MyGaming recently reported about a possible security flaw in Intel’s new processors that could allow hackers to remotely control your PC.
“The Intel Management Engine (ME) is a separate control subsystem located inside of the x86 chipset. It effectively controls your CPU, acting as the hive-mind for all of your CPU’s day-to-day actions.
This makes it an invaluable tool, especially as it is not dependent on operating system or user input.
It also makes it a massive liability, as any unauthorised access (or rooting) of this ME could give complete control of your PC to malicious outsiders.
Worse still, as the user cannot access the ME themselves and there is no way to disable the subsystem, you may not even know if your CPU has been compromised”.
We spoke to Vince Resente, Enterprise Technology Specialist at Intel about how easy it really is for your PC security to be compromised:
“It is incorrect that IME is a backdoor, as all of these subsystems first requires activation on a secure local network. In addition, you would have to a buy a PKI certificate from one of only 12 authorised vendors.”
“This is the case every single time a new laptop or desktop needs to be activated. As such, the only way anyone could “Access” into the ME would be by an admin user that has full access to the screen and keyboard of the system who’s ME they want to accessing.”
As a result, Intel have not had an external hack in the last 10 years.
“We are even bolting down further, and in the last two years we have acquired McAfee (now renamed to Intel Security) and have subsequently made this process even more secure by extending the security deeper into the ME and BIOS.”
“Multi Factor Authenticate now requires more than just your certificate but also all kinds of biometrics, including 5 or 6 factor authentication like a trusted network requirement of phone authentication via Bluetooth proximity.”