You can clean Intel ME with a USB programmer or RPi + cables, it isn't very hard.
By default it doesn't work over wifi so you don't have to worry about it if you use a laptop in which you never plug an ethernet cable.
Does the ME / PSP have its own address? How is an attacker going to correlate your online identity with it when you use a VPN or Tor? This is a legitimate question, I'm not asking it rhethorically.
You can clean Intel ME with a USB programmer or RPi + cables, it isn't very hard.
That's true, but check a list of supported hardware for me_cleaner (part of coreboot). It is hard to completely remove ME in modern motherboards, because many functions like fan control was moved into ME. Also you could get resets every few minutes or uninitialized onboard hardware like network controller of sound card if you completely clean ME on board that is not suitable.
By default it doesn't work over wifi so you don't have to worry about it if you use a laptop in which you never plug an ethernet cable.
Not shure about laptops with integrated WiFi, those that have WiFi chip soldered on mainboard instead of traditional miniPCI-E card in socket.
Does the ME / PSP have its own address?
It have own MAC/IP independent from what your network card get from OS, sometimes, if AMT is present in BIOS you could change it and make visible. By default it seems to wait for specific packet to appear for networking. Without that packet it will not be visible for external scanners or whatever. ME have direct access to nework controller and ME networking device is not accessible from host, only from outside, so you need 2 computers to play with it.
How is an attacker going to correlate your online identity with it when you use a VPN or Tor?
Intel ME have full access to your computer hardware. So if you have access to Intel ME, then you could just read anything from memory of disk.
However, as far as I understand, to activate (and may be set Intel ME IP address) you need to be in same local network as computer with Intel ME to send activation packet. It is possible that Intel ME networking could be activated by some contents in regular packet destined to your normal IP, since it have access to network controller and could monitor all trafic, but I'm not shure. May be some ME versions could and some couldn't.
I hope efforts of reverse engineereing Intel ME will finally succeed and we will know for shure how it works, at least reverse engineered version. Intel ME uses ARC CPU core, there exist disassemblers and decompilers for that architecture so it is possible to study that crap by yourself.
It is possible that Intel ME networking could be activated by some contents in regular packet destined to your normal IP, since it have access to network controller and could monitor all trafic, but I'm not shure. May be some ME versions could and some couldn't.
Another way they could activate it would be if they controlled your router. If they've compromised computer manufacturers, they've probably compromised router manufacturers, too. So Mossad sends a signal of some sort to your Internet router, which then sends the activation packet to your PC.
since it have access to network controller and could monitor all trafic, but I'm not shure. May be some ME versions could and some couldn't.
If there are any limitations in the ME hardware, they can be gotten around. Since it has access to memory, it can write an arbitrary program into memory, and overwrite OS kernel routines or data structures to prevent that program from being detected, while allowing the OS to schedule it like any other program. Then the program can run on your ordinary CPU.
To be fair, it isn't confirmed that Intel is compromised, the ME has legitimate uses. It's just sketchy and proprietary. I wouldn't jump to the conclusion that routers are compromised. Although it certainly can't hurt to install Tomato or DD-WRT.
The fact that ME can be used to implement a back door is so suspect that the legitimate uses seem more like a cover story than the real reason for implementing it. They could have supported those use cases in a way that doesn't break security.
You can clean Intel ME with a USB programmer or RPi + cables, it isn't very hard.
By default it doesn't work over wifi so you don't have to worry about it if you use a laptop in which you never plug an ethernet cable.
Does the ME / PSP have its own address? How is an attacker going to correlate your online identity with it when you use a VPN or Tor? This is a legitimate question, I'm not asking it rhethorically.
That's true, but check a list of supported hardware for me_cleaner (part of coreboot). It is hard to completely remove ME in modern motherboards, because many functions like fan control was moved into ME. Also you could get resets every few minutes or uninitialized onboard hardware like network controller of sound card if you completely clean ME on board that is not suitable.
Not shure about laptops with integrated WiFi, those that have WiFi chip soldered on mainboard instead of traditional miniPCI-E card in socket.
It have own MAC/IP independent from what your network card get from OS, sometimes, if AMT is present in BIOS you could change it and make visible. By default it seems to wait for specific packet to appear for networking. Without that packet it will not be visible for external scanners or whatever. ME have direct access to nework controller and ME networking device is not accessible from host, only from outside, so you need 2 computers to play with it.
Intel ME have full access to your computer hardware. So if you have access to Intel ME, then you could just read anything from memory of disk.
However, as far as I understand, to activate (and may be set Intel ME IP address) you need to be in same local network as computer with Intel ME to send activation packet. It is possible that Intel ME networking could be activated by some contents in regular packet destined to your normal IP, since it have access to network controller and could monitor all trafic, but I'm not shure. May be some ME versions could and some couldn't.
I hope efforts of reverse engineereing Intel ME will finally succeed and we will know for shure how it works, at least reverse engineered version. Intel ME uses ARC CPU core, there exist disassemblers and decompilers for that architecture so it is possible to study that crap by yourself.
Another way they could activate it would be if they controlled your router. If they've compromised computer manufacturers, they've probably compromised router manufacturers, too. So Mossad sends a signal of some sort to your Internet router, which then sends the activation packet to your PC.
If there are any limitations in the ME hardware, they can be gotten around. Since it has access to memory, it can write an arbitrary program into memory, and overwrite OS kernel routines or data structures to prevent that program from being detected, while allowing the OS to schedule it like any other program. Then the program can run on your ordinary CPU.
To be fair, it isn't confirmed that Intel is compromised, the ME has legitimate uses. It's just sketchy and proprietary. I wouldn't jump to the conclusion that routers are compromised. Although it certainly can't hurt to install Tomato or DD-WRT.
The fact that ME can be used to implement a back door is so suspect that the legitimate uses seem more like a cover story than the real reason for implementing it. They could have supported those use cases in a way that doesn't break security.