I have been looking into either a Protectli or Netgate firewall appliance for home (prosumer) use. I have a concern over the use of Intel chipsets that include Intel ME. I contacted both Protectli and Netgate and neither one could confirm disablement of the Intel ME on their particular appliance’s chipsets (even with coreboot on Protectli). As the firewall is the gateway to and from the internet, having one with Intel ME seems like a bad idea. If a new vulnerability were found, how difficult would it be to exploit and just open up the whole network remotely? Or have a potential “back door” to the network? Are my concerns unwarranted?
With the SG-5100 or any of their Intel based models I don’t really see how this could be exploited at all.
http://blog.ptsecurity.com/2020/03/intelx86-root-of-trust-loss-of-trust.html
Thank you for your response. Let’s just call it a fear of the Intel ME for lack of full understanding of the subject. What makes the application of a firewall appliance using an Intel chip with Intel ME unable or unlikely to be exploited to gain access to the network? Does this differ from how a typical PC with Intel ME could be exploited?
How the attack is carried out:
