[Cryptography] Intel Management Engine pwnd
James A. Donald
jamesd at echeque.com
Tue Nov 28 20:57:00 EST 2017
When used in accordance with official use, it listens on a certain port,
like any other service.
But since normal code manages listening on ports, how does the
management engine do this. How does the management engine hook your
tcp-ip stack?
For your tcp-ip stack is implemented by diverse operating systems in
diverse hardware and software.
Suppose, for example, you installed ubuntu. Obviously your ubuntu
software does not provide this port number and this service. Your intel
chip, in order to provide a service on that port, is going to have to do
something the authors of Ubuntu did not expect. What is it doing? It
is going to have to hack Ubuntu. Listening on a port is not a chip
level function.
This seems fragile, complex, and likely to break. Suppose you install an
unexpected operating system.
---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
More information about the cryptography
mailing list