What does Hãng Intel Security Assist bởi vì, and why is it installed?Also, (how) does it relate to lớn the IME, and is it reasonable lớn believe that it provides/facilitates the provision of back-doors inkhổng lồ the OS. (After nearly a year, I"ve sầu still been unable to find any meaningful information about it in Google)
Update - This question has been viewed over 26000 times, and is one of the first results when looking for but no meaningful answer, so I"m adding a bounty.
Bạn đang xem: Intel security assist là gì
Old Update - There have been some answers below confirming its part of the IME platkhung, but this does explain what the benefits / utility of the program is (particularly khổng lồ the user).
Improve sầu this question
edited Oct 30 "17 at 3:15
asked Nov 14 "16 at 21:06
57k99 gold badges7878 silver badges124124 bronze badges
| Show 5 more comments
3 Answers 3
Active Oldest Votes
Intel Security Assist (ISA) is part ofHãng Intel Active Management Technology (AMT) defined as :
Hãng sản xuất Intel Active sầu Management Technology (AMT) is hardware và firmware technology for remote out-of-b& management of personal computers, in order to monitor, maintain, update, upgrade, và repair them. ... Hãng sản xuất Intel AMT includes hardware-based remote management, security, power management, & remote configuration features that enable independent remote access khổng lồ AMT-enabled PCs.
According khổng lồ some reports, ISA connects once a week to lớn Intel servers and passeson some unknown information.
It is not an essential service. On the Dell computer on which I"m writing thisanswer, ISA was not even installed for Windows 10, althoughIntel(R) Management & Security Applications are indeed installed.
AMT & ISA are suspected of using a hardware component which is baked intoall post-2006 Intel boards and which can be used lớn remotely control thecomputer. This hardware component is enabled or not when the motherboardis manufactured & an access key is baked into lớn it via a certificate.Its presence & possible access are at the discretion of the manufacturer,but I would guess that it would normally not be enabled for consumer-grademotherboards, being more enterprise-oriented.
AMT was intended to lớn give enterprise IT managers greater control over themachines on their network, which it did in a big way.Starting with AMT 6.0, it includes KVM Remote Control to lớn give ITadministrators complete access khổng lồ the keyboard, video clip, and mouse of a targetclient.In AMT 7.0, Hãng Intel makes it possible lớn use a 3G cellular signal to skết thúc a remote kill command for deactivating a stolen computer.
However, it is not AMT but ISA which is the subject here.To answer the questions raised by davidgo :
What it does
Notoàn thân really knows, but it probably passes some statistics to Hãng sản xuất Intel.It is unknown (but possible) whether it can accept commands from Intelfor active sầu interference, but no such reports exist.
Why it is installed by Microsoft by Default
It is not installed by Microsoft by mặc định.It might be pre-installed by the manufacturer of the computer,& this might possibly indicate that AMT is activated in the hardware.
What security implications it has
Probably none. It is not ISA which can serve sầu as an attaông xã vector, but ratherAMT. There are many reports from users who disabled or uninstalled ISA with noill effects, so it seems rather harmless.
As further information,the Intel Management Engine is activated in a compatible PC’s BIOS,which gains one access to several BIOS functions, but not before a passwordis set:
Within these same BIOS screens, you can perkhung several different low-cấp độ AMT-related configuration tasks, mostly related to lớn when AMT is activatedas a function of the current computer power-level. If your BIOS has no Hãng Intel MEentries, then probably AMT was not enabled by the motherboard manufacturer.
If you would lượt thích to lớn disable the hardware component of AMT,the GitHub projectme_cleanermight help, but there is already a chance that it is disabled.I also quote this from the project, which I actually take as a warningagainst an unsuccessful hack:
Starting from Nehalem the Hãng sản xuất Intel ME firmware can"t be removed anymore: without a valid firmware the PC shuts off forcefully after 30 minutes. This project is an attempt lớn remove sầu as much code as possible from such firmware without falling inkhổng lồ the 30 minutes recovery mode.
Conclusion: ISA in my opinion is harmless. It can be blocked in the firewallor its system service can be disabled with no harmful effects.I would not advise on its uninstallation, because reinstalling it backmight be difficult.