Intel vPro

Intel vPro logo

Intel vPro is a platform from the manufacturer Intel for PCs in the office environment. It is the third platform alongside Centrino (mobile devices) and Viiv (multimedia).

A processor based on the core microarchitecture , a chipset , a flash memory and the integrated Intel Active Management Technology (AMT) are sold under the umbrella of the brand . It is also part of the Stable Image Platform , which guarantees compatibility of drivers and system software for five additional quarters from the product launch.

Functions

In its current version, AMT offers the following functions on devices of the vPro platform:

Reading out status information
Changing configurations
Switching the PC on and off.

These functions enable the administration, inventory, diagnosis and repair of PCs even when systems are switched off or have crashed.

Another component of vPro is the virtualization technology VT . Together with the AMT functions, for example, compromised systems can be isolated remotely from the network in order to contain the spread of the infection.

Technically, AMT can also be seen as a Trusted Execution Environment , since here programs can manage or monitor the platform independently of the operating system.

Criticism and security holes

The functions mentioned are part of a special firmware, the so-called Intel Management Engine (ME).

In addition to the fundamental criticism and security concerns, such as those regularly raised by the Free Software Foundation , there have been technical concerns, clues and speculations about secret back doors in corresponding Intel chipsets with the ME since 2013.

In 2015, the Federal Office for Information Security warned of the risk of AMT remote maintenance technology and assessed the corresponding risk for users as high.

In May 2017, a security vulnerability was discovered that affected many computers that have been shipped since 2010. If the remote maintenance functions "Active Management Technology" of the device are switched on, attackers can gain higher access rights to the affected devices via the network.

Web links

German website from Intel on the vPro platform

Individual evidence

↑ Intel Active Management Technology. Retrieved January 6, 2015 .
↑ Trusted Computing reloaded: Intel's manageability engine. Retrieved January 6, 2015 .
^ Intel & ME, and why we should get rid of ME. Retrieved February 16, 2018 . , FSF of June 10, 2016.
↑ Speculation about secret back doors in Intel chipsets. Retrieved February 16, 2018 . , c't dated September 27, 2013.
↑ Intel Active Management Technology (AMT): A vulnerability enables the system to be taken over. Retrieved February 16, 2018 . , BSI of August 27, 2015.
↑ Vulnerability in many Intel systems since 2010. Accessed February 16, 2018 . , heise online from May 2, 2017.

[1] Intel Active Management Technology. Retrieved January 6, 2015 .

[2] Trusted Computing reloaded: Intel's manageability engine. Retrieved January 6, 2015 .

[3] Intel & ME, and why we should get rid of ME. Retrieved February 16, 2018 . , FSF of June 10, 2016.

[4] Speculation about secret back doors in Intel chipsets. Retrieved February 16, 2018 . , c't dated September 27, 2013.

[5] Intel Active Management Technology (AMT): A vulnerability enables the system to be taken over. Retrieved February 16, 2018 . , BSI of August 27, 2015.

[6] Vulnerability in many Intel systems since 2010. Accessed February 16, 2018 . , heise online from May 2, 2017.