The funny thing is that there are many more. Interesting how the EU is dealing with this - most media seems to focus on how badly china could be spying while the US proved they aren't trustworthy long before.
Pretty obvious how the EU will deal with it. I once read the official statement of the German government that there is no way the US is spying on us while walking past dozens of huge radomes on a US base close to ESA hq.
I read the news when it was discovered that our intelligence service regularly updated NSA selectors to spy on internet users and never looked into what they were updating. Suddenly they "found out" that the US wasn't looking as much for terrorists but more for industrial secrets. Ups, who would've thought.
I don't want to spied on by the Chinese government but it doesn't matter much when I'm 100% spied on by at least the USA and the UK.
ESA headquarters is listed as in Paris. I'm not seeing any US bases near Paris. Orly used to be a US base but was shutdown in 1967 and is now a civilian airport.
Sorry I meant the European Space Operation Centre (ESOC) in Darmstadt, Germany. Its almost neighboring the dagger complex [https://en.wikipedia.org/wiki/Dagger_Complex] of the US INSCOM/NSA.
You haven't worked for large companies have you? Intel ME is NOT a backdoor. It may have vulnerabilities, sure. But none explicitly put in there.
It was designed for a specific purpose- troubleshooting enterprise computers. And it does that job amazingly well. No more IT guy guiding me when he can just do all the clicks himself.
It doesn't matter if it's a deliberate backdoor or not. It's a door, and I want to be able to close that door if I'm not using it, and Intel won't let me. Reducing attack surface is a security best practice exactly because any software can have bugs.
An allegory: imagine if an OS ran an SSH server and there was no way to turn it off or to control the keys it accepts. Maybe it has no bugs (you can't see the source code). Maybe it has no malicious intent or backdoors. As a security conscious computer owner, I still view its existence as a negative. I would like to be able to provably turn it off or control the keys it accepts.
Forcing upon users is wrong but calling it backdoor, as someone who sounds reasonably intelligent to other reasonably intelligent people is misleading and wrong too.
I think this is one of those cases where you need to take into account the intent of the Intel ME and whether or not you can consider it a backdoor. Surely it's a useful tool in corporate environments but to any other average individual it's definitely a backdoor. It's a "feature" of nearly every modern x86 CPU that undoubtedly has capabilities of a backdoor that cannot be turned off or disabled by regular means. If I wanted to be able to remotely manage my machines out of band then I would've asked for it, but instead I foolishly bought myself into a very easy way for vendors to maintain control over me and my data.
A backdoor is access to a computer which the legitimate owner cannot control. Intel ME fits this very well. Let me switch it off (verifiable) and we can talk.
If it was for troubleshooting enterprise computers, it would be opt in. At this point I assume bad faith.
The funny thing is that there are many more. Interesting how the EU is dealing with this - most media seems to focus on how badly china could be spying while the US proved they aren't trustworthy long before.