RE: Securing yourself adequately for today.... and a better model for tomorrow
This page:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
Clearly states:
This vulnerability does not exist on Intel-based consumer PCs.
Now while I agree, effort should be made to triple-check that is the case, by following these detection methods.
We should make note that it primarily affects Intel-based PC/Laptops that advertise vPro technology (look at the above link I posted for sample images) and even then, vPro must be enabled in the BIOS.
Typically you'd find this in "enterprise" quality PC's... for instance those that are issued by Banks, Insurance Companies, and other Large Corporations to their employees.
Consumer-grade Intel computers (the cheap ones you buy at Walmart and Best Buy) typically don't have this vPro BIOS setting, but I recommend you check your system anyway.
See the shit about the JTAG above?
No man, it's EVERYTHING.
Remember: CORPORATIONS HAVE INCENTIVE TO LIE!
The reason I said that, is they ask you in the document to look for the service in Windows 7 as this:
"Look for the Intel Management & Security Application User Notification Service"
(Which I didn't find) but luckily for me, step 2 was discovering I'm running an AMD cpu, so bonus for me.. and that's probably why I didn't find that Windows Service running.
BTW, I stopped trusting Intel after this:
https://www.wired.com/1999/01/intel-on-privacy-whoops/
About 18 years ago Intel was giving each CPU a serial number which could be found by the operating system and software installed, which means your privacy was gone. That's probably when AMD did it's best year of business, because they weren't stupid enough to thwart their customer's privacy with a "new feature".
Every since then I didn't trust Intel, and I still don't. Obviously Intel hasn't learned their lesson yet...
As for me, I am quite certain my machine is effected.
And as for cheap machines, I am certain that they simply haven't found the interfaces used to hack the proletariat and steal their thoughts.
Would you agree, this is more Windows / BIOS based, and less Linux?