Do you have any reference on Intel M.E. being present on Atom C3308? Sent from ProtonMail Mobile
On Sat, Dec 2, 2017 at 20:14, Kevin Chadwick <m8il1i...@gmail.com> wrote: > On Sat, 02 Dec 2017 03:11:23 -0500 > IME (vPro) is included in Xeon and Core > chips. Atom is clear of it. > Just checked. Perhaps the older ones but I > doubt that. The latest Atom Apollo Lake E3s even PROVIDE "Access to user > memory". Which I believe means the entire RAM and if so is quite ridiculous!! > I am sure it will change however the current working exploits require access > to a USB port, though the OS has access and could turn malware into HW > resident malware. OpenBSD is as good a protection as you will get there > though and probably even better for future exploits. I am still unclear as to > whether a properly setup Trusted Execution Engine can protect the system. I > guess from persistent firmware invasion but not protect kernel memory access > or prevent an attacker gaining knowledge for gadgets (if can get to a Debug > USB from userland) or worse. Reminds me of IPv6 to some degree but worse. > Take a small problem and expand it until you have potential for undermining > everything. The most ironic is Intels recent adverts for not trusting > software but HW instead. Can be true in an application specific fashion but > even then it has to be done right. Unfortunately the lastest hardware is much > cheaper so it isn't necessarily as simple as just using some older stuff that > may just be less understood, unless you go further into obsolescence > territory. AMD is *maybe* an option but they are moving higher end not > cheaper by the looks of it.