We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Minix, Intel's operating system inside our computers.
Comments
-
What I alluded to was that my partner was forgetful when browsing and unfortunately clicked links in emails sometimes when he was using Windows in the past.
Well you could get yourself into almost as much trouble doing that in Linux as you can in Windows.
OK there may not be the same threat from malware, but there's just as much a threat from identity theft and financial loss etc.0 -
Would it help the OP if they thought of Minix (bad) as a type of firmware (good)?0
-
Those of you who discount the issue as trivial probably don't understand the problem (for example those suggesting that you should run an OS off a CD really have missed the point), but the article linked to in the OP is not very well written, and contains inaccuracies. A better summary is in the article (linked to in the original) by the EFF - which is a well-respected organisation in computer security:
https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it
That article points out that Management Engine is part of all current Intel chipsets, but isn't actually built onto the die of any of the CPUs themselves. It also describes the distinction between enabled and provisioned, and whether the feature is active by default.
Yes, you can think of it as firmware, but that does not mean that it should not be viewed with suspicion. Some of the biggest targets for botnets in recent years have been things like internet-enable CCTV cameras, set-top boxes, baby alarms etc - things which have "firmware" which is not adequately secured. Each of these devices can be quite puny, but if you can recruit enough of them into your botnet then you can create a very potent DDOS attack tool. This is not fiction - it has been done.
So, the questions should remain, and should be asked of Intel. Why does this proprietary (i.e. secret, known only within Intel) piece of code need to be so functional, when from a security point of view those functions (such as a built-in web server) are likely to have many points which are vulnerable to remote exploitation.
The recent Apple iPhone story is a great example of a manufacturer putting hidden code in their products that is there to do things that may or may not be in the user's interests. As consumers we don't need any more of that - if it's there, we should be told about it (though I accept that 99% of users probably won't actually be interested).0 -
Be like AMD. nobody knows what their equivalent of IME is built on or what security risk there might be, added to which it actually resides on the CPU chip itself.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.6K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards