Show threadKevin Karhan Nov 11

@adingbatponder yes as in the #remite part of it is offline so no #AMT functionality.

This is called a "#neutered #ManagmentEngine" and "permanently disable" is also an option on commercial #UEFI|s like #ThinkPad.

Kevin Karhan Oct 8, 2024

@marcan nodds in agreement #Apple doesn't need to have backdoors in Hardware when their entire #iCould is backdoored and can be weaponized to brick devices.

  • OFC similar functionality can be achieved with #CompuTrace on #amd64-based #Laptops (i.e. #ThinkPads) and compared to that, #AMT + #ManagmentEngine is trivial to #exploit and should be considered real #backdoors (abeit "well meaning" in the sense of remote provisioning of entire fleets of devices, but still allowing to bypass the OS and offering DMA access to the CPU, so basically "#pwned")...

Either way, these are not inherent to the used #Silicon, but entirely #Firmware-based.

  • AMT for example requires a "#Intel #vPro" configuration with Intel-made Ethernet NICs (i.e. i2xx & i3xx - Series) with a Q- or C-series Chipset & supporting #UEFI, so most Systems with cheap #Realtek-NICs aren't exploitable straight-away, and even then it requires certain settings to work, so not an easy "#Pwn2Own" style exploitability...
How Tim Cook Surrendered Apple to the Chinese Government

YouTube
Show threadKevin Karhan Apr 17, 2024
@youranonriots isn't that the #webserver that is part of the #ManagmentEngine and #vPro #iKVM?
Kevin Karhan Jun 21, 2023

@stevelord yeah, with all that shit like #ManagmentEngine / #AMT & stuff shoved into systems m, it's no wounder you distrust said tech.

And sadly, that is a legitimte concern based off facts, not paranoia.