[Whonix-devel] Fwd: Re: [coreboot] Intel ME Question

bancfc at openmailbox.org bancfc at openmailbox.org
Sat Dec 24 16:15:56 CET 2016


A reply from an authorative source. Igor has done some excellent RE work 
on ME.

-------- Original Message --------
Subject: Re: [coreboot] Intel ME Question
Date: 2016-12-24 10:50
 From: Igor Skochinsky <skochinsky at mail.ru>
To: bancfc at openmailbox.org
Cc: coreboot at coreboot.org

Hello bancfc,

Friday, December 23, 2016, 9:13:16 PM, you wrote:

boo> Hi,

boo> Seeing that many of you know a lot about Intel's ME I wanted to ask 
a
boo> couple of things if its ok.

boo> * Is the ME network accessible on all Intel chips or only the vPro 
ones
boo> with AMT?

IIRC there were some mobile variants which had access to the wireless
3G chip (for Anti-Theft) but AFAIK this functionality has been dropped.
 From what I've seen in the common firmwares, only the corporate/AMT 
(5MB) firmwares include the
networking stack.

boo> * I saw an interesting take on this in the link below, instead of 
the
boo> usual FUD surrounding this topic whenever its mentioned. What is 
your
boo> take on what he says?

boo> 
https://www.reddit.com/r/onions/comments/5i6qa3/can_the_nsafbi_use_intel_me_to_defeat_tor_on_95/

I call FUD on the "keys being traded underground". I highly doubt that
even Intel is careless enough to expose the ME signing keys in the
clear. Most likely they use a HSM for signing firmwares and the actual 
keys never
leave it. What  I *could* buy (but doubt it happened) is that they may
have signed some specific firmwares "on special request". In any case,
the NSA etc. do not need ME to achieve their goals - there are plenty of 
other
low-hanging fruits starting with good old phishing/social engineering
and multitude of  OS/application bugs.


More information about the Whonix-devel mailing list