Talk:Intel Management Engine

Latest comment: 1 year ago by 2A0A:A546:FE76:1:7634:A54A:79A9:F2EA in topic So much conspiracy

Good reference from Slashdot?

edit

Slashdot has an entry from someone who apparently was on the teams that designed the ME, quote:

"Actually on ME9 Intel changed the kernel. In ME6 they changed the platform layout.

  • ME < 6: GMCH northbridge and southbridge. ME lived in the GMCH and had full access to RAM even in S5 (off) system state. Kernel is based on ThreadX. CPU is ARM core.
  • ME 6-8, same kernel, but moved to PCH (formerly southbridge) and the CPU gined the GM part of GMCH. Northbridge removed from platforms. ME loses access to RAM in all states besides S0 (on) and has to make do with PRAM on PCH.
  • ME9+: ME now runs on Minix and Quark CPU. Vulnerabilities become an issue.
  • ME10: internal struggle for dominance between kernel and AMT teams (based in US and Israel respectively) leads to departures. (including mine)
  • ME11 (12?): US team is disbanded."

From: https://it.slashdot.org/comments.pl?sid=11385971&cid=55595459

Worthwhile with someone with knowledge to incorporate?

- Master Of Ninja (talk) 17:31, 21 November 2017 (UTC)Reply

Intel quote

edit

The Intel quote is a classical non-denial denial spin. I think it is very problematic to put this quote into the article without anything else to counterbalance it. I agree that the source I provided is not the best one and it is clearly speculation, without providing any evidence. However, I think Intel spin + Open hardware producer speculation is more NPOV and less problematic than Intel spin alone. --rtc (talk) 22:23, 30 November 2017 (UTC)Reply

I think we need something better than an advertisement for a competing product. A basic tactic in an ad is to undermine the competition's credibility. If this statement is reasonable I think someone else must say something similar in a more neutral context. I agree, Intel did not say "there is no backdoor" only "we do not install backdoors" but this phrasing could as easily come down to epistemology as avoiding making a statement. Also, if they had only said there was no backdoor in these particular products it would leave open the question of whether there was in any Intel product. So I don't think it is really an unreasonable way to address the issue. —DIYeditor (talk) 00:40, 1 December 2017 (UTC)Reply
"Intel does not and will not design backdoors for access into its products. Recent reports claiming otherwise are misinformed and blatantly false. Intel does not participate in any efforts to decrease security of its technology." Is this the intel quote which Rtc is referring to? I'm assuming so... 67.233.34.199 (talk) 15:17, 5 January 2018 (UTC)Reply
See what you think of this edit shifting the quotes mostly to a subsection. The WP:LEAD should summarise, not introduce new material. In a subsection, I don't see a big problem quoting Intel. In the lead, summarising the quotes as a "generic denial" is my attempt at neutrality - Intel doesn't refer to the ME and doesn't refer to any of the specific technical claims, so "generic" seems fair to me; and "denial" seems fair given that it's qualified by "generic", to make it clear that it's not a direct denial.
As for Intel's specific wording, there's a difference between ME giving Intel access to computers without end user authorisation, versus ME giving NSA (CIA, FBI, Fatherland Security, random Russian crackers ...) access to computers without end user authorisation. So it doesn't directly deny giving access, it denies giving itself access. Boud (talk) 20:17, 23 January 2018 (UTC)Reply
"Also, if they had only said there was no backdoor in these particular products it would leave open the question of whether there was in any Intel product." Possibly. However... Analogy: if someone claimed that he saw me in shop X on street Y in town Z at 12:34 pm carrying a gun and wearing a balaclava when an armed robbery happened, and if my only defence in court were "I'm not a thief", then that would mean I have a hopeless lawyer. Boud (talk) 20:35, 23 January 2018 (UTC)Reply
I disagree, given it is the positive assertion that needs to be proved. A claim of a nonexistence does not need to be "counterbalanced" with a claim of an existence, as the nonexistence is the default. For example, if a climate scientist, on release of a paper, adds the quip, "I did not falsify any of the data," this does not require "counterbalancing" by a climate change denier who jumped in saying, "HE FALSIFIED THE DATA! I JUST KNOW HE DID!" If the denier's conclusion is based on nothing but his prejudice it's not a meaningful criticism. Adding it to a Wikipedia article on the paper would give undue weight to the denier as an authority simply because he publicly whined. *That* would be a NPOV violation, as there's no reason to do so except to edge in the editor's feelings under the cover of "criticism." It's the exact form of "Teach the controversy," in Theory of Evolution denialism. 2601:19E:427F:9D2B:BDF1:6DE8:456:D767 (talk) 18:46, 29 July 2022 (UTC)Reply

Further details requested

edit

Article currently says:

The ME has its own MAC and IP address for the out-of-band interface, with direct access to the Ethernet controller; one portion of the Ethernet traffic is diverted to the ME even before reaching the host's operating system

  1. The references to large PDFs would benefit from page numbers.
  2. Is the IP address acquired by DHCP or hardcoded? If hardcoded, how is it unique and routable? If DHCP, wouldn't this "second interface" show up in the DHCP server's logs?
  3. What port(s) does the ME use for I/O?
  4. Is there some reason why these additional IP addresses and ports would not show up on a routine network scan, e.g. "nmap"?

