It is located between the firmware and the system driver, similar to an interface. Through this interface, the system can interact with firmware, thus achieving the purpose of improving thermal energy management.
Extended data
Intel Manageability Engine (Intel ME) is an autonomous subsystem, which has been included in almost all Intel processor chips since 2008. This subsystem is mainly composed of proprietary firmware running on a single microprocessor, which can perform some tasks when the operating system is turned on, whether the computer is running or sleeping at that time.
As long as the chip or system-on-a-chip (SoC) is connected to the current system (through battery or power supply), it will continue to run even if the current system is turned off. Intel claims that it needs a management engine to provide complete performance. Its exact work is largely unrecorded, and its code is confused by the secret Huffman table stored directly in the hardware, so the firmware does not contain the information needed to decode its content.
After 20 13, Intel's main competitor AMD added the equivalent AMD security technology (officially named platform security processor).
The management engine is often confused with active management technology. AMT is based on ME, but only for processors with vPro. AMT enables computer owners to remotely manage their computers, such as turning them on and off and reinstalling the operating system.
However, since 2008, ME itself has been embedded in all Intel chipsets, not just those using AMT. Although AMT may not be supervised by the computer owner, there is no officially recorded way to disable me.
Attackers such as the Electronic Frontier Foundation (EFF) and security expert Damien Zammit accused me of being a back door and privacy hazard. Zamith emphasizes that ME can completely access memory (no parent CPU has any perception); You can completely access the TCP/IP stack and send and receive network packets independently of the operating system, thus bypassing its firewall.
In this regard, Intel responded to controversial works such as "Intel will not set a back door in its products, and our products will not allow Intel to control or access the computing system without the explicit permission of the end user" and "Intel does not and will not design a back door to enter its products".
The latest report claims to be misleading and obviously inaccurate. Intel is not trying to reduce the security of its technology. As of 20 17, Google tried to remove proprietary firmware from its server, but found me an obstacle.
I have several weaknesses. 2065438+On May 1 2007, Intel confirmed that there was a remote privilege vulnerability in its management technology (SA-00075). Every Intel platform that adopts Intel standard management, active management technology or small business technology, from Nehalem micro-architecture in 2008 to Kaby Lake micro-architecture in 20 17, has a security vulnerability that can be exploited remotely.
There are several ways to disable ME without authorization, but this may cause the function of ME to be destroyed. These additional major security vulnerabilities in ME have affected a considerable number of computers integrated with TXE (Trusted Execution Engine) and SPS (Server Platform Service) firmware.
From the Skylake microarchitecture of 20 15 to the Coffee Lake microarchitecture of 20 17, these defects were confirmed by Intel on 2065438+0765438+1October 20th (SA-00086). Unlike SA-00075, this defect still exists even if AMT does not exist or is not configured, or ME is "disabled" by any known unofficial method.
References:
Baidu Encyclopedia-Intel Management Engine Interface