Hi Hendra,
On 01.10.21 17:43, Hendra wrote:
I read in Wikipedia that Intel ME has an independent internet connection. But what does "independent" mean ?
I don't think that's true. Maybe one could twist the word "independent" enough so it makes sense, but I wouldn't call it that. I would say a shared internet connection.
It can use the same internet connection, without your OS knowing. But that doesn't mean you wouldn't be able to know it. If you have the machine at hand, and it's not protected by some BIOS password voodoo, you can just look into the ME settings.
Is it an independent internet connection from the OS ?
Close. The ME firmware (another OS on another core) can use the same network controllers as your OS. I'm not sure about the details, but I assume it filters TCP ports to offer its own services. So I'd say it uses independent TCP ports? *shrug*
A quick search for "intel amt configure ip" led me here [1]. It seems there was a time when one could configure individual IP addresses for ME and host OS's, but that ended about 10 years ago.
AMT is the name of the networking software that runs on the ME btw. Many ME firmware packages don't have AMT at all. So officially, these couldn't do networking. Absence of a piece of software is hard to prove, though. And they could plausibly deny having put it there on purpose, as they could just say they mixed the packages up. That's my biggest concern about the ME. Intel makes it very hard to see what software is installed and allowed to run.
AIUI, but I'm not 100% sure, computers with AMT should be tagged "vPro".
or is it an independent internet connection from the network related devices ? such as: wwan card, wlan card, bluetooth module, wimax card
No, it would use one of those.
or maybe it has its own secret/hidden independent networking device, so it can connect to the internet, without depending on Laptop's networking device, such as: wwan card, wlan card, bluetooth module, wimax card ?
Very unlikely. And only if they had hidden it very well and implemented it additionally to the publicly documented networking stuff. If you suspect a silicon vendor to do that, any of them could. No ME needed. But it would probably look suspicious under a microscope. FWIW, nobody has seen something like that in Intel's chipsets. OTOH, usually when somebody talks about microscope pictures, it's about the CPU and not the PCH (where the ME resides). So I'm not sure if people actually look at it.
[1] https://software.intel.com/sites/manageability/AMT_Implementation_and_Refere...
Nico