Dell Becomes First Major PC Vendor to Offer Laptops with IME Disabled

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
11,612
Dell is going to offer 3 high-end laptops with the Intel Management Engine disabled. This is in response to the recent revelations that the IME has vulnerabilities and cpu's from the 6th gen to the 8th gen all have this cooked in. If successful, I expect other major vendors to jump on-board this strategy. However, I'm still waiting for the manufacturer of my motherboards to release some sort of patch so I can turn this off on my PC's.

The risks aren’t just theoretical – Intel recently acknowledged a security vulnerability affecting nearly every PC that shipped with a 6th, 7th, or 8th-gen Intel Core processor. While the company is working with PC makers to roll out updates to patch that vulnerability, it wouldn’t even exist if Intel hadn’t bundled a feature many users don’t need and won’t use with its latest chips.
 
Joined
Apr 29, 2002
Messages
2,586
While the company is working with PC makers to roll out updates to patch that vulnerability, it wouldn’t even exist if Intel hadn’t bundled a feature many users don’t need

Longest list in computer history? : The number of companies/apps this applies to.
 

Teenyman45

2[H]4U
Joined
Nov 29, 2010
Messages
2,953
How long until Semiaccurate starts crowing about this as another successful prediction?
 

Pieter3dnow

Supreme [H]ardness
Joined
Jul 29, 2009
Messages
6,784

Seems there was already a vendor which did this ;).



And there is a better way to support the vendor of cpu which do not have an IME to begin with :)
 
Joined
Jun 30, 2017
Messages
35
what happens when IME is disabled? ELI5

IME is stuff that is a part of AMT a thing that can be useful for companies for deploying software/updates etc remotely (even when the pc is not logged in or even ON!) is disabled, for regular users nothing to my (limited) knowledge... HOWEVER Intel claims, without showing, that IME is needed for maximum performance from the CPU....

Slightly more details:
IME works in something called ring -3 witch means it has privileges to do basically anything, applications/programs work in ring 3 (as in positive 3) drivers are in ring 2 and the kernel (Windows NT kernel/linux kernel etc) is ring 0 this is three levels below that witch means it can mess with the kernel and logg shit and send it off because it has even Ethernet access that you can't see or touch... So if there's a virus in the IME you wouldn't even notice..
 
Top