Professional Documents
Culture Documents
What You Need To Know About The Intel Management Engine
What You Need To Know About The Intel Management Engine
Over the last decade, Intel has been including a tiny little microcontroller inside their
CPUs. This microcontroller is connected to everything, and can shuttle data between
your hard drive and your network adapter. It’s always on, even when the rest of your
computer is off, and with the right software, you can wake it up over a network
connection. Parts of this spy chip were included in the silicon at the behest of the
NSA. In short, if you were designing a piece of hardware to spy on everyone using an
Intel-branded computer, you would come up with something like the Intel Managment
Engine.
Last week, researchers [Mark Ermolov] and [Maxim Goryachy] presented an exploit at
BlackHat Europe allowing for arbitrary code execution on the Intel ME platform. This is
only a local attack, one that requires physical access to a machine. The cat is out of
the bag, though, and this is the exploit we’ve all been expecting. This is the exploit
that forces Intel and OEMs to consider the security implications of the Intel
Management Engine. What does this actually mean?
In addition to the release of the ME exploit at Black Hat, we’ve learned a lot in the last
few weeks. The ME is actually running Minix, a ‘hobby’ or ‘teaching’ operating system
created by [Andy Tanenbaum], and the OS that gave birth to Linux. There is a
significant discussion of the BSD licensing versus the GPL licensing of Minix and
Linux, but that’s an argument for another time.
For several years now, researchers have been investigating the set of chips Intel has
included in their latest CPUs. Unfortunately, Intel decided that closed-source was the
way to go, and with that security researchers had an idea of what the Intel ME could
do, but had no idea how that was done, and whether or not there were any security
holes. This week, that wall was breached. Now anyone can execute arbitrary code on
the Intel ME with a USB stick.
Mitigation
With the immense problems of the Intel Managment Engine, is there anything a
regular joe can do to mitigate the security risks? Is there any way to just turn the ME
off? Thankfully yes, with a few caveats.
System76, makers of fine Linux laptops and desktops, have released their own
firmware update to disable the ME. Additionally, Dell is now selling a laptop — the
ruggedized Lattitude 14 — with the default option of a disabled ME. There is,
apparently, a market for the security conscious.
However, if you already own a computer, the chances are that you have a
Management Engine somewhere in your box, and it’s running. What are your options,
short of buying a new computer? The first step towards removing the ME is to see if it
is indeed running. For this, Intel has released a tool to detect a running ME.
To that end, some motherboard manufacturers and OEMs have come up with
methods to disable the ME in the last week or so, and it’s expected there will be an
industry-wide response to this problem, with handy guides on how to disable the ME
available from your motherboard OEM.
All of these are incomplete solutions. The recent Evil Maid exploit for the Intel ME,
which requires physical presence, only works on ME versions higher than V. 11. While
this does exclude all Macs, there’s still the possibility other exploits will be found,
affecting earlier versions of the ME. How do you turn the entire thing off?
Unfortunately, you can’t. A computer without valid ME firmware shuts the computer off
after thirty minutes. However, the me_cleaner tool does something rather clever: it
tricks the ME into thinking it has valid firmware, but in fact does nothing. We took a
look at this hack when it was first released, and yes, if you delete the first page of
memory from the ME’s ROM, it stops working but still allows your computer to
function.
Until that day comes, we’re only left with the realization that yes, the nerds were right.
The idea of the NSA putting hardware in every computer sounds absurd, until you
realize it actually happened.
Over the last few decades, the general population has been dragged kicking and
screaming in the world of information security. In the 80s, it was as simple as not
writing your password down on a Post-It note. In a few years, we’ll get to the
conversation about how Alexas and Google Homes are an Orwellian nightmare. Until
then, we’ll have to use the Intel ME exploit as another example of how important
security is, and how vital it is to listen to the people telling you, “this is bad”. Code that
can’t be audited is code that can’t be trusted.
KMLM says:
December 11, 2017 at 10:06 am
How does it harvest energy when it is not plugged in anything? Has intel come up with a
free energy harvesting engine inside the ime too?
Do you always unplug your computers when you turn them off?
