I think those co-processor cannot control Wifi, correct?
Are there other threats if the user don’t connect wired network?
They are still closed-source residents in the physical address space, meaning
- they have access to all your RAM
- they are exploitable
4 Likes
Not having anything plugged into the ethernet port which allows remote administration dramatically reduces the threat posed by the IME or PSP. You can even still have ethernet connected, as some boards either don’t have remote management connected (many b350 or x370), or have multiple NICs, only one of which allows remote management (or you can plug in a PCI-E or USB ethernet card).
As @ruff says, they are still a problem. There is a very small chance Intel or AMD have included intentional remote exploits, and it is impossible to prove that is not the case (even were a wealthy party to extract and pay for analysis of the binary, there are undocumented opcodes and model specific registers which can change the behaviour of subsequent code). The bigger issue is that exploits like the poorly named Ryzenfall mean that if an attacker gains root access, they can compromise the IME or PSP, and it is impossible to recover from that compromise without attaching a chip flasher to the board and manually reflashing the BIOS. On boards with bios flashback, the flashback system may or may not mitigate this, but as those are also poorly documented, it’s likely impossible to tell for certain. Also note that the gimped version of the IME purism uses helps, but doesn’t resolve the issue.
Bottom line is it’s probably not a problem, as long as you don’t connect via the remote management ethernet interface to an untrusted network (behind an OpenWRT home router is likely fine, an ISP provided router is not).
2 Likes
Thank you everyone for your help!