How to disable the Intel CPU Management Engine

One of the more controversial features in Intel's processors is the Management Engine (ME), a piece of technology that some believe provides the means for organizations like the NSA to gain access to your computer. What we know for certain is that ME can be used to remotely control a PC and that it has very low level access to your system. Whether it's a backdoor for the NSA is not officially confirmed but in case you're worried about the Intel Management Engine there's now finally a way to turn it off.

Security researchers from Positive Technologies have delved into the ME architecture and discovered a mechanism that can disable Intel ME. They found the feature needs to be activate for the hardware initialization but that there's a hidden functionality that allows the disabling of the main Intel ME functionality at an early stage. Positive Technologies also uncovered further evidence that Intel ME is linked to the NSA

These files contain a lot of interesting information: the structure of ME firmware and description of the PCH strap, as well as special configuration bits for various subsystems integrated into the PCH chip. One of the fields, called "reserve_hap", drew our attention because there was a comment next to it: "High Assurance Platform (HAP) enable".

Googling did not take long. The second search result said that the name belongs to a trusted platform program linked to the U.S. National Security Agency (NSA).

You can find the full guide over here.