On Tue, Nov 28, 2017 at 8:57 PM, James A. Donald <jamesd@echeque.com> wrote:
unexpected operating system.
The OS has nothing to do with it, other than the proprietary closed source blob called Windows that is sold with Intel / Windows tools to manage other remote Intel AMT/ME instances (ie: in the enterprise and by attackers).
Listening on a port is not a chip level function.
No. It can be a chip level function. Exactly the same as some magic WOL wake on LAN, LOM lights out management, remote KVM key vid mouse, etc all are. Such chips functions just eat the packets from the physical interface before they get to the OS, before the OS sends RST, etc. Further, since nobody has any actual proof or independant certification process as to what exactly is truly inside the chips and devices they're buying, one should not be so hesitant to assume that the damn things are faultless or innocent. Especially given history. Readers of the Intel docs will also note that AMT/ME only did works with certain series of their ethernet controller hardware, at least near while ago labeled with, if recalled correct, an 'L'. Because those are the ones doing the snooping and feeding into the southbridge for processing by AMT/ME firmware therein. #OpenFabs #OpenHW #OpenSW Why are so few demanding this basic requirement of trust? Probably for the same reason they refuse to acknowledge cryptocurrency. They're stupid. And pwnd.