Cree says:
December 11, 2017 at 12:05 pm
meninosousa says:
December 11, 2017 at 1:25 pm
just for info, i acturally do and if you don’t, you are not saving the dolphins:
https://en.wikipedia.org/wiki/Standby_power
robtissy says:
December 12, 2017 at 5:00 am
Except for the fact that many laptops and phones do not have hardware
turnoff switches or removable batteries anymore.
We’re getting to a point where someone needs to make a device for the
security conscious and a few manufactures are working on just that.
In a nutshell it’s because we consumers are idiots, and crave for convenience over
everything. Wake on lan, IR remote switch on, wiggle-the-mouse for boot. Those
things are not “off” (and as a collateral they’re draining something around a couple
of W).
Myself? I’ve a power strip with a switch, and separate those things (which today
typically even have no real switch on them) from the supply, as meninosousa does.
There are things I just don’t want to “outsource”.
Adam says:
December 12, 2017 at 1:16 am
Just put some cheap AM radio near “turned off” laptop and listen that it is doing
something all the time.
I can use wifi on my laptop but I have cable with wifi odd. if I unplug the cable when I
log off, can they still access?
It is called the CMOS battery at 3.5volts is enough to power solid state components
on a motherboard whose power supply is turned off.
Sometimes the CMOS battery isn’t rechargeable and often it seems to small for
powering much more than the real-time clock. In my own laptop I haven’t
found any. But as the accumulator is built in if I unplug my computer it still has
access to the energy needed in order to run the wifi for months.
nsayer says:
December 11, 2017 at 10:06 am
The corollary to “code that can’t be audited is code that can’t be trusted” is “the larger a
codebase is, the harder it is to audit.”
salec says:
December 11, 2017 at 11:33 am
Alas, the code that can be audited can’t be trusted either. I mean, can you trust that it
was audited, that auditors fully understood the code, that they are well meaning, and
that they are well-meaning towards YOU? The trust is only shifted around, not
eliminated. Auditing everything yourself (and all of us doing it for ourselves) would
destroy productivity gain we got from data processing automation.
And then again, can you be sure that proven innocuous code does not contain …
some sort of “code steganography” (e.g. something like “port knocking”, but only
“register knocking”, or “cache location knocking”) in collusion with underlying
hardware (which you are unable to fully audit). To be sure that code is not conveying
any additional information to hardware apart from its primary public goal there would
be necessary to exist a single canonical form of executive program for each
programming task, and if code strays from it, something is fishy. But can we
enumerate all possible programming tasks, on all levels of architectural hierarchy?
Those who make their move first are always one step ahead.
nsayer says:
December 11, 2017 at 12:27 pm
Well, even starting down that road assumes that you can trust your own
auditing skills. See also: Schneier’s Law.
Moryc says:
December 11, 2017 at 1:19 pm
IIRC there was a backdoor hidden by NSA in important piece of code from
Linux (all of them (something related to network implementation, I think, but
can’t remember details)) that went unnoticed for decade or two. Which proves
that having open source code available is no guarantee that there are no
backdoors. That code was read and edited by many people, yet none of them
noticed any problems…
ytrewq says:
December 11, 2017 at 6:35 pm
Report comment
salec says:
December 12, 2017 at 3:18 am
glwatcdr says:
December 12, 2017 at 5:35 am
http://mashable.com/2013/09/19/linus-torvalds-backdoor-
linux/#ooW8CSP4faq0
Report comment
lwatcdr says:
December 11, 2017 at 5:47 pm
RobotBuilder says:
December 11, 2017 at 6:25 pm
Right, I have serious doubts about the parent comment. I think they
may be thinking about NSAKEY or one of the Windows fiasco’s.
Moryc: [citation needed]
Report comment
fuchikoma says:
December 14, 2017 at 1:11 pm
Report comment
Moryc says:
December 12, 2017 at 10:55 am
I was unable to find, where I read about this thing, so I probably recalled
it incorrectly. I’m sorry for confusion. It might be a Windows thing
though…
Peter says:
December 11, 2017 at 2:37 pm
And did you actually compile the same code that you audited? And what
happens after a tiny tiny software update?
