The Intel Management Engine: an attack on computer users' freedom
Polytropon
freebsd at edvax.de
Sat Jan 13 02:38:47 UTC 2018
On Fri, 12 Jan 2018 13:21:29 -0700, JD wrote:
> Will *-BSD distro OS'es be able to defeat or disable this attack?
Regarding the Spectre and Meltdown attacks, please refer to
the discussion which already took place on this list and on
others (check the archives). Also see:
https://lists.freebsd.org/pipermail/freebsd-security/2018-January/009719.html
https://forums.freebsd.org/threads/63985/#post-371432
https://www.freebsd.org/news/newsflash.html#event20180104:01
To see the presence of the ME as an attack is possible. But
as it operates way below the OS level, there is not much the
developers of the BSDs can do about that. _You_ need to take
action. One option is to remove devices that have Intel ME
from your installation and replace them with devices that
don't.
Additionally take into mind that "below OS" hardware and soft-
ware / firmware is also present in smartphones, in hard disks,
and in USB sticks - nearly everywhere. What can anybody do
about this? Not much, sadly...
This illustrates that you can hardly avoid closed-source
technology that is effectively in control of your hardware
without any OS interfering.
Further information about Intel ME details from 2017's 34C3:
Maxim Goryachy and Mark Ermolov:
Inside Intel Management Engine
https://media.ccc.de/v/34c3-8762-inside_intel_management_engine
http://cdn.media.ccc.de/congress/2017/h264-sd/34c3-8762-eng-deu-Inside_Intel_Management_Engine_sd.mp4
Igor Skochinsky and Nicola Corna:
Intel ME: Myths and reality
https://media.ccc.de/v/34c3-8782-intel_me_myths_and_reality
http://cdn.media.ccc.de/congress/2017/h264-sd/34c3-8782-eng-deu-fra-Intel_ME_Myths_and_reality_sd.mp4
--
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
More information about the freebsd-questions
mailing list