Processors
Intel® Processors, Tools, and Utilities
14403 Discussions

What Intel CPUs lack Intel ME secondary processor?

CDrak
Novice
2,339 Views

Hi all,

Like many who watched the recent CCC conference presentation about Intel ME,

I was taken aback by the implications of having an insecure secondary service processor inside

the Intel CPU chip package that can access RAM and peripherals such as Wifi,

namely the possibility of a malicious rootkit that cannot be easily detected nor removed

that can for instance exfiltrate data regardless of what OS is running and how secure that OS may be.

Watch the video here: https://www.youtube.com/watch?v=H6bJ5b8Dgoc Towards (reasonably) trustworthy x86 laptops [32c3] - YouTube

So I want to avoid Intel CPUs that have ME. I have noticed that the Core i3 5th Gen

lacks vPro and TXT, which is reassuring, but is there nevertheless a simplificed Intel ME

processor in the CPU package despite vPro being officially absent?

Thanks.

6 Replies
Amy_C_Intel
Employee
961 Views

Hello, drakec:

By Intel ME secondary processor you mean the Intel® Management Engine?

Regards,

CDrak
Novice
961 Views

Correct.

Intel Management Engine, also known as "the rootkitter's dream". It's the biggest security threat against computing yet invented.

Amy_C_Intel
Employee
961 Views

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Regards,

0 Kudos
CDrak
Novice
961 Views

So you proved you don't know anything, and when you ask engineering they BS'd you and you didn't know it. You're useless.

0 Kudos
Ronny_G_Intel
Community Manager
961 Views

Carsten Drake,

I work for Intel Customer Support and I would like to help you with your original question about processors lacking Intel(R) ME I would not discuss whether or not it represents a security risk but let me just comment that depending on the BIOS implementation (designed by your system manufacturer -not necessary by Intel) Intel ME can be easily enable/disable in BIOS, implementation also requires basic security e.g. a simple password set up but computing security implies multiple layers down from BIOS level all the way up to software/networking level.

No need to talk about that if you already made a decision about it, I respect that.

In order to help you with your question: Would you please tell me what Processor Generation are you interested in? I honestly don't know the answer to your question and I need to do some research, it would be better if you even tell me what CPU family you are looking for: Core i3, Core i5, Core i7, Mobile, embedded, Server?

Regards,

0 Kudos
MRash3
Novice
961 Views
0 Kudos
Reply