1. Forum
  2. Newsgroups
  3. colsec

  • Hidden Operating Systems in Chips vs. Secure, Auditable OSes: ACybersecurity Comparison

    From jaworski1978@jaworski1978@adres.pl to pl.comp.os.linux,comp.os.linux.advocacy,comp.os.linux.security,comp.os.linux.hardware on Wed Jun 11 00:41:19 2025
    From Newsgroup: comp.os.linux.security

    Cześć!/Hi!

    Did you know about "Intel Management Engine (ME)" or "AMD Platform
    Security Processor (PSP)" if no then read now:

    <https://puri.sm/posts/hidden-operating-systems-in-chips-vs-secure-auditable-oses-a-cybersecurity-comparison>
    --
    Spokojnej nocy!/Sleep well!
    Jacek Marcin Jaworski
    Domowa s. WWW: <https://energokod.pl>;
    Mini Netykieta: <https://energokod.pl/MiniNetykieta.html>.
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From R Daneel Olivaw@Danni@hyperspace.vogon.gov to comp.os.linux.security on Fri Jun 13 10:50:20 2025
    From Newsgroup: comp.os.linux.security

    🇵🇱Jacek Marcin Jaworski🇵🇱 wrote:
    Cześć!/Hi!

    Did you know about "Intel Management Engine (ME)" or "AMD Platform
    Security Processor (PSP)" if no then read now:

    <https://puri.sm/posts/hidden-operating-systems-in-chips-vs-secure-auditable-oses-a-cybersecurity-comparison>



    This problem has been known for years - even before that critical vulnerability (Intel-SA-00086) from 2017.
    The article says "The Management Engine in Intel devices is disabled to
    the extent possible", whatever that means. It does not say anything
    about AMD, and there is also no reference to any known problems with
    AMD's PSP.
    Apart from that, the article is a sales pitch for Purism Products and is
    very much aimed at potential customers in the US. "Made in USA" is also
    not exactly a badge of trust any more, although I'm not sure which alternatives could be considered better.
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Ralf Schneider@schneiderr@freenet.de to comp.os.linux.security on Wed Jul 30 16:04:31 2025
    From Newsgroup: comp.os.linux.security

    Am Wed, 11 Jun 2025 00:41:19 +0200 schrieb 🇵🇱Jacek Marcin Jaworski🇵🇱:
    Did you know about "Intel Management Engine (ME)" or "AMD Platform
    Security Processor (PSP)" if no then read now:

    This is really unexpected for me. How can tails and tor protect you now ?
    Was this all a deception for dummies ?
    --- Synchronet 3.21a-Linux NewsLink 1.2
  • From Marco Moock@mm@dorfdsl.de to comp.os.linux.security on Wed Jul 30 20:40:56 2025
    From Newsgroup: comp.os.linux.security

    On 30.07.2025 16:04 Uhr Ralf Schneider wrote:
    Am Wed, 11 Jun 2025 00:41:19 +0200 schrieb 🇵🇱Jacek Marcin Jaworski🇵🇱:
    Did you know about "Intel Management Engine (ME)" or "AMD
    Platform
    Security Processor (PSP)" if no then read now:

    This is really unexpected for me.
    Was known for years. :-)
    How can tails and tor protect you
    now ?
    Not at all, because the ME Is technically a separated mini computer
    inside your machine. It is intentionally separated from the main
    components.
    --
    kind regards
    Marco
    Send spam to 1753884271muell@stinkedores.dorfdsl.de
    --- Synchronet 3.21a-Linux NewsLink 1.2