> IIRC, on most modern intel cpus removing/blanking the ME will reboot the machine every 20 minutes or so. It is unfortunately an irremovable OEM hardware RAT on most modern systems.
Yes, if ME detects a problem when initializing it grants you a 20 minute window as a grace period, presumably to allow users to attempt to fix it.
> There are some groups that have figured out how to sign a patched fully feature-unlocked BIOS on a per machine basis (disabling ME is a simple Y/N flag), but YMMV given these tools are nearly impossible to get working.
You can also just flip the HAP bit[0], I'd assume that's what those advanced (usually leaked dev build) BIOS firmwares do anyway.
> AMD should end the clown show of RATs, and eat the remaining Intel market. =3
AMD has PSP[1], which is functionally equivalent (though with a significantly smaller attack surface, when left enabled)
I personally am of the belief that both technologies are likely backdoored. There's so much pointing against them[2], that the simplest explanation is they're more likely than not a mandated backdoor that chipmakers eventually expanded for other purposes (such as recent versions of ME handling suspend-related power management)
Computrace was replaced by the Absolute BIOS module, so yes... 100% RAT features have been active for sometime. Whatever legitimate asset recovery and remote drive deletion features it offers, is superseded by potential backdoors on the refurbished PC market.
Yes, if ME detects a problem when initializing it grants you a 20 minute window as a grace period, presumably to allow users to attempt to fix it.
> There are some groups that have figured out how to sign a patched fully feature-unlocked BIOS on a per machine basis (disabling ME is a simple Y/N flag), but YMMV given these tools are nearly impossible to get working.
You can also just flip the HAP bit[0], I'd assume that's what those advanced (usually leaked dev build) BIOS firmwares do anyway.
> AMD should end the clown show of RATs, and eat the remaining Intel market. =3
AMD has PSP[1], which is functionally equivalent (though with a significantly smaller attack surface, when left enabled)
I personally am of the belief that both technologies are likely backdoored. There's so much pointing against them[2], that the simplest explanation is they're more likely than not a mandated backdoor that chipmakers eventually expanded for other purposes (such as recent versions of ME handling suspend-related power management)
[0] https://github.com/corna/me_cleaner/wiki/HAP-AltMeDisable-bi...
[1] https://en.m.wikipedia.org/wiki/AMD_Platform_Security_Proces...
[2] https://en.m.wikipedia.org/wiki/Intel_Management_Engine#Asse...