Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API

From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
12bitfloat1086418hI don't know, it's still sketchy as hell
Why make all the docs confidential if they have nothing to hide? Same goes with secret processor features and instructions
Security by obscurity doesn't work and they surely know that -
kiki3739118h@12bitfloat it is sketchy, it does exist, it does allow some degree of remote control, yet every time they need to take someone down a way simpler software-level exploit exists, or it's just a blunder like when a drug kingpin was found because he used his gmail to make his first illegal website
-
jestdotty711912hsupposedly nobody got caught by TOR entry and exit nodes either, or so that is what the AI thinks (it just gives examples of people leaking their name somewhere else)
I think the game is different. you're entering the game of espionage. there's a cop trope sometimes in TV where the detective is given data illegally so he can't use it in a court case. but it tells him where to go to find the "legally obtained" version of the data. in spy circles, you don't reveal your capabilities. you use the Intel, as it is high quality Intel, and you cover your ass by leaving a trail of how you figured it out in some other way, to not reveal your most powerful strategies and tools. it's all a game of deception.
if it can be done it will be done. CIA are 140+ iq, they test it on entry. they wouldn't be using lazy methods. they would be using complex ones because it's just natural to them. if it's on the table, it's on the table. and they'll cover their ass in terms of complicity, of course! -
12bitfloat1086411h@jestdotty That's a good point too
"officially" nobody got caught via Intel ME or similar.... but for what reason did the NSA/FBI/whatever even start investigate that person... maybe because they had a little more information than they should? -
The problem here is accepting people are willing to work pro bono.
No, they don't. They have their families to feed or whatever.
Companies are the same. They exist to make money, otherwise they would fold.
I dare to say 70% of the profits of nasdaq companies is built upon open software whose authors will see no benefit.
So yeah, open source, sure, GPL everywhere. Force every freeloader to go GPL too, and *enforce* it.
Make it a royalty. You use my stuff to make money? Sure. You now owe me 30% of your profit.
Problem solved.
Intel Management Engine is half-hoax. Yes, it exists, but rumors about its true capabilities are fabricated and artificially amplified to make "what about intel ME" a very effective though-terminating cliche in the privacy community.
Let me remind you that to this day there was not a single takedown or leak that resulted from some power exploiting ME. All kingpin takedowns, all whistleblower deanons, all deanons period, all doxxes — all due to software shortcomings and other exploits.
Yet, "what about intel ME" reigns supreme and instills doom into the minds of the questioning. I can totally see someone who is new to this whole privacy thing doing their research, finding this ME craziness and thinking that real, actionable privacy is impossible, and going back to using amazon alexa and giving tiktok full camera and microphone access.
Just forget about Intel ME. It might as well not exist at all, because it was never used successfully. Instead, do this:
- Keep your threat models updated
- Learn to distinguish state-level actors from surveillance capitalists
random