• Home
• Chi sono
• Contacts
• Slides

IAMT, a Centrino backdoor?

There is a backdoor in Intel CPU?
There is a technology called IAMT (Intel Active Management Technology) used in Intel CPU for system diagnostics.
Citing from Intel IAMT page:

"Using built-in platform capabilities and popular third-party management and
security applications, Intel AMT allows IT to better Discover, Heal,
and Protect their networked computing assets. Here’s how:

Discover: Intel
AMT stores hardware & software information in non-volatile memory.
With built-in manageability, Intel AMT allows IT to discover the
assets, even while PCs are powered off.¹ With Intel AMT, remote
consoles do not rely on local software agents, helping to avoid
accidental data loss.

Heal: Intel AMT’s
built-in manageability provides out-of-band management capabilities to
allow IT to remotely heal systems after OS failures. Alerting &
event logging help IT detect problems quickly to reduce downtime.

Protect: Intel
AMT featuring System Defense capability protects your network from
threats at the source by proactively blocking incoming threats,
reactively containing infected clients before they impact the network,
and proactively alerting IT when critical software agents are removed.
Intel AMT also helps to protect your network by making it easier to
keep software and virus protection consistent and up-to-date across the
enterprise. Third party software can store version numbers or policy
data in non-volatile memory for off-hours retrieval or updates."

Good.. Remote management capabilities in hardware?
This sounds like a backdoor, or a thing that in "evil hands" can act as a backdoor.
IAMT permits remote upgrade of your system and works with you shutdown your OS.

Intel is heavily promoting what it calls "active management technology" (AMT) in the new chips as a major plus for system administrators and enterprise IT.
Understood to be a sub-operating system residing in the chip’s firmware, AMT will allow administrators to both monitor or control individual machines independent of an operating system.

Additionally, AMT also features what Intel calls "IDE redirection" which will allow administrators to remotely enable, disable or format or configure individual drives and reload operating systems and software from remote locations, again independent of operating systems.
Both AMT and IDE control are enabled by a new network interface controller.
"We all know our [operating system] friends don’t crash that often, but it does happen," Tucker said.

Intel’s reticence to speak publicly about what lies under the hood of its latest firmware technology has also prompted calls to come clean from IT security experts, including Queensland University of Technology’s assistant dean for strategy and innovation, IT faculty,
Bill Caelli.
"It’s a dual use technology. It’s got uses and misuses. Intel has to answer what guarantees it is prepared to give that home users are safe from hackers. Not maybes, guarantees"

So, actually IAMT is a feature, and is a good feature with a dark side in evil hands.

Links:

• Intel Finalizes Remote Active Management Technology
• intel Vpro FAQ
• Intel proudly shows off snooping tech
• vPro technology
• How to set up AMT Machine?
• Using IAMT
• IAMT Reference design kit
• Intel Centrino Pro and Intel vPro Processor Technology
• Managing IAMT platforms

Random Posts

• Lol: PHP
• Week’s Links
• Capodanno
• Sysadmin novel
• My geek code

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically to your feed reader.

© 2003-2010 tanasi.it