Intel Management Engine bug. Intel won't fix for Core i Gen 1, 2, 3

Are we certain this is a solution? Are we sure Intel ME cannot intercept buffers from hardware it doesnt directly integrate with? I was under the impression the ME was actually doing some virtualization of the network stack regardless of specific network device.

>if you send a string of magic packets to the Management Engine interface you can run arbitrary code on the embedded CPU

Gee, doesn't this sound familiar...

Attached: 1493732584146.png (1920x1080, 1.87M)

How else would you design it if you were the NSA? They probably have some static website with some javascript they can point at any intel-equipped host to run commands, extract reports, etc. It would be that simple if the ME is running a HTTP stack.

>risc v and open source arm hardware
they will never defeat amd64 in performance
>with libreboot
i sure like to use trannyboot and later that faggot to bitch about stallman

That's really bad.

>they will never defeat amd64 in performance

never is a strong word. most of the competitive advantages of Intel's offerings is patent protected. such as AVX. these patents even impact GPUs and other computing devices.

Just get a librebooted X200 and be done with it. or Talos II if you can afford it.

Of course they won't fix Gen 1-3, why spend money making the firmware when the consumers can spend the money instead on a shiny new 8086K?

That aside, I'm quite pissed they are not fixing it for Ivy Bridge-E/P either. (They use IME 8.X) They are released IN TANDEM with Haswellet CPUs.

>what options do I have?
Take them to small claims for the cost of replacement?
This Both preferably.

>Take them to small claims for the cost of replacement?
weak. just gotta encourage more class actions.

class actions are proven to have greater economical impact on corps.

i have an i3 6100 how can i join a class action lawsuit?

Well I guess it's about time I replace my ivy bridge laptop anyway.

yeah, i'm pretty sure there's some standard that most NIC manufacturers implement to integrate with this cancer.

>stallman was right all along
And water is wet

>Intel won't fix for Core i Gen 1, 2, 3
They crossed the line this time. How could they do that to SB/IB?

Attached: 1447161347847.jpg (1846x1923, 607K)

OY VEY
THE GOYIM CAN'T KNOW ABOUT THIS

Attached: 1471870733389.jpg (408x632, 32K)

>http handler of AMT
So for those who don't know already know, this is a fancy way of saying that the network interface of the IME is vulnerable. The IME itself is a small ARC or 486 based low power core. It's always on as long as it can pull power from a battery or the wall. The firmware for this device is stored in the same ROM chip as the BIOS/EFI or other main boot firmware. This ROM is actually EEPROM, meaning you can reprogram it with an SPI flasher. The IME firmware itself is very modular to allow flexibility for OEMs, and the AMT is just one module of many. There are modules for TXE and TPM emulation as well, SPI modules, etc. The module that allows it to execute any "user" or "complex" code at all is the KERN or KERNEL module which has a MINIX based kernel. It handles scheduling, memory, and all the other good stuff an embedded kernel does. The only other important module we need to know about is the BUP, or Bring UP module. It contains small amounts of code that will boot the main CPU cores and then hand off the boot process to the system BIOS/EFI. All other modules aside from the partition table with a hard location for the BUP and the BUP itself can be removed and the PC will boot fine, sometimes with a 5-10 second hang but nothing worse.

The me_cleaner project will have more documentation on this. You can use it to strip out your botnet IME components. Coreboot (a FOSS BIOS replacement) is optional. This method will also be a permanent fix, since the IME firmware regions of the boot ROM are not even readable from the OS. The http attack will no longer work since there's no http handler and no AMT at all, and no kernel to run them anyways.

>inb4 why isn't this in libreboot
Because freetard trannies have their undies in a bunch over a couple hundred kb of harmless boot code.

Attached: 1527149218081.jpg (738x741, 79K)

this

I've been putting off doing this for my X220 because there were some issues last I checked, plus you need to buy hardware to flash.

They want you to buy new CPUs

Buy libre hardware while you can
It's going to be a wild ride

Attached: 1494630731421.jpg (3872x2592, 1.01M)

Do AMD processors have this same backdoor?

great, thus Ryzen will soar.

nope.

Seriously. Stop finding those new exploits and bugs, every week new major bug surfaces... I'm rly getting tired of this shit...

Some have PSP, but it's not the same thing and you can easily disable it.

oy vey

>Its not the same thing
>You can easily disable it
Why would someone go on the internet and lie to protect the reputation of a brand?

How does it feel to be an absolute brainlet?

Attached: IMG_20171206_145355.jpg (1321x991, 155K)

NSA are the good guys. You have nothing to fear, unless you're a dirty foreigner.

I surely won't be buying Intel again. They can fuck right off to Jew hell.

Attached: 1505658019644.gif (460x345, 492K)

You can apparently do it with AMT flasher, but the fuck who maintains ME Cleaner refuses to provide any documentation as to how to do this because it's vile non-free software, even though some official writeup would help, given lots of people have bricked their boards due to how each board works weird in it's own way with software flashing

>When you shut something off in bios that means its really off.
The absoloute state of amdsoys.

...

If you fell for the rpi meme you already have a ISP
You just need a soic8 clip and breadboarding wires

Prove it is still on
At least the option is there and not hidden behind
Some obscure flag being set in a MSR

What's the diff from the DIA/FBI?

Okay then I guess you can disable the intel me too. Hilarious, you fanboys would never accept
>Prove its still on.
from some intel dickrider.

>avoid answering the question and offer ad-hominems and persecution complex in return

>unless you're a goy
fixed that for you, you filthy kike rat

>what options do I have?
Get a fucking job you worthless pleb.

kike

"1st, 2nd, 3rd, 4th, 5th, 6th, 7th, & 8th"
Hahahaha... great consistency. Intel shils btfo

Great argumens kid. I hope intel is paying you much.

Oh bloody hell. Pic

Attached: Screenshot_2018-07-23-08-50-21.png (1440x2560, 357K)

you just don't enable AMT in BIOS you fucking gay retard. It's disabled by default btw.

>Anyone thinking they'll actually be targeted by this

Okay buddy. You can turn off intel me by turing off netwoork booting. Prove that it is still vulnerable. Oh wait you can't.

I almost forgot you can turn off, intel am5 itself in bios. Now prove that it will still be vulnerable to nsa backdoors. Or just stop being a retard and admit that the same thing applies to amds remote management bullshit.

Problem is most people don't care enough about something like this. It doesn't interrupt the normal usage of a machine, so they don't give a fuck.

>it's nothing goy

>stallman
>right
No. He's a kike. A kike always lies and cheats.

He'll always be right regardless of your butthurt, proprietary faggot

>t. kike

Nice try propriertary scum

Go back to the oven, Jew.

Die in a fire, proprietary schlomo