[mstaoru]

Surprised nobody mentioned Intel vPro AMT so far. It is basically an always-on KVM that's part of CPU firmware, powered by an always-on 5V PSU rail. There is a scary amount of options, including unattended periodic (or alarm based) phone home, user acceptance or full user override, boot media spoofing, Serial over WiFi... All built-in into consumer(-ish) CPUs.

[McGlockenshire]

I'm not surprised that nobody noticed it at all. That's because it's not a KVM that you can purchase and test, the subject to the article.

Instead, you're just talking about IMPIjr. These specific features are not in consumer grade CPUs, but in CPUs marked for workstations. Ain't no consumer buying fuckin vPro machines. These are enterprise IT management features, not user features. They're also subject to frequent insane rants by people obsessed with them as possible privacy issues.

[kotaKat]

> Ain't no consumer buying fuckin vPro machines.

Yeah, fine, but a lot of people have been snapping up the tiny/micro class PCs instead of overpriced Pis and a lot of them have vPro.

I shove https://github.com/Ylianst/MeshCommander into the AMT on any vPro boxes I manage so I can have an easy-to-use frontend right on the AMT.

[McGlockenshire]

Man, I wish that tool was available fifteen years ago. All of our machines in our half-Linux half-Windows manufacturing operation were Q chips with vPro motherboards, that we (I) chose on purpose, but we didn't have the IT bandwidth to ever sit down and learn how to use them properly.

[xnyan]

> All built-in into consumer(-ish) CPUs.

Dude, I wish. I run a large homelab filled with consumer and small business grade intel hardware, and would love to have vpro on all my mid-high end consumer intel platforms. I have the experience and network environment to lock it all down securely, and it's very reliable high performance low level access from before boot.

It's true that some number of relatively expensive consumer-grade CPUs support vPro, but the catch is it also requires the motherboard's chipset to support it, and it has to be both implemented and enabled in the BIOS.

You rarely if ever see consumer hardware with a chipset that supports it. On all the systems I have that fully support vpro from soup to nuts, you have to intentionally turn it on because it's quite dangerous in the wrong circumstances.

[p_l]

And don't forget it's not really about chipset, it's about market segmentation and up selling you for setting a boolean flag in firmware.