The guys at Positive Technologies were skeptical over Intel’s secretive Management Engine technology hidden in its chipsets, which claims to be penetrable. Recently, the security firm has dropped more details on how its team was able to drill into the CPU.
The Intel Management Engine (IME) is a component of virtually every Intel CPU released after 2008. It’s like a CPU on top of a CPU; it does tasks separate from the main operating system while the computer is in use.
According to Intel, the IME can be used to do remote administration tasks, although the likes of the EFF (Electronic Frontier Foundation) have long argued that having a “black box” that can control networking and hardware, even when the computer is switched off, represents a major security and privacy risk.
The authentication bypass vulnerability resides in a feature known as Active Management Technology (AMT). It allows system administrators to perform a variety of powerful tasks over a remote connection.
Among the capabilities include changing the code that boots up computers, accessing the computer’s mouse, keyboard, and monitor, loading and executing programs, and remotely powering on computers that are turned off.
In short, AMT makes it possible to log into a computer and exercise the same control enjoyed by administrators with physical access.
Positive Technologies has confirmed that recent revisions of Intel’s Management Engine feature Joint Test Action Group (JTAG) debugging ports that can be reached over USB. JTAG actually grants the user a low-level access to code running on a chip and now we can go into the firmware driving into the Management Engine.