The nagging knowledge that no matter how thoroughly I secure my environment it is insecure by design at a base level.

> you don't have to use it

Disabling Intel Management Engine is not a feature of the platforms that support it.

> Has anyone ever been hacked through IME vulnerabilities?

I could not say. Glad you at least acknowledge the vulnerabilities exist.

https://en.wikipedia.org/wiki/Intel_Management_Engine#Securi...

--------------------------

Edit since I can't reply to the post below:

It is not like being afraid to leave the house because a meteorite strike might kill me because staying at home does not afford protection from meteorites but using a system without Intel Management Engine does afford protection from its vulnerabilities.

I would say that your position is equivalent to saying "Why are you so upset about the skateboard on the staircase? People can fall down stairs without slipping on a skateboard and anyway as far as I know no one has slipped and fell on this skateboard yet."

"Just don't connect it to a public network, including the internet" (airgapping) is a solution to the vulnerabilities posed by Intel Management Engine but I expect most people who purchase computers featuring Intel Management Engine lack that understanding.

It's unironically pretty sketchy if you're read the Wikipedia page for it.