No one is talking about Intel ME, do we have solution or theories to find a way to bust it?

Because an AMD/ARM/[shady hardware vendor] botnet is better.
I don't look like the unabomber.

>AMD FX series is more than enough for computer work
For (Your) computer work, maybe.

>Because an AMD/ARM/[shady hardware vendor] botnet is better.
AMD FX series doesn't have AMD's equvalent f intel's ME, what's it called again? secure processor or some shit?

Ah ok now it makes sense.
Yeah AMD, at least up until the inclusion of the PSP, seems pretty safe.

>i5 2500
hardenedlinux.github.io/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html
Why are you losers here if you can't even neutralize ME?

kys, gamerfag

Platform Security Processor

>No one is talking about Intel ME
But I am!

me_cleaner, the reserve_hap trick
why exactly did it blow up right now? people have known about this for years

I haven't all day to wait for my spatial analysis, renderings, DAW DSPing etc.

>why exactly did it blow up right now? people have known about this for years
this

Not a problem on my end, OP. :へ)

>neutralized
Nice proprietary software, fag!

use a rendering farm idiot

I can't, it's a botnet.
Also, some of those tasks can't be parallelized.

I'm mean i've got a x200 which i don't use but coreboot or libreboot is simply way out of my league for me to do. Defcon talks make me aware of the intel ME.

Trully a beautiful machine i must say.

>Because an AMD/ARM/[shady hardware vendor] botnet is better.
None of those have anything like what Intel has.

Except they have.
AMDs (PSP) was honorable mentioned in the botnet paper from one year ago or so.
As for the rest, you can be assured that many SOCs are botnets.

pls no bully
I have a libreboot machine, too. I did remove ME, not just neutralize it.

ME_cleaner effectively cripples it. No need for memeboot anymore.

>AMDs (PSP) was honorable mentioned in the botnet paper from one year ago or so.
no they weren't.

>No one is talking about Intel ME
We have threads about it every fucking day for as long as I can remember. What the fuck are you on about?

My theory is that although there might not be an explicit back door built in the sneaky roaches at Intel probably devised a hidden exploit that they left in to use one day.

twitter.com/h0t_max/status/928269320064450560

someone explain this for a brainlet like me please

Which one - the ThreadX on ARC or the MINIX on x86?

This, there's an easy way around it now.

Next task: the ARM core in AMD's Secure Processor (formerly PSP), and its seL4 microkernel-based firmware running in TrustZone.

There aren't any bugs in seL4 (it's formally verified!) but remember it's just a microkernel and that doesn't mean the rest of the ecosystem is sound.

Killed two Ryzens so far, the process doesn't polish easy.

Sel4 is only secure if all policies and implementations are perfect. In practicsl uses, sel4 is not formally secure

Coreboot is also removing the ME botnet, right? My thinkpad is not compatible with libreboot.

JTAG is a debugging interface that gives a developer total control over a chip at the silicon level - it's not some program running in an OS that you interface with. It's very popular across a wide array of chips from ARM to AVR to x86. Prior ME exploits achieved potential arbitrary code execution in the OS, but Intel quickly patched it, and it required the corporate build of AMT to be present, which isn't normally seen on consumer-level boards.

This exploit makes use of something called DCI which is an Intel proprietary debugging interface that makes use of the PCH's existing USB ports. Basically, when it's used as a debugging port, it can't be used as USB and vice versa. DCI uses a completely different logical interface/protocol compared to USB, but Intel is using the same PHY layer to send/receive the data. DCI is supposed to be disabled by the OEM before shipping production boards, but apparently someone goofed or these guys figured out how to re-enable it.

Simply put, this isn't something Intel can patch, unless they can possibly do it with a firmware update to the ME, but I doubt it.

It's over, dude. We lost.
The only thing left to do is lead honest lives with nothing to hide

holy-o-fuck
is this the time where you get to a pc plug in a usb stick and "copying the files..." without bypassing software/hardware locks just like in the movies?

Dude, just use the ME cleaner and also set the HAP bit in the firmware image. After that, not only will it cleanly shutdown, but you've gutted every other part of the firmware so that it can't do shit even if it wanted to.

Buy AMD

You wanna know the real solution?

Don't use a physical connection into your nic.

Remote attacks using ME require two things; power, to the pc, and a physical connection in the motherboard.

proof. also proof that the ME has ever been used? Wireshark could pick it up. Ive never see any.

>Wireshark could pick it up
Unless you use another pc as the gateway, it couldn't.

Not on the same system, you got no access on init 0 and less.
If you're really interested you could set up a traffic catcher, wired would be the easiest, however since it's telemetry, you would need to catch even the smallest packet... That if Intel uses an standard tcp connection.

The fact of the matter is that there isn't even an ounce of evidence that intel ME has ever been used once. Are they that good at hiding and obfuscating?

>using your trump card freely
come on son
would you use it if you were in the NSA's position?
it'd be best to use it discretely against single targets

I mean damn dude it's hard to believe in something I've never seen before. You'd think someone would've gathered something to show malicious use -- or use at all. This ME scare tactic has been around for years

>hard to believe in something I've never seen before
I'm not sure what you mean by this exactly, the Intel ME is advertised by Intel themselves.