The ThinkPad X200 was introduced in 2009 (not 2000); Intel ME has been in all Intel hardware since 2006.

It's not date based, but product line based, old product vs new, both in production at any given time. There's all kinds of secret shit in your closed source, unverifiable, CPU's and software. https://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub/1 https://github.com/corna/me_cleaner https://en.wikipedia.org/wiki/Intel_Management_Engine https://puri.sm/posts/deep-dive-into-intel-me-disablement/ http://blog.ptsecurity.com/2017/08/disabling-intel-me.html AMD (with PSP etc) and Microsoft are filled with their own secret goodies too. And while you can maybe if very lucky, start to find at least some firmwares have been designed out... ARM https://www.raptorcs.com/TALOSII/ You still can't see inside the chips. So until you start demanding and requiring open chips #OpenHW, open fabs #OpenFabs, and open software #OpenSW, you're fucked. Have fun being compromised till then.

It's probably worth noting that Intel AMT (which runs on the ME's controller) is the "enterprise" functionality with the web server and remote provisioning. The ME firmware just does stuff like host the network stack and deal with the hardware support. Maybe it does other stuff. AMT seems to be the really shocking vulnerable component.

...

...

https://www.networkworld.com/article/3236064/servers/minix-the-most-popular-...

You might not know it, but inside your Intel system, you have an operating system running in addition to your main OS, MINIX. And it’s raising eyebrows and concerns

Without question, the revelations about Intel ME are shocking. Sort of like we've known has existed on smart phones for a long while.

The article seems to note that it's only an issue for the "last few years" when I believe it's been found as far back as the Thinkpad x200 (~year 2000), at least.

There are a number of tools on GitHub looking to mitigate ME, such as intelmetool, me-tools and me_cleaner, but one should be EXTREMELY careful about running them as bricking hardware is a real possibility.

Oddly, the article seems to cast Minix as tainted, while Tanenbaum is *really* someone who matters in operating system land in a good way, and everyone should realize that the original Linux was a Minix derivative.