Linked by Thom Holwerda on Tue 10th Oct 2017 23:45 UTC
Intel

The Intel Management Engine ('IME' or 'ME') is an out-of-band co-processor integrated in all post-2006 Intel-CPU-based PCs. It has full network and memory access and runs proprietary, signed, closed-source software at ring -2, independently of the BIOS, main CPU and platform operating system - a fact which many regard as an unacceptable security risk (particularly given that at least one remotely exploitable security hole has already been reported).

In this mini-guide, I'll run through the process of disabling the IME on your target PC.

Apparently, the IME co-processor runs... MINIX 3. That is incredibly fascinating. This means every post-2006 Intel PC runs MINIX.

Permalink for comment 649790
To read all comments associated with this story, please click here.
bassbeast
Member since:
2007-11-11

The article claims AMD has an equivalent but all I have found is a bunch of FUD that all link back to a couple of 2012 articles saying "AMD has licensed Trustzone and plan to use it in the future" but I have found ZERO evidence they ever did anything with ARM Trustzone other than use it for the console APUs they sold to MSFT and Sony.

With the Intel version you can find code for the IME, you can find where it is on the chip layouts, I have scoured over everything I can find on AMD chips and have found exactly squat when it comes to AMD having their own IME, instead it all comes back to those same couple of 2012 articles. Even AMD's Trustzone page hasn't been updated since 2013 so unless someone can show us some current code or chip layouts showing Trustzone on current AMD processors? I'm calling FUD.

Reply Score: 3