Disabling the Intel Management Engine

  By Thom Holwerda - Posted on 2017-10-10 23:45:15 UTC at http://OSNews.com

The Intel Management Engine ('IME' or 'ME') is an out-of-band co-processor integrated in all post-2006 Intel-CPU-based PCs. It has full network and memory access and runs proprietary, signed, closed-source software at ring -2, independently of the BIOS, main CPU and platform operating system - a fact which many regard as an unacceptable security risk (particularly given that at least one remotely exploitable security hole has already been reported).

In this mini-guide, I'll run through the process of disabling the IME on your target PC [https://wiki.gentoo.org/wiki/Sakaki%27s_EFI_Install_Guide/Disabling_the_Intel_Management_Engine].

Apparently, the IME co-processor runs... MINIX 3 [http://blog.ptsecurity.com/2017/08/disabling-intel-me.html]. That is incredibly fascinating. This means every post-2006 Intel PC runs MINIX.

Original story page here.

Copyright OSNews.com 1997-2006. All Rights Reserved. OSNews and the OSNews logo are trademarks of OSNews.
All trademarks, icons, and logos, shown or mentioned in this web site, are the property of their respective owners.
Reproduction of OSNews stories is granted only by explicitly receiving authorization from OSNews and if credit is given to OSNews.
Privacy statement   -   Notice to Bulk Emailers