|
|
|
|
|
|
by cjcampbell
3085 days ago
|
|
|
I understand your sentiment, but I would argue that this is a flaw. Vendors need to account for users' ability to notice and assess these sorts of details. While it's true that most/all defenses eventually fail to a determined attacker with unrestricted physical access, most users wouldn't suspect it'd be so easy for someone to orchestrate the attack in their presence without attracting notice. Leaving AMT enabled with a default local password when it hasn't been explicitly provisioned is an oversight by the system manufacturers. Expecting users (particularly outside the enterprise environment) to discover the necessary security precautions (without any notable cues) is a problem. Education may be a short-term solution, but it's no substitute for repairing the user experience, e.g., by disabling unused AMT features (and preventing them from being reenabled without authenticated access to a pre-boot or other system management environment). Save AMT security for the subset of system owners that need to take advantage of the feature. |
|
|