Intel declared war on general purpose computing and lost, so now all our computers are broken

Uncategorized

mostlysignssomeportents:

It’s been a year since we warned that Intel’s Management Engine – a separate computer within your own computer, intended to verify and supervise the main system – presented a terrifying, unauditable security risk that could lead to devastating, unstoppable attacks. Guess what happened next?

For the past week, the IT press has been full of news about the AMT module in the Management Engine making millions of systems vulnerable to local and remote attacks, with a firmware update to disable the module as the only really comprehensive solution. But AMT is only one of the many components of ME, and every one of them could have a vulnerability as grave as this one – and Intel is not offering any way to turn off ME altogether, meaning that there’s a lot of this in our future.

ME is a brilliant example of why declaring war on general-purpose computing is a terrible idea. There are lots of reasons to want a computer that can only run some programs (instead of every program): preventing poisoned operating systems and other malware, preventing game cheating, enforcing copyright restrictions (DRM), etc… Every one of them is presented as a use-case for ME.

But ME isn’t a way of designing a computer that can only run “good” programs. Instead, it’s a way of putting your general-purpose, universal computer under the supervision of another general-purpose, universal computer, and declaring this second computer (the ME system) to be off-limits to auditing, user-control, modification, etc. That works great, provided that your second computer has perfect security and zero flaws in its programming. But if there is even a single, minor flaw in that second system, you now have a devastating security disaster, because your main computer, by design, can’t tell you what that second system is doing, nor can it override the instructions that the supervising system sends it – once that supervising system is compromised, it’s game over.

Intel won’t tell us how to disable ME altogether for lots of reasons, but a big one is surely the fact that they’ve sold lots of entertainment companies on the promise of using ME for DRM – for example, to stop you from running a program that converts one of the W3C’s DRM-locked video streams into a download. Letting you shut down this back door into your computer – and your whole digital life – would also eliminate the means by which Intel plans to stop you from watching TV the wrong way. This is a terrible trade-off.

https://boingboing.net/2017/05/09/management-engine.html