The Free Software Foundation has finally come out publicly against Intel’s Management Engine (ME).
The Intel Management Engine is a small and low-power computer subsystem. It consists of of one or more processor cores, memory, system clock, internal bus, and reserved protected memory used as part of its own cryptography engine. It has its own operating system and suite of programs, and it has access to the main system’s memory, as well as access to the network through the Intel Gigabit Ethernet Controller.
ME performs various tasks while the system is in sleep mode, during the boot process, and also when your system is running.
The ME firmware runs various proprietary programs created by Intel for the platform, including its infamous Active Management Technology (AMT), Intel’s Boot Guard, and an audio and video Digital Restrictions Management system. While some of this technology is marketed to provide you with convenience and protection, what it requires from you, the user, is to give up control over your computer. This control benefits Intel, their business partners, and large media companies.
ME has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC.
FSF suggests users to abandon Intel even though this is quite unlikely to happen. In essence Intel is not a evil company so common users don’t have to worry too much about the leak of information or threaten of privacy. But for some military industries or special fields they probably need to rethink about it.