are putting a password? And how can 2 OS be loaded at once if your main OS is not multikernel?

>So, how does that magic hidden os know when you are just typing whatever and when you are putting a password?

Because it can access anything that you can access and any text-box where you input passwords is clearly marked as such.

>And how can 2 OS be loaded at once if your main OS is not multikernel?
It has nothing to do with your OS, your OS can't even access it (because it's Ring -3 and the lowest a user can go is Ring 0, like TempleOS for example), but Intel's hidden OS can access your OS and anything else in the machine.

I made an Intel ME general (/imeg/) copypaste.

>What is the Intel Management Engine?
The Intel ME is a small co-processor located in the die of modern Intel CPUs. It's advertised as an enterprise feature, but is dangerous for home users that don't need it. You can't buy any modern Intel chips without it. The ME is dangerous because it has access to all of your memory (RAM and hard disks) and access to your OS network stacks, or it can set up its own network stack in memory if no OS is present. This means that it could potentially phone home to Intel or the CIA niggers and feed them every single one of your rare pepes and anime girls. The ME is always running even when the PC is off as long as power is supplied from the wall or a battery. Removing the ME firmware completely or destroying the ME hardware renders the PC completely unbootable, or may trigger the 30 minute boot loop where it shuts down every half hour.

>But no vulnerabilities have ever been found, r-r-right?
Wrong. There's an optional (optional for the board vendor) firmware frontend for the ME called AMT which can emulate a serial connection for remote keyboard input, which is one of the official enterprise "features" I mentioned above. There was a proof of concept attack done that would allow an attacker with access to your network to pass data from machine to machine silently and you wouldn't be able to tell if it was happening, since the ME operates at the hardware level of your PC. Just search for "Intel ME vulnerable" and be amazed.

>So what are my options right now?
You can use some really old Intel x86 hardware that's from the early Core2 era, or MIPS, or SPARC, or ARM, or AMD stuff from 2011 or before. For some Core2 machines that have the ME you can use Libreboot which contains replacement firmware that completely disables it. The final and newest option is a project by Nicola Corna called ME Cleaner, which essentially neuters the ME and renders it harmless on your system.

web.archive.org/web/20171107190104/http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

cont.

>What's the ME firmware like?
The Intel ME firmware is stored on the same ROM chip as your BIOS/EFI. The ME firmware itself is highly modular providing flexibility for board vendors. We can use this to our advantage by stripping out the modules that are harmful, and ME Cleaner automates that process. The ME firmware consists of a few basic modules; ROMP (only one some chipsets, starts the BUP securely), BUP (low level hardware init, controls 30 minute watchdog), KERN/KERNEL (scheduler, oversees and loads other modules), POL/POLICY (high level hardware and software [AMT] init), NFTP (networking stuff).

>What does ME Cleaner do?
It strips the ME firmware all the way down to just the ROMP (if available) and BUP so that the ME is only doing basic hardware init at boot and power management in the form of shutting off the 30 minute watchdog to prevent the bootloop problem. You use ME Cleaner by first dumping the BIOS ROM. To do this you need to hook up a SPI clip and connect to a Raspberry Pi with Linux where you can run flashrom to interface with the BIOS chip. Once you have a old-firmware.bin (you can name it anything) you run ME Cleaner on that file which will produce new-firmware.bin which you can flash back to the ROM. It's that simple. If anything goes wrong you can just restore to the original dump.

>muh AMD!
If it's anything made 2012 or later it has a PSP, which is basically the ME with more uncertainty and less documentation.

>muh Applel!
Macs have the ME too.

Resources:

>ME Cleaner project:
github.com/corna/me_cleaner
>General ME info from Libreboot project:
libreboot.org/faq.html#intel
>HAP bit because even CIA niggers don't trust the ME:
blog.ptsecurity.com/2017/08/disabling-intel-me.html

And anyone here can feel free to put this up as a thread any time. A lot of us have known about this for years but newfags need to be educated.

Thank you based friend

No problem. Remember to disable your ME!

>Because it can access anything that you can access and any text-box where you input passwords is clearly marked as such.
that's obvious to you on the screen but a sideloaded system reading bare RAM is not gonna be able to see that bigger picture for a lot of reasons

hollywood IT isnt real

Holy shit, there's a thread for this! It might help

>but a sideloaded system reading bare RAM is not gonna be able to see that bigger picture for a lot of reasons

On Windows it has easy access to any of these .NET addresses (I don't know what they are called because I don't usually deal with that, but every element on a windows machine can be easily accessed. And every password box can be accessed. When you do it from your OS then the password itself is not easily accessible, but the Minix OS can easily access it and bypass anything Microsoft have set in place. Also the same with any password box online which can easily be accessed.)

You can access these things yourself without any programming experience with free RPA tools like uiPath. What they do on Linux machines or Apple I have no idea, but even if you run something on a virtual machine they might use OCR to notice when passwords are written due to certain tell-tale signs like several *** turning up even if it just access the screen. But it can access anything.

It is Google that claims that it saves passwords, I have no idea how they figured it out, but they don't trust even Linux with it so I assume it works on Linux as well even though Linux don't have visual cues like **** when writing your sudo password for example so it likely uses another method.

because no one cares

which isn't even suprising, honestly. literal backdoor with full network stack and webserver hidden in my hardware? why should i, average joe, care? after all, it's not like big companies are gonna spy on me or something

at this point tech companies could introduce a product that's
>basically a camera in your bathroom
>except sometimes you get -20% coupons on your email when device is installed in your home
and people wouldn't even stop to think twice about it. people unconsciously accepted that companies make money on them and simply stopped caring. not like they have any alternative.

i'm kinda happy about future though. imagine this subtle dystopia in which we're all gonna live soon, where information is controlled in a way that makes everyone happy. god i'm excited

>Be (((Tanenbaum)))
>Be visited by Intel spooks interested about the OS for a secret project
>Be asked about possible modifications
>Suddenly Minix is on the news
>Oy Veyy why didn't you told me, Intel?
What a fucking clown. You were in bed with them you faggot.

And knowing how bad do professors code, you can bet it's full of holes.

Because google doesn’t want to use thinkpads from 2009