[DuskStar]

So the AMT vuln was related to a lack of security on their web service? Somehow this does not increase my confidence in the rest of their code - if they didn't get this right, what else is wrong?

[tyingq]

The Intel note mentioned a local vulnerability that allowed local non root users to provision AMT as well. That sounds like at least one more, different, issue.

[fhood]

To be fair, it is pretty rare (impossible) to find "secure" software that has zero avoidable vulnerabilities.

[Karunamon]

That's more of an argument about inauditable, non-disableable, hostile (the CPU shuts itself off if you blank out the appropriate data structures) code running below ring 0

[throwaway2048]

Don't forget in the majority of cases unupdatable too! (No vendor is going to issue fixes for old boards)

[FrozenVoid]

see https://threatpost.com/researcher-baseless-assumptions-exist...