Regarding my recent bout of paranoia regarding Intel kill switch in the CPU, which can basically allow America to brick your Intel-running computer if you are placed on some “black list”, because you’re “politically incorrect”, “enemy of America” or whatever bullshit they are throwing at Julian Assange. Essentially, any American-made CPU, chipset, BIOS etc. is not yours. You’re just allowed to use it while you comply with the guidelines imposed by America, which say that you must at all times be an obedient slave. If not, “American technology” will be taken away from you.
Let me quote some things from Wikipedia:
The Intel Management Engine (ME), also known as the Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel’s processor chipsets since 2008. It is located in the Platform Controller Hub of modern Intel motherboards. It is a part of Intel Active Management Technology, which allows system administrators to perform tasks on the machine remotely. System administrators can use it to turn the computer on and off, and they can login remotely into the computer regardless of whether or not an operating system is installed.
The Intel Management Engine always runs as long as the motherboard is receiving power, even when the computer is turned off.
The IME is an attractive target for hackers, since it has top level access to all devices and completely bypasses the operating system. Intel has not released much information on the Intel Management Engine, prompting speculation that it may include a backdoor. The Electronic Frontier Foundation has voiced concern about IME.
AMD processors have a similar feature, called AMD Secure Technology.
The subsystem primarily consists of proprietary firmware running on a separate microprocessor that performs tasks during boot-up, while the computer is running, and while it is asleep. As long as the chipset or SoC is connected to current (via battery or power supply), it continues to run even when the system is turned off. Intel claims the ME is required to provide full performance. Its exact workings are largely undocumented and its code is obfuscated using confidential huffman tables stored directly in hardware, so the firmware does not contain the information necessary to decode its contents. Intel’s main competitor AMD has incorporated the equivalent AMD Secure Technology (formally called Platform Security Processor) in virtually all of its post-2013 CPUs.
Several weaknesses have been found in the ME. On May 1, 2017, Intel confirmed a Remote Elevation of Privilege bug (SA-00075) in its Management Technology. Every Intel platform with provisioned Intel Standard Manageability, Active Management Technology, or Small Business Technology, from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME. Several ways to disable the ME without authorization that could allow ME’s functions to be sabotaged have been found. Additional major security flaws in the ME affecting a very large number of computers incorporating ME, Trusted Execution Engine (TXE), and Server Platform Services (SPS) firmware, from Skylake in 2015 to Coffee Lake in 2017, were confirmed by Intel on 20 November 2017 (SA-00086). Unlike SA-00075, this bug is even present if AMT is absent, not provisioned or if the ME was “disabled” by any of the known unofficial methods. In July 2018 another set of vulnerabilitites were disclosed (SA-00112). In September 2018, yet another vulnerability was published (SA-00125).
Critics like the Electronic Frontier Foundation (EFF) and security expert Damien Zammit accused the ME of being a backdoor and a privacy concern. Zammit stresses that the ME has full access to memory (without the parent CPU having any knowledge); has full access to the TCP/IP stack and can send and receive network packets independently of the operating system, thus bypassing its firewall.
Intel responded by saying that “Intel does not put back doors in its products nor do our products give Intel control or access to computing systems without the explicit permission of the end user.” and “Intel does not and will not design backdoors for access into its products. Recent reports claiming otherwise are misinformed and blatantly false. Intel does not participate in any efforts to decrease security of its technology.”
In the context of criticism of the Intel ME and AMD Secure Technology it has been pointed out that the NSA budget request for 2013 contained a Sigint Enabling Project with the goal to “Insert vulnerabilities into commercial encryption systems, IT systems, …” and it has been conjectured that Intel ME and AMD Secure Technology might be part of that programme.
As of 2017, Google was attempting to eliminate proprietary firmware from its servers and found that the ME was a hurdle to that.
The AMD Platform Security Processor (PSP), officially known as AMD Secure Technology, is a trusted execution environment subsystem incorporated since about 2013 into AMD microprocessors. According to an AMD developer’s guide, the subsystem is “responsible for creating, monitoring and maintaining the security environment” and “its functions include managing the boot process, initializing various security related mechanisms, and monitoring the system for any suspicious activity or events and implementing an appropriate response.” Critics worry it can be used as a backdoor and is a security concern. AMD has denied requests to open source the code that runs on the PSP.
The PSP is similar to the Intel Management Engine for Intel processors.
The PSP itself is an ARM core inserted on the main CPU.
In September 2017, Google security researcher Cfir Cohen reported a vulnerability to AMD of a PSP subsystem that could allow an attacker access to passwords, certificates, and other sensitive information; a patch was rumored to become available to vendors in December 2017.
In March 2018, a handful of alleged serious flaws were announced in AMD’s Zen architecture CPUs (EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile) by an Israeli IT security company related to the PSP that could allow malware to run and gain access to sensitive information. AMD has announced firmware updates to handle these flaws. While there were claims that the flaws were published for the purpose of stock manipulation, their validity from a technical standpoint was upheld by independent security experts who reviewed the disclosures, although the high risks claimed by CTS Labs where often dismissed by said independent experts.
The fact that both American x86 CPU manufacturers have the same type of a low-level back door makes it highly likely that someone from NSA visited them and politely asked to put it inside and give them unlimited access, or else. Based on what is known, I would hypothesize on what is possible and likely, and state that it is likely that everything except Elbrus CPU produced in Russia, and ARM CPU produced in China from peer-reviewed schematics, is an instrument of American control, which will go dark if America orders it to. This includes Internet/mobile routers and other infrastructure. Notice how I implicitly count everything produced in Europe as essentially American-controlled.
My recommendations? There aren’t really any. If America does indeed utilize this, it will either be against select persons who occupy top positions on their shit lists, like Snowden and Assange, against foreign governments on their shit list, such as Iran, DPRK, Cuba, Venezuela, Russia and China, and they will pretend they hacked their computers using a virus or a Trojan. If they use it against you, it means you’re already fucked in so many ways and on so many layers before that point, that computer vulnerability will be the least of your concerns. But be aware of it and know that buying American means voluntary submission to their control.
Would Russia or China be any better if they happened to be in that kind of a position of power? Of course not.
