|Disabling the Intel Management Engine|
|By Thom Holwerda on 2017-10-10 23:45:15|
The Intel Management Engine ('IME' or 'ME') is an out-of-band co-processor integrated in all post-2006 Intel-CPU-based PCs. It has full network and memory access and runs proprietary, signed, closed-source software at ring -2, independently of the BIOS, main CPU and platform operating system - a fact which many regard as an unacceptable security risk (particularly given that at least one remotely exploitable security hole has already been reported).
In this mini-guide, I'll run through the process of disabling the IME on your target PC.
Apparently, the IME co-processor runs... MINIX 3. That is incredibly fascinating. This means every post-2006 Intel PC runs MINIX.
- Intel processor design flaw forces Linux, Windows redesign - 2018-01-03
- Intel plans to end legacy BIOS support by 2020 - 2017-11-20
- Intel, AMD co-develop new processor with Intel CPU and AMD GPU - 2017-11-06
- Purism Librem laptops disable Intel's Management Engine - 2017-10-24
- More related articles