The most bullshit piece of proprietary shit we've seen in the last decade.
"The Management Engine (ME) is an isolated and protected coprocessor, embedded in the Intel chipsets."
It's a special chip that comes embedded into every modern intel CPU, and has complete access to the entire system. It's capable of executing signed executables or Java applets and can be accessed over the network. It has its own MAC and IP address, with direct access to the ethernet controller. A portion of the system's ethernet traffic is diverted to the ME even before reaching the host's operating system.
It runs a proprietary, encrypted firmware that nobody has been able to crack and the CPU won't even boot if the ME is disabled or corrupted.
Read more at the FSF
Read more at Wikipedia
Read more from Libreboot
"It's a very large back door for anyone with sufficient knowledge / resources to gain access to anything on your system without your knowledge."
"Kind of like a safe with a second door in the back and a different lock that you don't have the key for ;-)"
"Maybe such things were used in the USSR but they have no place in modern society."
~ Libreboot developer on Freenode
"Kind of like a safe with a second door in the back and a different lock that you don't have the key for ;-)"
"Maybe such things were used in the USSR but they have no place in modern society."
~ Libreboot developer on Freenode
Think you're safe because you use AMD?
The answer is: kind of.
AMD comes with their own System Management Unit (SMU). It's much less well documented, though. As far as we know, it doesn't have any AMT-like remote management (backdoor) things, but it's still a non-free OS loaded at boot time that has access to your entire system.
Video from a hacker who has been trying to reverse engineer the ME