1. Forum
  2. FidoNet
  3. comp.os.linux.security

  • Re: Hidden Operating Systems in Chips vs. Secure, Auditable OSes: A Cyb

    From Dennis V@3:633/10 to R Daneel Olivaw on Thursday, September 11, 2025 23:10:10
    From: social.ranked646@passinbox.com

    On 2025-06-13, R Daneel Olivaw <Danni@hyperspace.vogon.gov> wrote:
    The article says "The Management Engine in Intel devices is disabled to
    the extent possible", whatever that means. It does not say anything
    about AMD, and there is also no reference to any known problems with
    AMD's PSP.

    For intel it's the HAP bit functionality (High Assurance Platform)
    where a magic bit placed in the firmware makes the ME shutdown after
    the boot process finishes.

    But even if you trust that the ME is off there have been vulnerabilities
    during booting that could bypass this
    (https://www.theregister.com/2017/12/06/ intel_management_engine_pwned_by_buffer_overflow/)

    --- SoupGate-Linux v1.05
    * Origin: Dragon's Lair ---:- FidoNet<>Usenet Gateway -:--- (3:633/10)