1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-12-18 06:42:10 +00:00
seirdy.one/content/notes/intel-me-rootkits.md
2022-10-23 14:55:38 -07:00

1.6 KiB

title date replyURI replyTitle replyType replyAuthor replyAuthorURI
Intel ME rootkits 2022-10-19T13:20:19-07:00 https://mastodon.social/@byterhymer/109181969125151465 Don't forget there have already been Intel ME rootkits too SocialMediaPosting @byterhymer@mastodon.social https://mastodon.social/@byterhymer

I know of two Intel ME rootkits that didn't involve Intel AMT; the latter can be enabled/disabled on "vPro" chips. One rootkit was from 2009 and seems less relevant now; the more recent of the two was by {{}} and {{}} at Black Hat Europe 2017: {{}} (application/pdf).

Without AMT, they required physical access. Most PCs are woefully unprepared against the sorts of attacks enabled by physical access, and ME is only one entry in a long list of issues.