Hawkeyeaz1 says:
December 12, 2017 at 7:49 am
spacedog says:
December 13, 2017 at 6:17 am
Report comment
Cvnk says:
December 11, 2017 at 10:11 am
So what about AMD processors and motherboards? I assume they don’t feature IME but
does AMD have its own version? If not maybe we will see a resurgence of AMD in the
desktop realm (beyond GPUs).
Cvnk says:
December 11, 2017 at 10:15 am
Well a quick search answered my question (I knew it would — I just figured it was still
worth posting the question to generate awareness). Unfortunately AMD does have
its own counterpart to IME and it’s just as closed to scrutiny.
Rumburack says:
December 11, 2017 at 10:50 am
And this is why I think the focus on Intel is wrong. I assume every current CPU
has such thing. Apples A9/10/whatever, ARM, you name it, it has it.
Has it?
nsayer says:
December 11, 2017 at 12:29 pm
I don’t purport to know one way or another, but I’d be surprised if such a
thing was in any processor designed for a mobile device.
In the more limited scope of Apple, I’d be even *more* surprised, given
they’re the same bunch that went to war with the FBI over similar issues.
spacedog says:
December 13, 2017 at 6:29 am
Report comment
nsayer says:
December 14, 2017 at 7:34 am
Report comment
Gunplumber says:
December 11, 2017 at 12:41 pm
I had heard a rumor that they’re giving users the option to disable it in an
upcoming BIOS update.
CRJEEA says:
December 11, 2017 at 5:30 pm
It used to be as simple as cutting the write enable pin. [ or tying it high. ]
doubtful most are that trivial these days.
Short of building your own hardware from the wafer up.
[ and writing your own wafer design tools because they could add things
in after you press print and you’d probably never know. ]
You’re always going to have that in the back of your mind.
Waiting for someone to add a virus to routers that waits for them to not
be in use and switches them to a network extending and file sharing
mode. Sort of wifi only internet. With the shear number of wifi sources in
built up areas the bandwidth would be huge.
CupOfJoe says:
December 11, 2017 at 10:23 am
Truth says:
December 11, 2017 at 3:34 pm
To be fair Intel got into that position with a long history of dirty tricks.
herringbone says:
December 11, 2017 at 10:32 am
Ugh! It seems like an article about IME has come up at least once every two weeks
for years now and yet still somebody asks this same question every time!
Cvnk says:
December 12, 2017 at 7:39 am
PAVUK says:
December 11, 2017 at 1:26 pm
https://www.reddit.com/r/security/comments/4ot223/do_amdprocessors_have_som
ething_like_intel/
jwebola says:
December 11, 2017 at 10:13 am
Now that you’ve covered Intel, does AMD have the same sort of tattletale built in or have
they been able to duck Big Brother?
Reply Report comment
Truth says:
December 11, 2017 at 3:45 pm
LOL says:
December 11, 2017 at 10:15 am
Now a class action lawsuit to add to our cost of replacing the 40k Intel based
motherboards we currently have deployed.
The least Intel could have done is offered a free removal tool — Steve Jobs was right when
his said Intel managers had no class.
herringbone says:
December 11, 2017 at 10:34 am
Replace them with what?!?! If the NSA asked for part of the IME to be in there then
do you really think off is off? Do you think a new model CPU/Motherboard is right
around the corner that doesn’t have an IME? What are you going to do? Open RISC
in an FPGA as a desktop?!?!
Ostracus says:
December 11, 2017 at 10:52 am
PowerPC for the win. But it still needs to be said that business hardware needs
to be managed in a non-proprietary way.
Olsen says:
December 13, 2017 at 9:54 am
For the costs of PPC stuff, you might as well be a three letter
agency to purchase and design custom hardware or Google.
Report comment
herringbone says:
December 11, 2017 at 10:49 am
This has me thinking… a desktop class processor custom fabbed so that we can know for
sure what is on it is probably not happening any time soon. But… what if one purposely
connected a computer to a network in such a way that the IME or AMD’s equivalent just
doesn’t know how to use it? As a home computer user I’m not to worried about an evil
maid but we all want protection from strangers on the internet.
