YouTube Transcript:
Your Device Has a SECRET Computer That Never Shuts Off
Skip watching entire videos - get the full transcript, search for keywords, and copy with one click.
Share:
Video Transcript
Available languages:
View:
You think your phone or laptop shuts
down when you hit power? It doesn't.
Every modern device has a tiny hidden
computer with its own power source, and
it keeps running even when you think
it's off. These chips aren't optional.
They're built into pretty much every
phone, laptop, and even TVs. You can't
buy new hardware without them. And the
wildest part is that you can't see what
they do. You can't turn them off, and
they can still talk to the outside
world. In this video, I'm going to show
you why these secret systems exist, how
they've already been hacked, and what
you can do about it. I spent months
digging into the details so you don't
have to. And today, I'll show you why it
matters and what you can actually do
about it. You close your laptop, the
screen goes dark, you're done for the
day, right? Not exactly. There's still
something running. Not sleep mode or
hibernation. It's a second computer
inside of yours that stays awake. It has
its own processor, memory, and even its
own operating system. So, why would
anyone build that? Let's rewind. Back in
the early 2000s, managing company
computers was a disaster. Laptops froze
mid meeting. People forgot passwords,
and if something broke, it had to
physically show up and fix it every
single time. So, how did the company
Intel fixed that? With a hidden chip
built into every machine. They called it
the management engine. And this thing
didn't just run when your computer was
on. It stayed active whenever standby
power was present, even when the main
CPU was shut down. With his own
firmware, network stack and processor,
it could reinstall your operating
system, reset a password, or wipe a
drive completely remotely. For IT
departments, it was a gamecher. But for
everyone else, it quietly killed the
idea that you could ever fully turn your
machine off. Once Intel started, it
didn't take long before everyone else
jumped in. AMD has one that acts like a
gatekeeper. If it doesn't approve your
firmware, your computer won't even
start. Apple has one that holds your
Face ID and payment keys. Even if iOS
itself gets hacked, that chip is still
in charge. And in most Android phones,
RIM's trust zone runs like a second
operating system under the hood. Android
doesn't control it, Android has to ask
it for permission. Security researchers
group these hidden systems under a name
you'll hear a lot. Trusted execution
environment or TEES. They're basically
fieldoff computers inside your computer
that decide what runs, what doesn't, and
who gets access before you ever touch
the keyboard. These aren't little
add-ons. They're entire many computers
running in parallel to yours. And the
most shocking part, your device
literally cannot function without it. On
paper, these chips are supposed to be
about your safety. But here's the catch.
They don't just protect. They decide.
They choose what firmware boots. They
enforce signed code. And they hold the
keys your entire device depends on. You
can't inspect them. You can't disable
them. You can't bypass them. So if that
hidden chip makes a decision you don't
agree with, what then? What happens when
the most powerful computer in your
device doesn't answer to you? Your
operating system doesn't boot first.
It's not even second. Before anything
lights up on your screen, a hidden
processor already made the decisions.
Who gets access? What runs? What
doesn't? And this isn't just one device.
This layer of invisible gatekeeping is
baked into almost every machine you
touch. So, the real question is, who is
this actually working for? Let's talk
about what runs before your operating
system even gets a chance. Intel's
management engine, AMD's platform
security processor, Apple's secure
enclave, all of them wake up first. They
check if your firmware is allowed to
boot. If it fails the cryptographic
check, that's it. You're locked out. It
doesn't matter if you wrote the code
yourself. And these aren't things you
can just uninstall. They're soldered
into the motherboard. They've got their
own power, their own execution
environment, even if the main CPU is cut
off. Many of these chips remain powered
as long as the board has standby
current. And if you try to push back,
good luck. These systems are locked down
on purpose. If you try to flash your own
firmware, you're going to need a vendor
key. If you try to break out a trust
zone, your Android phone might just
break. And if you want to see how
Apple's Secure Enclave handles your face
scan, your wallet, and your keys, you
just can't. Apple doesn't release the
source code, and no one outside of the
company can audit it. These systems are
designed to be out of reach on purpose.