This information, if someone could add an encyclopedic source, may help owners discover to what extent these features are enabled on their machines. 72.208.150.248 (talk) 15:30, 8 December 2017 (UTC)Reply


What networking capabilities does ME have out of the box? Wired on-board only? Can drivers be installed to support new networking interfaces? --78.49.90.126 (talk) 08:00, 20 June 2019 (UTC)Reply

Backdoor discoverers punished by FBI

edit

We need to add the reason why the links to Embedi etc. in the references do not work anymore (404):

As a result of today’s action, all property and interests in property of the designated persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited from engaging in transactions with them.  [...]
Digital Security was designated pursuant to E.O. 13694, as amended, for providing material and technological support to the FSB.  As of 2015, Digital Security worked on a project that would increase Russia’s offensive cyber capabilities for the Russian Intelligence Services, to include the FSB.  ERPScan was designated pursuant to E.O. 13694, as amended, for being owned or controlled by Digital Security.  As of August 2016, ERPScan was a subsidiary of Digital Security.  Embedi was designated pursuant to E.O. 13694, as amended.  As of May 2017, Embedi was owned or controlled by Digital Security.

https://home.treasury.gov/news/press-releases/sm0410

Not sure how to include it here, especially as I seem to be under WP sanctions myself that may cover this topic, too - see the admin notices on my Talk page.

Zezen (talk) 12:17, 21 December 2018 (UTC)Reply

I fixed the embedi link. Not sure about the 'etc.'.

Metaquanta (talk) 10:04, 30 July 2019 (UTC)Reply

Intel ME : Provided and presented by NSA — Preceding unsigned comment added by 194.12.218.134 (talk) 11:46, 3 April 2020 (UTC)Reply

So much conspiracy

edit

At least have some diginity to link to an official presentation done at BHUSA 2019 https://i.blackhat.com/USA-19/Wednesday/us-19-Hasarfaty-Behind-The-Scenes-Of-Intel-Security-And-Manageability-Engine.pdf — Preceding unsigned comment added by 134.191.232.81 (talk) 09:26, June 14, 2021 (UTC)

I've updated the external links as a talk from Black Hat by two Intel Engineers seems like a great fit for an external links section. Also, consider contributing yourself in the future. The worst that can happen is your edit gets reverted. Somers-all-the-time (talk) 03:05, 27 May 2022 (UTC)Reply
Not everything is a conspiracy theory just because you can’t handle reality. XD
My parents worked in the intelligence community until their retirement (mom’s an intelligence officer and dad’s a investigative journalist and war correspondent), and I can assure you that things are usually way crazier and bigger than those conspiracy theorists could come up with. … Yes, of course the silly ones are nonsense. There’s no lizard people or flat earth or time cube etc, and we definitely went to the moon and you can check. But many of the powerful and not unbelievably crazy conspiracy theories are spread by intelligence agencies to discredit and poison the actually true parts that leaked anyway. ^^ (And some are e.g. child abuse and cult organizations deliberately acting crazy so nobody will believe their victims. This is where that “alien abduction / probing“ stuff comes from. … The rest is probably just good old schizophrenia (aka religion).)
The funny part is that even with hard evidence, like the Snowden leaks, people claim it must be conspiracy theorists, hiding under their beds, lurking in the shadows, ready to attack… whenever anybody claims anything that is simply beyond what the average sheltered citizen is able to handle. I always had this problem as a teen telling people about what my parents worked on. We literally had high-quality video evidence that we could show them in the case of my dad, yet people just closed their eyes and went “lalalalalaaa, not true! debunked! omg!”. … Notice how the Snowden leaks actually strengthened the NSA / Five Eyes. Because the sheltered majority just doubled down on their denial. Just like conspiracy theorists but with the opposite polarity.
So to you, dear sir, I say: Go away, you conspiracy theorist! — 2A0A:A546:FE76:1:7634:A54A:79A9:F2EA (talk) 17:53, 30 October 2023 (UTC)Reply

So where /is/ it?

edit

Early para of the article says it's in the PCH chip, but the PCH article says that's been moved to a second die in the CPU encapsulation. This is quite important, since it moves the focus from "computers designed with this supporting chipset have a potential backdoor" to "computers deigned with this CPU have a potential backdoor". MarkMLl (talk) 12:02, 16 July 2023 (UTC)Reply

It’s inside the CPU. Basically it’s a completely separate CPU and computer, that has been embedded into the main CPU, runs e.g. Minix, and has supreme control while being invisible. This goes so far as it being able to use wifi while the main CPU and computer is completely shut off, merely running on the 5VSB that exists so the power button on the front of the computer works. … The original idea was to enable wake on (W)LAN, so administrators in a company can e.g. update or configure a system remotely, without having to walk up to the box, even when the thing is “off”. … Obviously the security implications of that are beyond insane. Especially with the existence of „national security letters“ that can force Intel to put a backdoor in and not tell anyone, even if Intel wouldn’t want to. (Or the equivalent for anyone else involved in manufacturing the thing.) — 2A0A:A546:FE76:1:7634:A54A:79A9:F2EA (talk) 17:36, 30 October 2023 (UTC)Reply

The most important part is missing yet again. Typical Wikipedia!

edit

What is the IME FOR? Its actual purpose and job are never described in the article as is is right now. … It’s like describing a wheel as a round disc with a hole in it, and leaving it at that… without ever describing that it exists for avoiding friction and hence energy when transpoting thigs, by rolling and a small friction surface. … This is, sadly, extremely common on Wikipedia, and completely toxic. 2A0A:A546:FE76:1:7634:A54A:79A9:F2EA (talk) 17:30, 30 October 2023 (UTC)Reply