What are Management Engines and UEFI OS and why should you care?

The most widely used Computer Operating system in the world is Minix. Yes, you read that correctly. Not Linux, Not Microsoft Windows and not Apple.

What you also need to know is that your central processing unit has access to all your system passwords, no matter what operating system you have installed.

Also, interestingly, even if you power off your computer, Minix, that is running on all Intel based cpu’s, can still run and execute instructions and yes, it even survives reboots or even if you plug your computer or server out completely. Minix can execute self adapting code, in cycles and is impossible to stop.

Probably the most scary facts are that x86 cores also run a full TCP/IP networking stack, file system, drivers for usb, network and disk i/io and runs a web server for allowing remote access…

Matthew Garrett, who works for Google, explained the security issues, as Intel’s Remote AMT vulnerability

Writers personal experiences: After a two month visit to the USA, my Acer Aspire black box became a brick and my new black box is a much older cpu (as in 12 years older) sure it is much slower, but there is no ME, No UEFI and no issues…

UEFI (Unified Extensible Firmware Interface) is trivial to hack. In CPU land we have “Management engines” (ME)  (even AMD Rizen has a ‘black box’) and the only solutions for South African Consumers are to:

(1) push for UEFI Roms with much reduced functionality (only the absolute basics) and to;

(2) demand that Intel and AMD enable consumers to disable their “functionalities” which enables spyware (or vendor control/monitoring of unsuspecting consumers, at the very least) 

What you can do:

Write and email to the National Consumer Commission and demand that they force foreign multinational companies to stop spying on Africans, to stop enabling International Governments from attacking South African Citizens and to ensure that the products they sell to unsuspecting South African Consumers do not perform undocumented functionality and that there exist options to disable the Vendor Spyware shipped to South African Consumers.: http://www.thencc.gov.za/content/working-together-create-consumer-friendly-south-africa-0

OCP/Embed/Firmware updates: Video below & ME – https://github.com/corna/me_cleaner (Follow any advice, read code before running it and always: at your own risk) – UEFI turn it into NON EXTENSIBLE (disable/remove much of it) – https://github.com/osresearch/heads/tree/nerf/