[Cryptography] Intel Management Engine pwnd
Nemo
nemo at self-evident.org
Thu Nov 30 12:52:30 EST 2017
"James A. Donald" <jamesd at echeque.com> writes:
> If I install a network interface controller purchased from Ebay, would
> that leave the Intel Management Engine high and dry?.
Not necessarily...
https://en.wikipedia.org/wiki/Management_Component_Transport_Protocol
MCTP is the universal back door. If someone controls your management
engine, they also control any NIC whose "feature" set includes MCTP.
This has received far less attention than it deserves, in my humble
opinion.
- Nemo
More information about the cryptography
mailing list