the problem is the hardware being replaced to begin with.

The ME is not needed for the end user to operate thier machine in a secure manner.

The ME is a trojan that allows intel to manipulate your system and lock you into the whole DRM nonsense. the only reason Intel platforms havent become as bad as mobile platforms is because there isnt enough fear of system compromise from the average user.

https://en.wikipedia.org/wiki/Intel_Management_Engine

You know if your did less FUD there's a chance people may actually engage in a conversation with you.

Anyone from enterprise knows his much of a timesaver amt is. I make a call andi don't have to wait for the IT dude to appear on my desk- he clicks a few buttons from his desk and my problem is fixed.

Why does that technology, with attendant attack surface, need to be in consumer chips on consumer motherboards?

Besides, we already had a solution for this. It can be provided with add-in cards.

one thing that comes to mind is that the consumer-based wedge of the pie is handled as an enterprise deployment of its own managed by intel.

Why do we need ME for that?

Active Management Technology (AMT) is built on top of Intel ME. ME lets a trusted party control the computer without letting every peer control the computer.

I think the point is that all of this can be implemented purely in software that runs at the OS level, or even application level. There's no need to put this in a place where it's difficult to update/patch, and is entirely opaque and user-hostile to the point that the actual end-owner of the hardware can reasonably be sure they know what it does and can control what it does.

In other words: I don't want a backdoor into my system that I can't examine or disable.

AMT is not available with their Z, B and H chipsets. Leave us with only the downsides.

OK, but the user with physical access should have the option to disable it (without damaging the rest of the system).

This bug isn't in the CPU, it's in the PCH.