The first thing that comes to my mind, and about the only thing that might be within my
own technical capability I have thought of is to connect via an ESP chip. The IME wouldn’t
see a NIC, it would just see data going over a serial port. Would it recognize that as it’s
connection to the outside world and use it? Even if there were a backdoor in the ESP chip
(which I doubt) it’s not like it would be able to access my hard drive or my RAM or anything.
But… that connection would be very slow.
How about an open source NIC? Something on an FPGA maybe? I’m not sure exactly how
this would work. Maybe there could be some sort of unique encryption key flashed onto
the nic that must also be compiled into the driver. Even if someone ported the driver to
Minix and it was built into the IME it wouldn’t work so long as the user changed their key to
something other than the default one.
The only way I can imagine the IME getting around that would be if it looked in RAM and
recognized whatever represents the operating system’s TCP/IP stack and POKE’d it’s crap
right into it. I’m thinking that maybe Linux with PIE could secure against that?
bob says:
December 11, 2017 at 1:46 pm
It’s a clever idea and crossed my mind too, although I lack the skill to understand it. A
beowulf cluster composed of amd and intel would be naturally resistant as the same
exploit should not affect two systems in the same manner. Buffer overflows were
such a big threat a few years back that the linux kernel was altered to randomize
memory locations. I doubt an alternative firmware for routers to obfuscate network
traffic would be a workable approach as they couldn’t approach the speed of a
usable cpu.
Blecky says:
December 11, 2017 at 6:53 pm
Robot says:
December 11, 2017 at 10:51 am
Ha ha, joke is on the NSA, all of my personal computers are at least 10 years old!
One thing that is not clear to me; what about Apple hardware? It would be great to know
there is at least one mass market option out there.
Apple has used Intel for years now. Hmm… I always wondered why.
Robot says:
December 11, 2017 at 11:19 am
Yeah but my understanding is that the ME can’t do it’s thing of the MB doesn’t
support it, yeah?
nsayer says:
December 11, 2017 at 12:30 pm
Olsen says:
December 13, 2017 at 9:56 am
Apple devoted all of their silicon engineers to the Iphone that were previously
helping with the PPC chips.
Ø says:
December 11, 2017 at 11:01 am
I was under the impression it’s only the recent generations that’s running Minix and the
other is using some other proprietary embedded OS.
Reply Report comment
Nathan says:
December 11, 2017 at 11:03 am
pretty sure this only worked because the PC manufacturer left JTAG turned on… it’s not
Intel’s fault, it’s the carelessness of the PC manufacturer who didn’t follow the
recommendations and warnings laid out. Just like you can’t fault a car company for your
cell phone getting stolen from your dashboard when you left the windows open all day in a
bad neighborhood.
Cluso99 says:
December 11, 2017 at 11:05 am
I am no lawyer, but it would seem to me that Intel could, and should, be held accountable
for intentionally installing, what can only be described as a backdoor virus, into the silicon
of their ’86 processors.
Surely as such, Intel should be held legally liable for any and all damage, direct and
consequential, to all owners of computers with those “Intel Inside” computers. Thus, even
examining what possible security risks they pose, is a cost, personal and corporate, to
owners of those said computers, and is therefore both a direct and consequential
expense/loss directly caused by Intel knowingly installing specific silicon inside their chips.
Intel is smart/big enough to have reasonably have known, and indeed that was the
purpose, that this would impose unreasonably security risks to everyone who bought/used
their processors. Thus, they cannot deny legal liability.
Some smart lawyers are going to make $$$$$$ going after Intel. Meanwhile we all pay for
this monumental breach of confidence. The cat is out of the bag, so to speak.
herringbone says:
December 11, 2017 at 11:08 am
“Parts of this spy chip were included in the silicon at the behest of the NSA.”
So… scapegoat the manufacturers while letting the real criminals carry on?!? This is
why we can’t have nice things.
