Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BIOS and Intel AMT


  • Please log in to reply
5 replies to this topic

#1 JohnnyBeeGood

JohnnyBeeGood

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 13 October 2017 - 04:38 PM

I'm running Puppy Linux on an Acer VM6630G business computer and have just now read about the vulnerability in Intel chipsets with AMT.

 

In the bios, there is a menu that gives a choice to deactivate 'Intel AMT' and I have now done so.

But, from browsing the Internet in search of an answer, the scene only became confusing whether it actually addressed the vulnerability by actually turning off AMT.

 

Acer does list a bios firmware update they claim addressed the vulnerability, but I get the impression it doesn't turn off AMT.

 

I'd rather not flash the bios if the option to deactivate AMT works for my situation, since I don't need any IT involvement, it's only used as a home computer.

So my question is, will the bios option to turn off AMT aviod the vulnerability?

 

Thank

 

John


Edited by hamluis, 14 October 2017 - 08:50 PM.
Moved from Internal Hardware to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 Chris Cosgrove

Chris Cosgrove

  • Moderator
  • 7,203 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:12:17 AM

Posted 13 October 2017 - 06:21 PM

I am moving this to the Linux section because it is more of a software than  a hardware problem.

 

In my opinion, and it is only my opinion, making an optional change in the BIOS should not affect your warranty. By that I mean if it is one of the 'switches' available in the BIOS control panel there should be no problem. If you flash your BIOs without approval from your supplier it is possible they could argue it is not in the state in which they supplied it but I think that would be a bit of a stretch.

 

Chris Cosgrove


Edited by Chris Cosgrove, 14 October 2017 - 04:40 PM.


#3 JohnnyBeeGood

JohnnyBeeGood
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 13 October 2017 - 07:39 PM

Hi Chris.

 

I'm a little confused on the move to the Linux forum.

My question only involves the bios, my OS is incidental.

 

I read under the 'Internal Hardware' header "This also includes BIOS questions."

 

Wouldn't I get better results there rather than in the Linux forum?


Edited by Chris Cosgrove, 14 October 2017 - 04:39 PM.
Topic moved back to 'Internal hardware'


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:17 PM

Posted 15 October 2017 - 07:51 AM

I moved topic to General Security, since it seems to revolve around system vulnerabilities.

 

Most recent statement from Intel that I have come across:  https://downloadcenter.intel.com/download/26755/INTEL-SA-00075-Detection-and-Mitigation-Tool

 

Louis


Edited by hamluis, 17 October 2017 - 07:20 AM.


#5 JohnnyBeeGood

JohnnyBeeGood
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 19 October 2017 - 09:24 PM

Unless I missed something, the Detection and Mitigation tool leads to flashing the bios, which is Acer's solution.

 

But I'd rather not flash my bios if there is a work-around that incapacitates AMT, which I won't be using.

I found this

https://www.intel.com/content/dam/support/us/en/documents/technologies/intel-sa-00075-network-admin-detection-and-mitigation-guide.pdf

which lists ports used by AMT and have port forwarded them in my router to a non-existing computer.

I see this as a diversion, not a permanent solution.

 

Does anyone know if disabling AMT in the bios turns it off, or resets AMT to default values as some posts I've read claim?



#6 JohnnyBeeGood

JohnnyBeeGood
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:17 PM

Posted 20 October 2017 - 11:21 AM

Looks like I finally found the answer after a number of searches.

 

6th post down in this link:

Shmuel Gershon

https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/297931

 

Gershon is a testing engineer at Intel

https://il.linkedin.com/in/sgershon






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users