Reply to post: Re: Real people?

'Real' people want govts to spy on them, argues UK Home Secretary

Updraft102 Silver badge

Re: Real people?

You have to go back s long way to not have Intel management engine built in, which is an obvious who to backdoor your system.

You only have to go to Haswell or older, according to what I've read, as far as consumer CPUs go. Not only that, but to exploit the vulnerability, you have to connect using the ethernet port whose controller is integrated into the PCH (formerly called chipset or southbridge).

I have a bunch of PCs, and only one is newer than Haswell... my low-end laptop that really should have been a Chromebook, but it came with Windows. It has no ethernet port at all, so its otherwise vulnerable CPU/SoC doesn't present a threat.

My main desktop is Sandy Bridge, so it is way too old to be vulnerable. Even if there was vulnerable, though, the motherboard has two built-in ethernet ports. One's the Intel, the other is Realtek... if I were concerned, I could just use the Realtek and disable the other one in the UEFI.

My main workhorse laptop is a Core 2 Duo, which is much older than Haswell... but in addition to that, it has only a Realtek ethernet controller.

None of my other PCs are vulnerable either, for multiple reasons. My Ivy backup server is too old; my other desktop system is too old and also has dual NICs onboard, my even older than C2D laptop is AMD, and so is my even older than that laptop. And my Compaq portable plus luggable... let's just say it is not subject to this either.

I've made no effort to try to buy gear to mitigate the vulnerability. Even though I own eight functional PCs, I have none that are vulnerable to this. It might not be as hard to avoid as you may think!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019