ItsGeekToMe.co

Q: Alarming and somewhat mystifying information has very recently appeared on the Internet. Perhaps the most disturbing is Intel’s revelation that all computers using its CPU are subject to being remotely controlled by unwanted persons or organizations. It has something to do with the “AMT Module in the Management Engine.” Even worse is that Intel says there is no fix and this vulnerability will remain.

Shortly later, Microsoft revealed that its new update – Windows 10-S – will allow programs to be installed only from the Microsoft store. Windows has the proclivity of installing updates without our permission.

Have computer users (but not technocrats) lost control of our computers and security? Is the only resolution to move to Apple products? If we remain with Intel and Microsoft products, what can we do to protect ourselves?

– Doug B.
Niceville, Florida

A:  I’m not so sure it’s fair to characterize this information as “very recent,” Doug.  Intel’s AMT, or Active Management Technology has been around for 10 years or more, and there hasn’t been much attempt at keeping it under wraps.  The technology has been discussed at length in various tech articles and chat forums over the years.  There’s even a page on Wikipedia explaining what it is and what it does.

That’s not to say that AMT is not a rather bone-chilling technology – and you didn’t even cover some of the scariest aspects of it in your description.  While AMT is broadly described as a technology for remotely managing computers, I personally find it quite disconcerting that using AMT, a PC can be accessed even when it is powered off.  That’s right – powered off.  It must still be plugged-in, but even with the system completely shut down, a person with the right remote tools can still access AMT.  Now, this doesn’t mean someone accessing your system will see what you see when sitting at the local console, because after all, it does take electricity to run hard drives and other components.  But AMT can be used to remotely power-on the PC, and even re-direct its boot instructions to load something other than the OS that’s installed on your PC.  That would seem to provide a pretty good vector for the installation of malware, including spyware.  As if all this wasn’t bad enough, earlier this month (perhaps this is the “very recent” information you read) Intel confirmed a vulnerability in its Management Technology, of which AMT is a part, that allows someone remotely accessing the PC to elevate their own privileges on the machine.  They further confirmed this security vulnerability is present in every version of the Intel Management Engine ever produced. Scary stuff!

Let me correct you on your statements about Windows 10-S.  It is not a “new update” that you and I will necessarily be receiving, but rather, a version of Windows 10 designed for education (apparently the ‘S’ is for “Schools). It is intended to compete with Chrome OS for use on inexpensive computers in learning environments.  It is not a full-featured version of Windows, nor is it an upgrade or replacement for what you’re currently running.

In the last part of your question, you contrast “Apple” with “Intel and Microsoft”.  It seems that you’re unaware that Apple has fully transitioned from Motorola PowerPC chips to ones made by – wait for it – Intel.  So, whether you by a Windows PC or an Apple product, you get Intel chips regardless.  Also, lest you think Apple products are generally safer than their competitors’, let me remind you of the 2014 iCloud hack that resulted in the private, and highly personal photos and videos of hundreds of celebrities being released on the Internet.  You can bet real money that if untrained hackers seeking to satisfy their prurient interests were able to so easily get access to celebrities’ photos that virtually nothing on your Apple device is safe.  So, for this Geek’s money, you’re really no safer on one platform than another.

Unfortunately, with cyber criminals being who they are and doing what they do these days, this is the world we live in, and dealing with this stuff is part of the cost of being connected in the information age.  The only true way to secure yourself from it is to go off the grid, and honestly, that is next to impossible.  On that happy note, until next week, good luck, and happy computing!