So, in the name of security, you're now
a guest on your own hardware. Your
laptop, your phone, your tablet, they're
not single computers anymore. They're
layers, stacks of machines, each one
more privileged than the last. And the
one that you interact with, the one that
you think you own, that's the least
powerful of them all. At the top is you,
but underneath you've got subsystems
that don't answer to you. They don't
wait for your input, and they sure as
hell don't need your permission. So, if
your device now has a second brain, what
happens when that brain starts thinking
on its own? Security researchers
actually have a way of mapping these
layers. They call them rings of
privilege. At the very top, your apps
live in ring three. Beneath that, the
operating system kernel runs in ring
zero with deep access to hardware. Go
lower and firmware like BIOS or system
management mode runs in ring 2. But then
there's ring three. That's where Intel's
management engine and AMD's PSP live. A
layer below everything you can see or
control. This buried layer, the one
below your operating system and
firmware, that's the trusted execution
environment. It's where those vendor
chips actually live. They wake up before
your operating system. They can override
your firmware and they keep running as
long as the board has power. That's why
these chips matter so much. They're not
just side features. They sit deeper than
anything you can touch. And every
restriction or lockdown that follows is
only possible because that layer 3
exists. You don't get to decide what
your device trusts. That decision has
already been made by someone else. And
once a vendor has the power to deny your
firmware, block your OS, or revoke your
access, they can just use that power for
more than just security. So what happens
when untrusted quietly becomes
unauthorized? Take secure boot. On the
surface, it sounds like it's protecting
you, but in reality, it's protecting the
vendor's ideas of what your machine
should run. For example, Windows secure
boot only accepts Microsoft signed code.
If your BIOS doesn't find the right
certificate, your operating system won't
even launch. And what if you want to
dual boot or customize or run some weird
little Linux dro you compiled yourself?
Too bad. If you have the wrong key,
you're blocked. Try flashing your own
firmware on a ThinkPad. It gets soft
breaks. And if a government actor
tampers with your system, don't expect
an alert. These checks were not designed
for you. They were designed to protect
the supply chain. This is the slippery
slope. It started as malware prevention.
Then it was used to fight piracy. Then
came regional locks. Now, some BIOSes
won't even let you roll back to an older
version. Apple takes it further. Replace
an iPhone part with something third
party, and the system can refuse it,
framed as safety. If you try to root
your Android, some models won't boot.
And with Chrome OS, verified boot is
locked on by default with no opt out.
And none of this is theoretical. Just a
few years ago, Brazil's Supreme Court
ordered Apple to allow side loading
apps. Apple simply refused. Not because
one specific chip directly blocked
sideloading, but because the entire
hardware stack, secure boot plus a
secure enclave made Apple's rules nearly
impossible to override. And notice,
you're not in that decision loop. So,
let's break it down. If a chip inside
your device can deny your firmware, if
your operating system won't load without
the vendor's blessing, if your repairs
get blocked at the hardware level, then
what do you really own? At that point,
you're using a machine that's secure
against you but not for you. And if
every device you buy is enforcing
someone else's policy, how long before
those policies stop reflecting you at
all? These hidden chips were supposed to
make your devices safer. But what
happens when the part of your computer
you can't even see gets compromised?
Let's give you a few real world
examples. A few years back, researchers
found a flaw in Intel's hidden chip that
gave hackers almost god mode access to
millions of computers. They could bypass
the operating system, bypass anti virus,
and take control at a level you'd never
see. Even worse, this chip doesn't fully
turn off. So, people started asking,
could someone actually hijack a laptop
that looks powered down? And Intel
wasn't alone. Apple's secure Enclave and
AMD security chip both had their own
serious flaws. And in Android phones,
billions of them run on a system called
Trust Zone. Google's own researchers
showed how bugs there let attackers jump
into the secure world and grab sensitive
data like fingerprint scans and DRM
keys. Here's the scary part. You
wouldn't know any of this was happening.
