Company also doesn't support encryption backdoors

Jul 1, 2016 12:33 GMT  ·  By

Via a statement from Steve Grobman, Chief Technology Officer for Intel Security, Intel has denied claims made by hardware security expert Damien Zammit, who detailed a secret subsystem in Intel x86 CPUs that could have the ability to function as a secret backdoor.

The issue brought up by Zammit revolves around a system called the Intel Management Engine (ME), embedded inside recent Intel x86-based chipsets.

Zammit claimed that Intel ME functions as a CPU inside the actual Intel CPU that sets up a secret TCP/IP server, accesses active memory behind your back, and can't be turned off or audited.

In Intel's documentation, Intel ME is presented as a method for remotely managing computers in enterprise environments. Grobman reiterates this in a recent blog post.

Intel ME is a firmware update delivery system, not a backdoor

He says that Intel ME is not a backdoor, but a system through which Intel and enterprise sysadmins can deliver firmware updates.

Grobman explains that CPUs have migrated to a new design methodology in which processors are just a set of building blocks, each with its own function.

  These building blocks are complemented by an embedded microcontroller or processor, which drastically simplifies and shortens development cycles, but more importantly to this topic, it can enable the ability to upgrade and repair a product after it has shipped should an issue arise.  

Intel ME, as Grobman explains, is not a backdoor, but a way to deliver updates and fixes to existing CPUs already deployed in production environments.

  We believe our OEM partners and end customers deserve both the agility that firmware updates allow and the protection to safely accomplish whatever they wish to with our technology to keep their devices secure.  

Of course, this doesn't necessarily cover all of Zammit's criticism. At this point, the best thing to make all hardware experts shut up and all backdoor rumors disappear would be to put Zammit under an NDA (Non-Disclosure Agreement) and allow him to audit the Intel ME codebase.

But companies like Intel are known to keep a tight leash on their intellectual property, especially for the hardware sector where a simple leak could ruin your entire company within a few business cycles, so don't expect this to happen in the coming future.

On a similar note, Steven R. Rodgers, Senior Vice President & General Counsel for the Intel Corporation, has also reinforced the company's position on encryption backdoors in a separate blog post, strongly placing Intel on Apple's side if a scandal similar to FBiOS ever resurfaces.