{"id":3631,"date":"2017-08-30T01:01:00","date_gmt":"2017-08-29T23:01:00","guid":{"rendered":"http:\/\/borncity.com\/win\/?p=3631"},"modified":"2021-08-21T07:12:03","modified_gmt":"2021-08-21T05:12:03","slug":"hack-disable-intels-management-engine","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2017\/08\/30\/hack-disable-intels-management-engine\/","title":{"rendered":"Hack: Disable Intel&rsquo;s Management Engine"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"http:\/\/www.borncity.com\/blog\/2017\/08\/28\/intel-management-engine-me-abschalten\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Security Researchers from Russian security firm Positive Technologies has found a way, to disable the unsecure, vulnerable and much hated Intel Management Engine (ME) 11 on Boards.<\/p>\n<p><!--more--><\/p>\n<p>Intel ME is a kind of its own operating system, running below the operating system and provides several functions for the main board. But there are several problems with ME: <\/p>\n<ul>\n<li>It's undocumented, what Intel Management Engine does in details and what's hidden behind the software (backdoors, kill switch). <\/li>\n<li>Intel Management Engine has critical vulnerabilities, that hasn't been fixed by all vendors. <\/li>\n<\/ul>\n<p>Many users intends to deactivate the Intel Management Engine, but there is no such feature offered by Intel. <\/p>\n<h2>Thanks to NSA there is a way to deactivate that thing<\/h2>\n<p>I stumbled two day ago over this article, discussing how to deactivate Intel Management Engine. A team from <a href=\"https:\/\/www.ptsecurity.com\/ww-en\/\">Positive Technologies<\/a> managed it to deep dive into Intel Management Engine. There they found an undocumented modus link to the High Assurance Platform (HAP) program of US government (aka NSA). <\/p>\n<p>After digging around, the researchers was able to patch a <em>reserve_hap<\/em> bit in a corresponding field within the ME firmware and store it back on the board. Afterward, it seems that Intel Management Engine was deactivated. More details may be found within this article. Addendum: Also bleeping computers has <a href=\"https:\/\/www.bleepingcomputer.com\/news\/hardware\/researchers-find-a-way-to-disable-much-hated-intel-me-component-courtesy-of-the-nsa\/\" target=\"_blank\" rel=\"noopener\">an article<\/a> with further details and thoughts. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Security Researchers from Russian security firm Positive Technologies has found a way, to disable the unsecure, vulnerable and much hated Intel Management Engine (ME) 11 on Boards.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[71],"tags":[447,1012],"class_list":["post-3631","post","type-post","status-publish","format-standard","hentry","category-computer","tag-hack","tag-intel-management-engine"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/3631","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=3631"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/3631\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=3631"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=3631"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=3631"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}