[mjg59]

There's two different components here. The first is the Management Engine. Unless this laptop is extremely old, it has one, and it's running. Depending on age, you may be able to prevent it from booting while still allowing the rest of the system to run, but probably not. The second is Intel's Advanced Management Technology (AMT). This is only available on systems with VPro badging, which generally means higher-end business laptops. AMT is much less widely used than you might think, so it's probably not enrolled anywhere. You can confirm whether AMT has been provisioned with https://github.com/mjg59/mei-amt-check, and as long as you have the system firmware password you should be able to reset the ME regardless.

(Edit: I didn't make the relationship between these clear. All modern Intel laptops have ME. AMT is a software component that runs on top of the ME, but is only provisioned for systems that have VPro badging)

[nhchris]

> you may be able to prevent it from booting while still allowing the rest of the system to run, but probably not.

To be clear, this is not a technical side-effect of some incidental reliance of the boot process on the management engine (ME). Instead, Intel has deliberately made it impossible for consumers to disable the ME, has obfuscated how the ME works, and offered ME-disabled computers only to "military, government and intelligence agencies".

All under the guise that "Intel considers disabling ME to be a security vulnerability, as a malware could abuse it to make the computer lose some of the functionality that the typical user expects, such as the ability to play media with DRM" - which is beyond laughable.

In short, it could not be more obvious that the ME is malicious.

Source: https://en.wikipedia.org/wiki/Intel_Management_Engine

[Thoreandan]

"Intel considers SGX instructions to be a security vulnerability, as a malware could abuse it to make the computer lose some of the functionality that the typical user expects, such as the ability to play media with DRM."

fixed it

[sebazzz]

So what does Intel Management Engine do when AMT is disabled or not present?

[thinknubpad]

>Depending on age, you may be able to prevent it from booting while still allowing the rest of the system to run, but probably not.

How old?

[badpun]

Wikipedia says 2008.

[MuffinFlavored]

If your computer isn't connected to Ethernet or WiFi, why does having a secret Intel management engine running in your CPU matter if it can't publish your data anywhere?

[dylan604]

who runs a laptop in that kind of setup? hypothetical responses to a legitimate question/response is just lazy and lame

[MuffinFlavored]

I'm sorry, I misunderstood. I thought this post was asking from the perspective of "How can I tell if I'm enrolled in that secret thing we learned about that Intel has a secret backdoor to our computers" from the perspective of "I want to make sure it is off/I'm not enrolled".

I was suggesting, if the PC isn't connected to the Internet in this hypothetical case, why does the Intel backdoor matter? It wasn't clear to me the OP was trying to actually use the Intel Management Engine for legitimate purposes. I apologize.