hi all, 

Thanks for the information. 

hi Brian, 

That's mind blowing, never think about that before. 

hi Shawn / Peter, 

Thanks for the pdf and link, I'm gonna find some time to read them. 

hi Nico, 

"they" refers to the adversary. 

so, in conclusion: 
  • ME has its own MAC and IP address
  • ME can access the internet by using the OS's configured network connection, without the OS ever noticing
  • ME can record network credentials to persistent storage, while the main OS is running.
  • ME can use the recorded network credentials for internet access, while the main OS is not running.
  • ME cannot access the internet without Laptop's networking device ( WLAN / WIFI card, WWAN card, bluetooth, wimax, ethernet )
  • a secret / hidden independent networking device, would probably look suspicious under a microscope, nobody has seen something like that in Intel's chipsets.
  • ME without AMT firmware couldn't do out of band management, but may still be networking capable.
  • ME could set up an ad-hoc wireless network, with other iME chips in the local area, then connected to the internet through other iME chips.
How about an ultrasonic transmitter / receiver ? 
Can iME communicate with the internet or other nearby iME chips or WIFI hotspot through ultrasonic sound ? 

Somehow, I'm not sure, but sometimes I have assumption (maybe wrong assumption), that ME still can connect to the internet, without using any of these networking devices ( WIFI card / Wwan card / bluetooth / wimax / ethernet ) , because: 
  • wwan card / wimax / ethernet are rarely being used by Laptop, so maybe this option can be eliminated. 
  • I think bluetooth could not be used for internet access, and it would be easily detected by bluetooth scanning, so maybe this option can be eliminated. 
  • I assume, wireless WLAN Wifi card, is the most possible way, for ME to access the internet, but also I think wireshark can scan and capture all traffic in the Wifi hotspot router, and so far, nobody report any capture of ME traffic in the Wifi hotspot router, so maybe this option also can be eliminated. 
  • So what else ? I am not sure. Maybe an ultrasonic transmitter / receiver ? 
  • Or maybe an ad-hoc wireless network with other iME chips ? 
  • Or maybe all Wifi hotspot routers have iME similar chips that can communicate hidden traffic with iME chips ? 



On Mon, Oct 4, 2021 at 9:49 PM Brian Milliron <brian.milliron@foresite.com> wrote:

> That raises questions including the following:
>
> - Does ME in fact extract network credentials from the main OS when
>   latter is running?  (IIRC, Snowden indicated the answer is yes - at
>   least in some cases.)

Technically it wouldn't need to since it controls the networking
hardware it could set up an ad-hoc wireless network to communicate with
other IntelME chips in the local area until it finds one with a wired
connection and route traffic through that.
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-leave@coreboot.org