On 09/22/2013 04:05 AM, d.nix wrote:
Hah hah hah. Uh, reading between the lines, color me *skeptical* that this is really what it claims to be, given the current understanding of things...
http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-tech...
---
Security Evaluation of Intel's Active Management Technology VASSILIOS VERVERIS Master of Science Thesis Stockholm, Sweden 2010 [...] During production AMT platforms are equipped with one or more active embedded hashed root certificates (factory default) from various SSL vendors worldwide. [...] In our laboratory environment (see section 3) we have tested and found that the ZTC remote provisioning can be implemented even while the Intel AMT functionality is disabled within the BIOS as illustrated in Figure 3.6. Surprisingly the AMT platform broadcasts an ARP request packet upon connecting to a wired network (typically a LAN) and follows the sequence described in section 3.7.1. From this point and beyond the attacker operates the SCS and could manipulate the PC according to his/her malicious activities (see section 3.7.5) even while the Intel AMT is disabled in BIOS. http://kth.diva-portal.org/smash/get/diva2:508256/FULLTEXT01