Even though AMT isn't active on non-corporate machines, is it unreasonable to assume, that it could be remotely activated?
A mechanism whereby the ME activates its full AMT feature set on receiving a magic packet doesn't seem that far fetched. All that's required is the ME listening for some magic number in an IP packet, which may include an encrypted payload instructing the ME what to do.
This would make be virtually undetectable, since the ME has access to strong crypto and possibly (?) a public key controlled by Intel or another entity.
This may sound like a conspiracy theory (and actually be one), but the risk seems real, and the implications drastic, since the ME has far more control over the system than its owner or user.
Magic Packet
A mechanism whereby the ME activates its full AMT feature set on receiving a magic packet doesn't seem that far fetched. All that's required is the ME listening for some magic number in an IP packet, which may include an encrypted payload instructing the ME what to do.
This would make be virtually undetectable, since the ME has access to strong crypto and possibly (?) a public key controlled by Intel or another entity.
This may sound like a conspiracy theory (and actually be one), but the risk seems real, and the implications drastic, since the ME has far more control over the system than its owner or user.