More good news from Intel
“In practice, it can give an attacker complete control over an individual’s work laptop, despite even the most extensive security measures.”
“The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorized user from booting up the device or making low-level changes to it, does not prevent unauthorized access to the AMT BIOS extension.“
Convenience is starting to look like a bad idea
@cypnk holy fuck... WOW
@kurtm That's true. But I don't take anything for granted anymore. I can't read the BIOS firmware so I have no idea what voodoo is taking place behind these screens
This is probably a placebo in some ways since "off" doesn't seem to mean that in some cases
@cwebber Yes, but AMT is still widely deployed. The issue (according to the article) is that TPM can be bypassed easily, which means any intruder can inject traffic into or out of any system with AMT enabled
Encryption won't really help here since the system starts pre-boot. So that's a handy backdoor to intercept your keys too
It's a huge mess!
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!