Linked by Thom Holwerda on Tue 10th Oct 2017 23:45 UTC

The Intel Management Engine ('IME' or 'ME') is an out-of-band co-processor integrated in all post-2006 Intel-CPU-based PCs. It has full network and memory access and runs proprietary, signed, closed-source software at ring -2, independently of the BIOS, main CPU and platform operating system - a fact which many regard as an unacceptable security risk (particularly given that at least one remotely exploitable security hole has already been reported).

In this mini-guide, I'll run through the process of disabling the IME on your target PC.

Apparently, the IME co-processor runs... MINIX 3. That is incredibly fascinating. This means every post-2006 Intel PC runs MINIX.

Thread beginning with comment 649766
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Interesting process but ...
by Flatland_Spider on Wed 11th Oct 2017 17:20 UTC in reply to "Interesting process but ..."
Member since:

IME is a security risk. The AMT/vPro security holes of the not too distant past illustrate the problem of this technology, and without a compelling reason to keep it around (ie. corporate setting which uses it for remote administration and provisioning of desktops), it should get nuked.


Edited 2017-10-11 17:23 UTC

Reply Parent Score: 3