Processors
Intel® Processors, Tools, and Utilities
16315 Discussions

What Intel CPUs lack Intel ME secondary processor?

CDrak
Novice
‎01-31-2016 03:19 PM
3,331 Views

Hi all,

Like many who watched the recent CCC conference presentation about Intel ME,

I was taken aback by the implications of having an insecure secondary service processor inside

the Intel CPU chip package that can access RAM and peripherals such as Wifi,

namely the possibility of a malicious rootkit that cannot be easily detected nor removed

that can for instance exfiltrate data regardless of what OS is running and how secure that OS may be.

Watch the video here: https://www.youtube.com/watch?v=H6bJ5b8Dgoc Towards (reasonably) trustworthy x86 laptops [32c3] - YouTube

So I want to avoid Intel CPUs that have ME. I have noticed that the Core i3 5th Gen

lacks vPro and TXT, which is reassuring, but is there nevertheless a simplificed Intel ME

processor in the CPU package despite vPro being officially absent?

Thanks.

Link Copied

6 Replies
Amy_C_Intel
Employee
‎02-02-2016 01:46 PM
1,953 Views

Hello, drakec:

By Intel ME secondary processor you mean the Intel® Management Engine?

Regards,

Copy link
CDrak
Novice
‎02-07-2016 03:04 PM
1,953 Views
In response to Amy_C_Intel

Correct.

Intel Management Engine, also known as "the rootkitter's dream". It's the biggest security threat against computing yet invented.

In response to Amy_C_Intel
Copy link
Amy_C_Intel
Employee
‎02-08-2016 09:27 AM
1,953 Views
In response to CDrak

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current Intel chipsets, I even checked with the engineering department and they confirmed it.

Regards,

In response to CDrak
0 Kudos
Copy link
CDrak
Novice
‎02-10-2016 09:29 AM
1,953 Views
In response to CDrak

So you proved you don't know anything, and when you ask engineering they BS'd you and you didn't know it. You're useless.

In response to CDrak
0 Kudos
Copy link
Ronny_G_Intel
Moderator
‎02-12-2016 12:34 PM
1,953 Views
In response to CDrak

Carsten Drake,

I work for Intel Customer Support and I would like to help you with your original question about processors lacking Intel(R) ME I would not discuss whether or not it represents a security risk but let me just comment that depending on the BIOS implementation (designed by your system manufacturer -not necessary by Intel) Intel ME can be easily enable/disable in BIOS, implementation also requires basic security e.g. a simple password set up but computing security implies multiple layers down from BIOS level all the way up to software/networking level.

No need to talk about that if you already made a decision about it, I respect that.

In order to help you with your question: Would you please tell me what Processor Generation are you interested in? I honestly don't know the answer to your question and I need to do some research, it would be better if you even tell me what CPU family you are looking for: Core i3, Core i5, Core i7, Mobile, embedded, Server?

Regards,

In response to CDrak
0 Kudos
Copy link
MRash3
Novice
‎02-15-2016 02:10 AM
1,953 Views
In response to CDrak

thanks

In response to CDrak
0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.