Reply
Report comment
Ø says:
December 11, 2017 at 11:12 am
They better aim for releasing the x86 license and related patents for free use to
everyone without strings attached rather than big sacks of money being first priority.
herringbone says:
December 11, 2017 at 1:18 pm
:-( I don’t think my RepRap would be quite up to the task of fabricating a new
Intel-clone CPU. Can yours do it for me?
Ø says:
December 11, 2017 at 2:51 pm
Ostracus says:
December 11, 2017 at 6:16 pm
Report comment
herringbone says:
December 12, 2017 at 5:51 am
That would bring prices down. I don’t think it would eliminate the
IME though. Every fab that touches x86 would get a visit from a
guy in a black suite with a bag of money in one hand and a ticket
to Gitmo in the other. Funded by the taxpayers this could continue
indefinitely.
Report comment
JB says:
December 12, 2017 at 9:35 am
“Ostracus says:
December 11, 2017 at 6:16 pm
Maybe the Chinese will come up with an alternative? ;-) ”
Report comment
fanoush says:
December 11, 2017 at 11:10 am
so, umm, why disable it, why not run linux or something opensource on those ME core(s),
could have some good uses
Brian,
You’ll find the information you’ve said is actually outdated by at least a week or so… What
you’ve documented is almost an exact of what I was thinking along the lines of before
recent days ;)
It doesn’t appear like an NSA requested backdoor but more like NSA found it to be too
convenient a backdoor and so kept it secret whilst asking Intel for a reassuring kill-switch.
NSA looked over something about the HAP-bit though:
The kill-switch is after the bring-up-program (BUP) that is loaded from flash (Not USB…
We’ll get to that later),
The bring-up program had a fatal flaw in that it required a fixed size allocation for a file to
load it’s configuration from (Not much was needed to be configured this early, we
suppose).
That config wasn’t signed, else it would’ve been a dead end to try and abuse as it wouldn’t
even get past the signing checks.
So a larger than max config would overflow the memory… but too big would knock out
other stack canaries and ultimately cause a stack fault. Also if it’s own canary did get
knocked off and the fn() returned, then game over. So now the overflow has occurred, they
used a return-oriented-programming approach to jump to the last executable offset in any
function that returned straight after the last instruction and use that against an address
table to run custom code, this can then highlight the payload as executable to the CPU so
it won’t triple-fault (Hang in the case of IME-x86-CPU or cut Power-Good to PSU)
Like the twin-towers, it could be an inside job or genuine actors… at this stage we’re in the
dark, but yet Intel haven’t hired people to give the “Official story” with a tin-foil explanation.
As for the USB, I haven’t seen it released as a document, but maybe the BUP is actually
burnt to the chip and boots the config off the separate ROM for board quirks and
adjustments (PCIeNum_of_lanes, Me_Config, InRecoveryMode, Intel_NDA_Config_Optz,
NSA_HAP_Bit for example).
The USB, AFAIK, was a way of connecting via J-TAG and would only be for USB3.x systems
as there are another 2x lanes for to include all 6 J-TAG wiring of the platform. Maybe, that
is how they got how the BUP worked, or, how they took direct control before, between, or
after power-on (possibly also when the ME-CPU is reset, the early bring-up can be viewed)
This bit is just about the USB and NSA involvement bit… I’ve got another tonne of updated
information about more of this Intel ME stuff, including pointing out some misconceptions).
So much to say, not easy to proof read, I may put up sources should people here not have
before myself. Hint, google for “Where there’s a JTAG there’s a way PTsecurity” PDF
warning though, look at this PDF, if you know just enough C/C++ to get yourself into
trouble, then you can see where I’ve got the description as above for the over-flow ;)
P.s. being out of date isn’t too bad of a situation, thence the wink smiley in hope you
take the comment lightly and informatively. :-)
Reply
Report comment
Dan says:
December 11, 2017 at 12:43 pm
https://media.giphy.com/media/3oEjI789af0AVurF60/giphy.gif
DougM says:
December 11, 2017 at 12:44 pm
I used to think that there wasn’t a problem so long as the computer was off, but lately I’ve
found my computers are turning themselves on regardless of what I do to stop it. Then this
IME thing, plus the Echo and the Google Home all exacerbate the problem, except one
thing: There is a single gateway to the internet.
