On 16.08.17 11:24, Alessandro Selli wrote:

>     Intel Active Management Technology (AMT) is hardware and firmware
>     technology for remote out-of-band management of personal computers

Didn't know about that stuff. OK, if firmware undermines iptables, then
it'll need either a surreptitious in-band internet channel to phone
home, or some other back-channel provided by the ISP, I figure.

If we interpose e.g. an ARM firewall, then it's harder to hide such
stuff on a small RISC chip. A Beaglebone comes to mind.

> In fact I thing the list of Intel primary customers omits a list of
> several government agencies...

Well, if they're a concern, then it's time to move the relevant host to
the other side of an airgap. For my money, they're like anyone on
unemployment benefits - contributing to consumption in a western world
which has ample production.

Erik