✨ Feature Suggestion | Add information about Intel ME and AMD PSP #1507
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1507
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description:
I think it would be beneficial to include information about the Intel Management Engine (ME) and the AMD Platform Security Processor (PSP), perhaps within the Operating Systems page.
Both the Intel ME and the AMD PSP are processors within modern processors that contain proprietary blobs. They have very low-level access, even below the typical operating system ("Ring -1" access; standard operating system kernels are considered to have Ring 0 access -- see Wikipedia article: Protection Ring). As such, the typical operating system (Windows, Mac, Linux, FreeBSD, etc.) cannot "see" the activity of the ME/PSP; they are backdoors by design. Both coprocessors are closely integrated with the BIOS/UEFI boot process, and absolutely no ME/PSP code is public. Both employ a security through obscurity threat model.
Some more details on each are outlined below:
Intel ME
AMD PSP
Perhaps it would be useful to provide only known information (e.g. that they exist and not much is known about them in the public space), and mention that this is largely due to them being proprietary and tightly-guarded features.
The processor formerly known as PSP is these days called AMD Secure Processor (although the old name seems to still persist on the net). Some additional links:
Official site: https://www.amd.com/en/technologies/security
RE tool: https://github.com/PSPReverse/PSPTool
CCC presentations: https://media.ccc.de/v/thms-38-dissecting-the-amd-platform-security-processor
https://media.ccc.de/v/36c3-10942-uncover_understand_own_-_regaining_control_over_your_amd_cpu
@privacytools/editorial thoughts on this? I'm not against it...
A couple of additional links:
In-depth dive into the security features of the Intel/Windows platform secure boot process
Intel® Converged Security and Management Engine (Intel® CSME) Security White Paper November 2020