So, to get down to brass tacks: If I can get to the chip mask pre
lithography, how many gates do I need? A thousand for a kill switch
and three thousand for a connection?
You can also manipulate other parts of the machine. With features present in vPro all that's needed is a "buffer overflow" hidden "bug" that allows remote control. The "bug" might even be hidden in non-spec gates or code flashed into it later.
Bottom line: no defense when you use vPro capable Intel chipsets.
This is a massive problem for me as someone who'd like to produce a secure system. If the NSA can remote enable vPro anytime they like, what am I going to do at any other level? There's plenty of tricks you can pull to make it seem they didn't use vPro, as vPro usage is pretty much undetectable. Think manipulation of random number generation making it seem they have some unknown random number generator attack, when in fact they just manipulated it.