Security Evaluation of Intel's Active Management Technology

Abstract: Intel’s Active Management Technology (AMT) is, a hardware-based platform for remotely managing and securing personal computers out of band. AMT is available in most desktop and notebooks PCs equipped with an Intel Core 2, Centrino, or Centrino 2 processors with support for vPro technology. AMT operates independently of the platform processor and operating system. Remote platform management applications can access AMT securely, even when the platform is turned off, as long as the platform is connected to power supply and to a network. Developers can build applications that utilize AMT using the application programming interface (API) provided by Intel. While this might seem to enable creation of a powerful management tool, a secure infrastructure that is secure against insider and outsider attacks on an enterprise network is difficult. Unfortunately this technology can also potentially be used to create a powerful backdoor that is easily deployed and offers numerous features due to its almost unlimited permissions since the platform can be managed even though it is powered off.