On Sun, Oct 03, 2021 at 05:43:38PM +0700, Hendra wrote:
in my understanding,
in their office, they know the password of their internet connection, therefore they can setup the password in the AMT, so they can access the devices remotely,
but after the products being distributed all over the world, then each are connected to different wifi router with different passwords, therefore they need to set up another wifi password to the AMT, in order for the AMT to be connected with the internet, so that they can access it remotely,
but then how do they know the password ? also how do they access it remotely to re-setup the password ?
A while since I last looked into this, but IIRC:
- Important to distinguish between ME OS (a Minix derivative) and "main" OS (typically Windows, macOS, GNU/Linux, ...)
- ME can, while main OS is running, view some/all CPU registers, RAM, and (in the case of *compatible* NICs), some NIC registers.
- ME can therefore (in principle, at least) record network credentials to persistent storage.
That raises questions including the following:
- Does ME in fact extract network credentials from the main OS when latter is running? (IIRC, Snowden indicated the answer is yes - at least in some cases.)
- If so, which part(s) of which versions of the ME are responsible? (A binary search like the one Trammell Hudson - I think - used to work out how to neutralise the ME might reveal this.)
- Which other variables affect whether the answer is "yes"?
- Does ME in fact store credentials persistently, to give itself network access even if main OS is not running? (IIRC, Snowden indicated the answer is yes - at least in some cases.)
- If so, then where do which versions of the ME store those credentials? (Do they use persistent storage on the NICs? BIOS/UEFI? HDD/SSD? Or somewhere sneakier like in the HDD/SSD controllers? Maybe some combination or fallback of all these?)
- Which other variables affect whether the answer is "yes"?
Someone (a PhD student, maybe?) should make these questions the subject of a research project. Perhaps it has already been done. As I say, I'm a bit out of the loop just now.