What I’d like to see is an open source hardware device that sits between my internet
connection and my network that allows me to set rules for connections and packets. I’m
not sure if this is possible, but it seems like it wouldn’t be that hard to tell if packets are
trying to get through when they shouldn’t be, and maybe even a public blacklist/whitelist
process similar to what ad blockers use.
On the other hand that might just add another easily hackable device to the mix.
thoughts?
Bill says:
December 11, 2017 at 1:15 pm
Tomshon says:
December 11, 2017 at 2:05 pm
Look after Turris Omnia:-)
keithsnape says:
December 11, 2017 at 2:20 pm
How does this affect Bitlocked or other HDD encryption? Does this affect virtual machines
as well?
Truth says:
December 11, 2017 at 7:37 pm
There is a not so secret CPU with full access to every instruction that runs on the
CPU, and access to all RAM.
As long as your machines hard disk is encrypted, powered off and disconnected
from all computers it is relatively secure. But as soon as you want to access it the
data there is the decryption key stored in somewhere in RAM and a decryption
algorithm which needs to run instructions on the CPU. There is nothing that you can
hide by having a virtual OS, unless it is using a totally different CPU not made by
Intel(IME)/AMD(PSP).
And since you are asking about Microsoft bitlocker, I have no logical way to answer
you other than mentioning that Microsoft (like Intel) is a part of the “nsa strategic
partnerships” (plug the term into your search engine of choice, it was part of the
Snowden documents, and mentioned in some wikileaks)
jedhodson says:
December 11, 2017 at 1:35 pm
Doesn’t the motherboard have a jumper to disable the management engine? Mine does.
neuechristian says:
December 15, 2017 at 8:08 pm
jedhodson says:
December 15, 2017 at 11:35 pm
corna says:
January 13, 2018 at 8:57 am
Yes, there’s the HDA_SDO jumper that disables ME, but it also unlocks all the SPI
regions. This pin is described by the “Intel SPI programming guide”, but it’s not very
clear when ME is stopped and which parts are really disabled.
As I recall, IBM got busted many years ago, using hidden folders and software that
“Phoned Home” activity on the system. An IBM worker bee found the “flaw” reported it
upstairs and was fired for his cleverness.
limroh says:
December 11, 2017 at 5:37 pm
not relevant to the topic but “[Andy Tanenbaum]”? Has Andrew S. Tanenbaum a son
named Andy and you mistook him for his dad? ;)
CRJEEA says:
December 11, 2017 at 5:38 pm
Thought for the day. What if the firmware update to disable the ME functions just makes it
hide better.
Time to go back to pen, paper and whispering within a faraday cage behind closed doors.
Truth says:
December 11, 2017 at 7:55 pm
There is a special microphone for whispers, it uses two heated platinum wires to
detect velocity changes in a tiny number of atoms of air,
https://image.slidesharecdn.com/internoise2012-120830051407-
phpapp01/95/internoise-2012-5-728.jpg
You are going to have to whisper much much much much much quieter.
lwatcdr says:
December 11, 2017 at 5:48 pm
Hawkeyeaz1 says:
December 12, 2017 at 7:57 am
The point that exploitation currently requires physical access, which limits the attack.
However you really have to ask if this is fully true. It has been demonstrated that NICs can
be infected (yes, primarily physical access), however bugs have been found that could
allow remote access. Additionally, what is to stop the NSA from putting IME/PSP/similar in
the NICs? They send an “untraceable” packet that when received by the NIC, it performs
it’s requisite action, and drops it from any data it sends to the computer’s bus, even if the
NIC is in promiscuous mode.
Hawkeyeaz1 says:
December 12, 2017 at 7:58 am
The point that exploitation currently requires physical access, which limits the attack
is not valid*
Would be nice to see a snort definition and be able to go over historical logs for events of
this subsystem being called. See how it was used in the past and what payloads were
delivered and executed. was it used for a few targets of spys, politicians, criminals etc. or
was it used en masse to deploy malware to hundreds of millions of devices.
Forrest says:
January 3, 2018 at 11:48 am
Does the Intel ME have to do with the Kernel page-table isolation issue?