These chips run underneath your
operating system, invisible to you and
most security tools. And because you
can't remove them, you're stuck hoping
that the vendor patches the hole and
that they even admit that it exists in
the first place. So, what happens when
the most trusted part of your machine is
also the least inspectable? You shut
your device down, unplug it, maybe even
pull out the battery, and that hidden
chip, it's still running. You can't
remove it without killing the whole
machine. So, what can you actually do
when the leash is baked into the
hardware itself? Well, the usual
defenses don't work. Most people think
of the basics. Run Linux, use a VPN,
encrypt your drive. And that's all good
advice, but here's the catch. Those
defenses live above the hidden chips.
And those chips operate below the
operating system in a place your tools
can't even see. If the blackbox is
compromised or just quietly enforcing
vendor policy, it can spy, leak, or lock
you out. And your anti virus, your
firewall, and your VPN will never
notice. So, say you're worried about
being tracked, and you power your phone
off. You think it makes you safe, but
inside the parts are still awake. The
bassband chip that talks to cell towers
is still listening while Trust Zone
still enforces rules. On laptops, some
systems like Apple's T2 chip keep mic
and camera controls alive even when the
lid is closed. So, no, you're not really
offline. You're just not looking at the
parts that stayed on. Here are some real
ways to push back. You can't win a
perfect victory, but you can take
ground. Choose hardware built for user
control. Laptops like Purism's Libram or
MNT's Reform. Try to strip out or
disable the hidden chips. Systems like
Raptors Talos 2 use open source hardware
without the black boxes. They're kind of
pricey, but they definitely prove that
it's possible. You can also minimize
trust. Don't put all of your eggs in one
basket. Cubes OS is a great example. It
splits your computer into isolated
compartments. If one part is
compromised, the others stay sealed off.
It's like carrying multiple laptops
inside one. Physically cut off what you
can. Use real kill switches for Wi-Fi
and mics. Flash neutralized firmware
onto IntelM if your device supports it.
Some people even keep sensitive work
airgapped on machines that never touch
the internet. Push for change. It's
political. Support right to repair and
laws that demand transparency in the
chips running your life. Because if the
rules only come from vendors, you'll
never really be in charge. So, can we
ever be free? Not completely. These
hidden processes aren't going away, but
you can carve out pockets of autonomy or
spaces where you set the rules. That
might mean a special purpose machine for
sensitive work or just choosing tools
that bleed less. The bigger fight is
making sure technology answers to users,
not just the companies that build it. If
the user isn't the customer, who is?
Your laptop, phone, even your TV. On the
surface, they're yours. But look closer
and you'll see something uncomfortable.
Your device doesn't actually serve you.
The loyalty isn't to you. Modern
hardware isn't neutral. And your CPU
won't run unless the vendor approves the
firmware. Your bootloader refuses
anything unauthorized, even if you wrote
it yourself. And your GPU might not even
start up without the manufacturer's
signature. It's not that you can't own
your own machine. It's said that the
rules are set so you'd never truly do.
And vendors love to frame this as
protection. Secure boot, trusted
hardware, locked environments. But
protection for who? Secure boot can
block malware, but it can just as easily
block Linux. A safety feature can also
enforce app store monopolies. A chip
that verifies hardware parts can just as
easily reject third party repairs.
Security isn't always about you.
Sometimes it's about keeping you in
line. And when the system doesn't answer
to you, who does it answer to? Think
about it. Laptops that silently force
BIOS updates. Phones that install apps
remotely for your convenience. Smart TVs
that send back your viewing habits
whether you said yes or not. And we did
a video on that a couple weeks ago.
These aren't bugs, they're features.
Features that serve the vendor, the
advertiser, or the platform. Everyone
but you. So, who's really in control? If
your machine can wake itself, deny your
code, and report your activity, then
who's the real owner? Not you. You're
not the customer in this equation. and
you're the product. The loyalty of these
hidden systems isn't to the user. It's
to the supply chain, the vendor, and
sometimes the state. So, if the most
powerful parts of your computer don't
answer to you, you have to ask, who are
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
Works with YouTube, Coursera, Udemy and more educational platforms
Get Instant Transcripts: Just Edit the Domain in Your Address Bar!
YouTube
←
→
↻
https://www.youtube.com/watch?v=UF8uR6Z6KLc
YoutubeToText
←
→
↻
https://youtubetotext.net/watch?v=UF8uR6Z6KLc