*sigh*,
On 28.08.2018 22:00, Mike Banon wrote:
You are right, my choice of words has been far from ideal. I apologize for that. However, to be confident that Intel ME is a backdoor (personal opinion) - one does not have to be its' creator.
sorry I meant the creator of us (God) not the ME. I doubt the creator of the ME knows everybody's opinion either. Which is what I was talking about. A good practice is to quote and answer below that quote, this way you can easily check if what you write makes sense in the given context.
I think there are enough documents describing its' functionality and enough evidence gathered by the independent security researchers about the suspicious activities of this hardware module. If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck?
WTF again? what suspicious activities? I know, for many people the ME firmware contains unwanted features. But these features are documented. In your world, a device becomes backdoored because somebody didn't read the manual?!?
There are no technical differences between the 'backdoor', and 'frontdoor'.
Please read [1] and [2] very carefully, I hope even you will spot tech- nical differences.
Like a 'conspiracy theorist', 'frontdoor' is a term coming from the american 3-letter-agencies. 'Frontdoor' is their term for a 'backdoor' to which only they (currently) have an access. This article summarizes it well: https://www.justsecurity.org/16503/security-front-doors-vs-back-doors-distin... . 'Backdoor' term has a negative reputation, so they would like to push this 'frontdoor' term forward.
This is very infantile. You cannot just take somebody's words and give them a different meaning just because somebody else used them in a dif- ferent context. When I say frontdoor, I mean a door at a front where everyone can see it. A backdoor implies something hidden, the ME fea- tures were never hidden (AFAIK, a stupid OEM may prove me wrong, but I don't know any instance).
You did it again, btw., stating something (definition of frontdoor) and making it look like the generally accepted definition.
Nico
[1] https://en.wiktionary.org/wiki/back_door [2] https://en.wiktionary.org/wiki/front_door
What suspicious activities? I know, for many people the Intel ME firmware contains unwanted features. But these features are documented. In your world, a device becomes backdoored because somebody didn't read the manual?!?
Somewhere I've seen a report about Intel ME suspicious network activities (if I remember correctly they were using Wireshark on a PC placed between a computer with ME and the outside network) which has affected my personal opinion. Although it could be argued that its just some OEM has set up their ME in such a way, maybe even in a documented way (although a way undesirable to the end user), still it didn't look good to me. In addition, regarding all those Intel ME vulnerabilities recently discovered: one could assume that at least some of these "vulnerabilities" @ were actually the backdoors which have been patched just because they have been discovered by someone else than the american intelligence agencies who always knew them @ . Now Intel has patched these "vulnerabilities", but we do not know if some other "vulnerabilities" have been left unnoticed by the outsiders or if some new "vulnerabilities" have been added. And we the open source enthusiasts can't even verify that personally, because the source code of Intel ME firmware is closed. I cannot understand, how such a high level professional open source developer as you, Nico, finds it okay to just trust Intel ME despite its' deeply proprietary nature. Management engine with a closed source proprietary firmware - it even sounds awful..... I totally agree with Richard Stallman when he calls Intel ME a backdoor - https://stallman.org/intel.html
Please read [1] and [2] very carefully, I hope even you will spot technical differences. [...] You cannot just take somebody's words and give them a different meaning just because somebody else used them in a different context. [...] You did it again, btw., stating something (definition of frontdoor) and making it look like the generally accepted definition.
Before receiving your message I knew only one definition of a "frontdoor" computing term which I described in my previous message. Although I don't know which definition is more popular, sorry for misunderstanding you.
Mike
On Wed, Aug 29, 2018 at 12:24 AM Nico Huber nico.h@gmx.de wrote:
*sigh*,
On 28.08.2018 22:00, Mike Banon wrote:
You are right, my choice of words has been far from ideal. I apologize for that. However, to be confident that Intel ME is a backdoor (personal opinion) - one does not have to be its' creator.
sorry I meant the creator of us (God) not the ME. I doubt the creator of the ME knows everybody's opinion either. Which is what I was talking about. A good practice is to quote and answer below that quote, this way you can easily check if what you write makes sense in the given context.
I think there are enough documents describing its' functionality and enough evidence gathered by the independent security researchers about the suspicious activities of this hardware module. If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck?
WTF again? what suspicious activities? I know, for many people the ME firmware contains unwanted features. But these features are documented. In your world, a device becomes backdoored because somebody didn't read the manual?!?
There are no technical differences between the 'backdoor', and 'frontdoor'.
Please read [1] and [2] very carefully, I hope even you will spot tech- nical differences.
Like a 'conspiracy theorist', 'frontdoor' is a term coming from the american 3-letter-agencies. 'Frontdoor' is their term for a 'backdoor' to which only they (currently) have an access. This article summarizes it well: https://www.justsecurity.org/16503/security-front-doors-vs-back-doors-distin... . 'Backdoor' term has a negative reputation, so they would like to push this 'frontdoor' term forward.
This is very infantile. You cannot just take somebody's words and give them a different meaning just because somebody else used them in a dif- ferent context. When I say frontdoor, I mean a door at a front where everyone can see it. A backdoor implies something hidden, the ME fea- tures were never hidden (AFAIK, a stupid OEM may prove me wrong, but I don't know any instance).
You did it again, btw., stating something (definition of frontdoor) and making it look like the generally accepted definition.
Nico
[1] https://en.wiktionary.org/wiki/back_door [2] https://en.wiktionary.org/wiki/front_door
-
Mike Banon -
Nico Huber