|
|
|
|
|
|
by Dalewyn
1166 days ago
|
|
|
>Why cannot it be controlled by the user? Probably because it is intented to be used as a backdoor or to report users who install pirated software, or download unapproved materials etc. I have a simpler answer that doesn't require inherent malice: To keep out hostiles that have control over the computer, be that virtually or physically. You can't compromise what you can't access. Personally, I understand the concerns behind ME and PSP and am not particularly concerned. I trust Intel and AMD to not fuck with me, else why would I buy their processors? If I don't trust the ME/PSP because I don't trust Intel/AMD, I certainly can't trust the rest of their processors either. |
|
|
- first, ME/PSP do not follow minimum privileges principle. They have access to DRAM and network interfaces, so they can bypass restrictions set by OS and firewall. Does that make system more secure? I would say it is the opposite. They make the system less secure: for example, if there is a vulnerability in those modules then the whole system can be compromised and it will be difficult to detect using antivirus products.
- second, firmware for ME/PSP is encrypted. Why is it done so? To prevent user from knowing what it does. Why am I not allowed to know how my computer works?
Based on this, I can assume that intended purpose of this "trusted" modules is to implement user-hostile features like: DRM, software license checking, reporting illegal content, device fingerprinting, providing unauthorised remote access and so on.