Comment by kragen
1 month ago
Roughly everybody you've ever met, 100% of the time.
There's a reason the NSA can get Intel CPUs without IME and you can't. Given the incentives and competence of the people involved, it's probably an intentional vulnerability that you can't escape because you don't fab your own chips. There's strong circumstantial evidence that Huawei got banned from selling their products in the US for doing the same thing. And the Crypto AG backdoor (in hardware but probably not in silicon) was probably central to a lot of 20th-century international relations, though that wasn't publicly known until much later.
And this is before we get into penny-ante malicious hardware like laser printer toner cartridges, carrier-locked cellphones, and HDMI copy protection.
No amount of QC is going to remove malicious hardware; at best, it can tell you it's there.
I can. Purism and system76 disable the IME.
This is also a completely different threat model but whatever.
I think they're using me_cleaner, which does appear to work, but using software to disable a hardware backdoor is inherently unreliable.
Either way this isnt a foundry covertly inserting a back door. It is a foundry openly inserting a back door and turning it into a feature.
A small country that imports these chips and wanted to protect its national security by providing "me disabled" chips wouldnt need a whole foundry of its own to turn it off or to verify that there isnt a "hidden" ME. The cost of this would probably run into low millions not billions.