Even though AMT isn't active on non-corporate machines, is it unreasonable to assume, that it could be remotely activated?
A mechanism whereby the ME activates its full AMT feature set on receiving a magic packet doesn't seem that far fetched. All that's required is the ME listening for some magic number in an IP packet, which may include an encrypted payload instructing the ME what to do.
This would make be virtually undetectable, since the ME has access to strong crypto and possibly (?) a public key controlled by Intel or another entity.
This may sound like a conspiracy theory (and actually be one), but the risk seems real, and the implications drastic, since the ME has far more control over the system than its owner or user.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Magic Packet
Date: 2017-12-06 11:54 pm (UTC)A mechanism whereby the ME activates its full AMT feature set on receiving a magic packet doesn't seem that far fetched. All that's required is the ME listening for some magic number in an IP packet, which may include an encrypted payload instructing the ME what to do.
This would make be virtually undetectable, since the ME has access to strong crypto and possibly (?) a public key controlled by Intel or another entity.
This may sound like a conspiracy theory (and actually be one), but the risk seems real, and the implications drastic, since the ME has far more control over the system than its owner or user.