Finbarr has a new article on Intel ME, in which he’s wondering if current tools are acquiring bitrot:
[…]It seems to me there is little ongoing work to enhance existing ME analysis tools such as me_unpack or the meloader IDA plugin to support ME firmware versions 9.5.X.X or later. Possible reasons for this state of affairs include the lack of available documentation for ME versions above 9, no ROMB-enabled ME firmware later the version 9 in the wild, or simply that the ME tool developers have moved on to other projects.
https://blog.fpmurphy.com/2017/08/has-intel-me-analysis-tool-development-petered-out.html
Also, this post pointed out an Intel ME web site I had not seen before:
It has an invalid HTTPS cert, and appears to have been last updated a few years ago.
PS: Also, if you are using Finnbarr’s UEFI-Utilities, note that he’s recently started including ThinkPwn as one of the binaries, so be careful how you deploy it. CHIPSEC blacklists ThinkPwn as one of handful of known UEFI malware modules.