Canuz says:
January 4, 2018 at 6:53 am
What about if we disable the ONBOARD LAN and dont use the onboard WIFI and add
another network interface.. can IME access through another network working in PCI / PCI-
ex / USB / USB-WIFI ?
if ime cant i preffer to add another network interface than loss 30 to 50% of processor
I bought Optiplex 980 (new) w/SSD in it and when i power off there is still a light on the
inside of the mini tower (or SFF) and now I am compelled to think that that’s what it is the
ME that keeps that portion of the motherboard or inside the case lit?
No, it shows the power supply is alive and supplying power to the stand-by circuits
of the motherboard. It is the same as putting a led inside the power supply to show
when it is ‘hot”. The meaning is more to signal that the computer is energized.
If you turn the computer off at the surge protector, the led will be dark also.
Greenaum says:
January 7, 2018 at 3:38 pm
PCs have had a +5VSB, standby, supply from the power supply I think since the ATX
specification in the mid 1990s. So they’re never truly off, as long as the mains supply
is connected. It’s used for a few bits in the PC, including the IME. Things like wake on
LAN, and letting keyboard presses wake it up, etc.
It means if you’re ever upgrading the thing, cut the mains. Keep the plug in the
socket if you can, but the socket’s switch turned off. That way the earth connection is
still there, earth isn’t switched. The earth connection is useful against ESD, just touch
the PC’s case now and then to earth yourself.
That’s assuming your mains has an earth connection and a switch. In the UK we’re
spoiled, best domestic mains socket in the world, no brownouts, and only blackouts
once every few years if they dig the cables up.
Well, it’s taken a minute to circulate what i’m reading from the responses to this
issue and hanks BTW, for the info & replies. I was just going to kind of ask or
suggest then that i could go ahead & turn off the surge protector at night if i
want the ‘light’ out(?) without any big deal to the computer, I mean, not that it’s
going to use up that big of an energy splat but it’s a small room and so the light
alongside the modem especially keeps the room not as dark as preferred and i
definitely hide the modem without suffocating it (you know).
You know one other thing I’d like to quick-get in, is ever since I bought that
computer last year, the internal speaker takes full charge, even when applying
the external 2.1 speakers, they sort of “co exist” because in order to play the
computer speakers or external, the internal has to be on or playing as well or
there’s simply no sound. Pretty weird stuff that the Dell tech advised of just
pulling the internal speaker and i never did. I guess I wasn’t as anxious to get
rid of it even though, I’d definitely like to. I was hesitant and didn’t return to the
shop where i purchased it (brand ndw) even though a friend’s the owner, as
well, i didn’t want to ask Dell again or piggy back w/the new question and sort
of here i end up with it…but i was trying to think in removing the internal
speaker altogether would i automatically have sound in the computer or
external speakers then?? Do you guys maybe know or have an idea of the way
it must be wired on the motherboard etc..? Just thought I would ask. And
thanks a lot again for the original subject and question!!
Well-here goes with a question if it’s out of place, i apologize, but on my Dell Optiplex 980
the internal speaker takes over (regardless). I attached the 2.1 computer Creative speakers
and the only way they play is if the internal speaker’s playing or enabled to play. Ok, a Dell
(forum) Tech advised to go in and just remove the internal speaker from the motherboard
w/enclosed diagram instructs. Ok, well i didn’t do that yet and here’s probably a un-
educated looking question but if I do-do that, will i lose the capacity of the external
speakers then(?) because one has nothing to do w/the other but in this case, yes it does
and if the Dell techs seem to indicate that that’s the only method in order to have
computer speakers operate by default (Windows 64 Bit 7 is my OS) then i guess that’s the
only way to do it and i purchased new set of (pretty nice) Klipsch speakers to attach this
weekend. So, if anyone can take a stab at that with the given info. and may be possibility
beyond de-tach of internal speaker, i appreciate it and would like to have a normal default
port for one set of external speakers on this desktop without having this co-exist process,
that doesn’t even make sense!! Thanks for any helpful input & it’s appreciated, if so.
Leave a Reply
Enter your comment here...