Intel to Deploy Management Engine Lock to Prevent Disabling, Rollback

[OSdevr]

I really don't want to move back to AMD product for a number of reasons, but this issue is really me make me re-think doing so. Then again, I dont have much of anything to hide, it boils down to principle I suppose. I just don't like the idea Intel has implemented this without disclosure from the start. That said, I am very curious what kind of performance increase Intel's 10nm will have. Even if it was just another 10-15% over coffee lake, I would be satisfied, because I am still using a old i7 870, but it works great! I suppose ME wont go away? I do wonder will AMD implement a version of ME?

Unfortunately AMD has their own version of ME, it's called Platform Security Processor (PSP).

 

[biffzinker]

I really don't want to move back to AMD product for a number of reasons

Moving to AMD gets you the same embedded (ARM Cortex A5 using ARM's Trustzone) security processor.

 

[buggalugs]

My brothers x58 system had management engine drivers IIRC, board was a dx58so2.

Either way, it's present on anything newer than or equal to a core 2. Whether or not there are drivers, it's there.

I had an X58/920 system too and there was no IME installation drivers for those boards. Here is the link for the driver support for the Asus P6X58-D Premium motherboard, and there are no IME drivers in the list:

https://www.asus.com/au/supportonly/P6X58D Premium/HelpDesk_Download/

And here is the link for a Asus P67/Sandybridge board that does have IME installation drivers:

https://www.asus.com/au/supportonly/P8H67-I Deluxe/HelpDesk_Download/

Maybe they used them on xeon or something like that, but the Sandy Bridge systems was the first mainstream/consumer platform that used IME installation drivers, that was around 2010. I never like having to install those drivers. I dont know why, I think because I never really understood what they do, besides "security"

 

[biffzinker]

I never like having to install those drivers. I dont know why, I think because I never really understood what they do, besides "security"

Also gets rid of the yellow exclamation icon in Device Manager.

 

[voltage]

ah, so no choice really. since you seem to know much regarding this issue. AMD X86 procs do not use ARM architecture. Are you suggesting AMD took Trustzone security processor and added it to their X86 platforms??? wow if yes...

 

[OSdevr]

ah, so no choice really. since you seem to know much regarding this issue. AMD X86 procs do not use ARM architecture. Are you suggesting AMD took Trustzone security processor and added it to their X86 platforms??? wow if yes...

I'm not certain, but I think the "security processor" in AMD CPUs actually is an ARM core. It doesn't have to be x86 and until recently Intel didn't use an x86 one either.

The security processor is an extra processor added to the main CPU, it doesn't have to be anything like the main cores.

 

[voltage]

OK, got ya. Then, knowing all this info. I ask you your opinion, Why is it that the entire web is freaking out (exaggerating of course to make a point) over Intel's ME, yet no one bitched, moaned or complained over AMD's version??? (ARM's Trustzone)
Another way to ask the same question, why all the Intel bashing and no AMD bashing? any idea as to why?

 

[OSdevr]

OK, got ya. Then, knowing all this info. I ask you your opinion, Why is it that the entire web is freaking out (exaggerating of course to make a point) over Intel's ME, yet no one bitched, moaned or complained over AMD's version??? (ARM's Trustzone)
Another way to ask the same question, why all the Intel bashing and no AMD bashing? any idea as to why?

Possibly because it was recently discovered that Intel ME runs the MINIX operating system and subsequently there have been some bugs and security holes found in it. That and everyone knows about Intel and few know about AMD.

 

[voltage]

Yet, in 2009 there was this claiming MINIX is more secure than Windows itself OR even more secure than Linux. https://www.infoq.com/news/2009/05/MINIX

I suppose its a never ending subject, no matter the angle.

 

[StrayKAT]

Yet, in 2009 there was this claiming MINIX is more secure than Windows itself OR even more secure than Linux. https://www.infoq.com/news/2009/05/MINIX

I suppose its a never ending subject, no matter the angle.

It's not hard to be more secure than linux actually... and that has been the argument between Linus and Tanenbaum since the beginning. Or rather, the argument of monolithic vs microkernels.

 

[OSdevr]

Yet, in 2009 there was this claiming MINIX is more secure than Windows itself OR even more secure than Linux. https://www.infoq.com/news/2009/05/MINIX

I suppose its a never ending subject, no matter the angle.

Ah yes, the micro kernel vs monolithic kernel never ending debate.

EDIT: simultaneous post StrayKAT

 

[R-T-B]

Unpopular, but it's not going to affect the typical user either way. Still, everyone should have options. These are PCs, after all.

It is when spyware begins to hijack it.

I do wonder will AMD implement a version of ME?

They already have, for some time. It's called the AMD PSP.

 

[StrayKAT]

It is when spyware begins to hijack it.

Well, personally, that's not a concern of mine. I haven't had spyware problems for ages... but I'm probably more dilligent than others.

I'd be more worried about a specifically targetted attack.. I can see getting really screwed by a personal enemy (or if I had a business with enemies). But I'm under the radar here too. As are many.

 

[R-T-B]

Well, personally, that's not a concern of mine. I haven't had spyware problems for ages... but I'm probably more dilligent than others.

I haven't either. But we aren't really normal use cases, as you note.

 

[TheLostSwede]

If I'm not mistaken Intel switched to an x86 core with Skylake and were using a different architecture before. Why they didn't use an x86 core to begin with I have no idea.

EDIT: Can't find a source saying they switched architectures with Skylake but they did at least change a great deal of it according to me_cleaner. Also Libreboot agrees that it began in 2006 on the northbridge and was moved onto the CPU with Nehalem (aka the first of the Core i series).

You're correct that they used to use a different CPU architecture before, it was running on an ARC core in the early days - https://en.wikipedia.org/wiki/ARC_(processor)
https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Hardware