I’ve been using an USB Ethernet adapter instead of the one built into my PC’s motherboard due to being afraid of a hypothetical case where the firmware/Intel ME/AMD PSP would phone home or make an advertising profile out of your Ethernet traffic if using the built in ports, but not if using an USB adapter due to the firmware not having the necessary drivers to do so. (Repeating, this is just hypothetical).
But recently I’ve been wondering if doing this is just straight up unnecessary paranoia, or if there’s any major security/privacy risks on it’s own that would ultimately undermine this idea to the point it would just be better to use the built in Ethernet port, even if the hypothetical case I said before happened to be true.
I don’t know, but if you’re concerned about firmware and Intel ME, I recommend System76’s coreboot laptops, which now have IME disabled. Note, currently only Raptor Lake models have disabled IME.
IME shenanigans are probably reserved for high stakes hack, not for us normies and plebs.
If there ever were actual zero day exploits on this I reckon its a very juicy bit and will be only be used for something greater than a SolarWinds level hack or even more (remote disabling enemy nukes, maybe, during first strike?) and not even for simple journalist smack talking to their governments.
These feels extra special and for those important use cases.
We are probably safe from these but all of my words are speculation.
For a consumer (i.e., non-vPro/Ryzen Pro) CPU especially, I would think it is overly paranoid to worry about a remote hack. And as @HauntSanctuary rightly said, any hacks via the ME or PSP are going to be reserved for the big boys not random people concerned about privacy
I don’t recall seeing any evidence that IME or PSP unexpectedly phone home. The only concerns I’ve heard about IME or PSP were about their proprietary nature and potential vulnerabilities. But as for anything being done in the wild, I don’t recall seeing any evidence that IME or PSP are being used as backdoors.
If there isn’t evidence that backs up the idea IME or PSP are being used as backdoors, then I’d say it’d be wrong to believe that is the case. Furthermore, if such an advanced backdoor was being used, surely the developers would’ve built it to be capable enough to establish connections through a wide variety of techniques, rather than limiting it to only access the internet over the Ethernet port.
This isn’t to say no one should be concerned hardware and firmware security, just that you should stick to worrying about realistic threats that are relevant to your threat model.
I remember people in the SPITE community warning others about disabling Intel Management Engine, particularly with me_cleaner as it apparently disables important security features. However it looks like System76 currently uses a different method, so I’m not sure if it differs from me_cleaner in that regard. I honestly can’t remember specifics and I was unable to find information using the search function in Element, but feel free to ask them yourselves if you’re interested.