IMHO Intel ME or the AMD equivalent are only relevant for state level targeted attacks.
It wouldn’t be wise for them to waste it on the small fries and risk having some snoopy I-have-nothing-better-to-do-with-my-life security researcher find some attack payloads.
Of course you are right to be worried and think about it. Right now the best you can do is coreboot, it allows you to disable it.
If you want to counter that risk the best is to get a computer like the nitropads (coreboot and only open source firmware, qubeos on top) https://www.nitrokey.com/news/2020/nitropad-secure-laptop-unique-tamper-detection or the ones of system76
After that, it’s no use worrying too much. You could as well be hit be hit in a car crash, a seism or a tsunami could also hit you city. Don’t think about it too much, just have a small plan so you are not too lost if the black swan comes for you.
Open source is not enough. It needs to be entirely free software. I recommend buying a Libreboot laptop from before 2009, they can fully disable/remove the IME and have a 100% free BIOS firmware (anything supported device with a Core Duo processor basically).
Thanks!
I dug in and just found out that you can buy libreboot computers with Intel ME disabled and support the libreboot project on https://minifree.org/
IMHO Intel ME or the AMD equivalent are only relevant for state level targeted attacks. It wouldn’t be wise for them to waste it on the small fries and risk having some snoopy I-have-nothing-better-to-do-with-my-life security researcher find some attack payloads.
Of course you are right to be worried and think about it. Right now the best you can do is coreboot, it allows you to disable it.
If you want to counter that risk the best is to get a computer like the nitropads (coreboot and only open source firmware, qubeos on top) https://www.nitrokey.com/news/2020/nitropad-secure-laptop-unique-tamper-detection or the ones of system76 After that, it’s no use worrying too much. You could as well be hit be hit in a car crash, a seism or a tsunami could also hit you city. Don’t think about it too much, just have a small plan so you are not too lost if the black swan comes for you.
Open source is not enough. It needs to be entirely free software. I recommend buying a Libreboot laptop from before 2009, they can fully disable/remove the IME and have a 100% free BIOS firmware (anything supported device with a Core Duo processor basically).
Thanks! I dug in and just found out that you can buy libreboot computers with Intel ME disabled and support the libreboot project on https://minifree.org/
They actually have an interesting selection.