The official HECI method for disabling Intel ME

The HAP disabling method: a more secure option

Nice diagram with ring [ME = (-4) & (-3) ring] p.5

This document contains information on how to get started with Intel® Active Management Technology (Intel® AMT). It provides an overview of the features, as well as information on minimum system requirements, configuration of an Intel AMT client, tools to use Intel AMT features on a PC, and the developer tools available to help create applications for Intel AMT.

Has Intel AMT Definition

Published: 02 Jun 2022

Leaked data reveals Conti ransomware operators were exploring attacks on Intel Management Engine -- or Intel ME -- and CSME, according to new research from Eclypsium.

Presentation Black Hat 2019

Covers ME 12 on Intel 8th and 9th Gen

CSME=ME

• ME system diagram p.5

• ME boot flow + diagram p.9

• isolation from the rest

• Roles (what ME is for)

• ME hardware parts

• OEM decides if boot guard on/off

• ME firmware update

  • Downgrade allowed by Intel only for certain versions
  • Upgrade over the internet

Presentation Material
Video

me_cleaner supports two ways to disable Intel ME:

by removing the non-fundamental partitions and modules from the Intel ME firmware
by setting the HAP (Intel ME >= 11) or the AltMeDisable (Intel ME < 11) bit in the flash descriptor

Heavily patent document with drawings, charts and tech Info about ME (referred as CSME)

The purpose of this white paper is to describe the security design and implementation of Intel ® CSME 14.0 (Comet Lake), Intel ® CSME 15.0 (Tiger Lake) and Intel ® CSME 16.0 (Alder Lake) and its role in the platform.

Bookmars/Chapter

Chapter 2: Basics

• definition
• diagram
• 3 main fuctions of ME
  • Silicon Initialization
  • Manageability
  • Security

Chapter 4: ME firmware

• nice diagram of ME rings (ME CPU rings and not the Main CPU rings)
• Description of Firmware Components

The white paper content is based on: “BlackHat 2019 - Behind the Scenes of Intel Security and Manageability Engine”