To be fair, it isn't confirmed that Intel is compromised, the ME has legitimate uses. It's just sketchy and proprietary. I wouldn't jump to the conclusion that routers are compromised. Although it certainly can't hurt to install Tomato or DD-WRT.
To be fair, it isn't confirmed that Intel is compromised, the ME has legitimate uses.
You are right, but in security aspect of computer tech there are no presumtion of innocence. Thing should be proven not compromised, not vice versa.
Also, that legitimate uses are accounted as an additional attack vector.
Really, the whole idea of AMT (ancestor of ME) was strange since the beginning. OK, you need to manage large fleet of employees laptops, so why not just boot them from corporate network and use network drives? Everything will be perfectly manageable on company server, no potential threat of leaking sensitive data through "lost laptop" or installed by user malware. It will even reduce costs, because that laptops will not need HDDs/SSDs.
Serious servers usually have IPMI controller, but the main difference is that servers don't usually have display and keyboard connected and it is annoying to change something in BIOS or reinstall OS from scratch when you have hundreds of them. So the IPMI goal is quite different than one of ME/PSP.
I wouldn't jump to the conclusion that routers are compromised.
That's proven thing, really. Multiple things. From outdated firmware with vulnerabilities on few years old router with dropped support to well-known "engineereing" or default passwords.
And meanwhile Tomato and DD-WRT is just an outdated versions of OpenWRT with blobs from official firmware for the sake of tiny performance goal on specific hardware. There is no any sense in using them instead of OpenWRT unless you participate in dick measuring contest with a buddy on a maximum possible throughput value.
IDK about Tomato, but initially DD-WRT was a customized original firmware for something like Asus 500 router. Then, they switched to OpenWRT codebase with addition of proprietary drivers and customized web-interface. So at the beginning it have some sense, as better, more open version of manufacturer firmware with additional features and with fixed bugs and closed backdoors like unchangeable root password.
The fact that ME can be used to implement a back door is so suspect that the legitimate uses seem more like a cover story than the real reason for implementing it. They could have supported those use cases in a way that doesn't break security.
To be fair, it isn't confirmed that Intel is compromised, the ME has legitimate uses. It's just sketchy and proprietary. I wouldn't jump to the conclusion that routers are compromised. Although it certainly can't hurt to install Tomato or DD-WRT.
You are right, but in security aspect of computer tech there are no presumtion of innocence. Thing should be proven not compromised, not vice versa.
Also, that legitimate uses are accounted as an additional attack vector.
Really, the whole idea of AMT (ancestor of ME) was strange since the beginning. OK, you need to manage large fleet of employees laptops, so why not just boot them from corporate network and use network drives? Everything will be perfectly manageable on company server, no potential threat of leaking sensitive data through "lost laptop" or installed by user malware. It will even reduce costs, because that laptops will not need HDDs/SSDs.
Serious servers usually have IPMI controller, but the main difference is that servers don't usually have display and keyboard connected and it is annoying to change something in BIOS or reinstall OS from scratch when you have hundreds of them. So the IPMI goal is quite different than one of ME/PSP.
That's proven thing, really. Multiple things. From outdated firmware with vulnerabilities on few years old router with dropped support to well-known "engineereing" or default passwords.
And meanwhile Tomato and DD-WRT is just an outdated versions of OpenWRT with blobs from official firmware for the sake of tiny performance goal on specific hardware. There is no any sense in using them instead of OpenWRT unless you participate in dick measuring contest with a buddy on a maximum possible throughput value.
Well, Tomato and DD-WRT are the ones that were relevant when I paid attention. But install OpenWRT then.
IDK about Tomato, but initially DD-WRT was a customized original firmware for something like Asus 500 router. Then, they switched to OpenWRT codebase with addition of proprietary drivers and customized web-interface. So at the beginning it have some sense, as better, more open version of manufacturer firmware with additional features and with fixed bugs and closed backdoors like unchangeable root password.
It played its role at the time.
The fact that ME can be used to implement a back door is so suspect that the legitimate uses seem more like a cover story than the real reason for implementing it. They could have supported those use cases in a way that doesn't break security.