Yet Another case of "Security by obscurity"
That doesn't work.
And if I'm reading that "Invocation code" right that's 6 hex digits, IE a 24bit binary number.
Shouldn't be too tough to brute force all of the actual wake up codes in that list.
A system that grants nearly unlimited access (potentially remotely) to your processors.
It's not the idea, it's the security chain that should exist around it that prevents the wrong people using it.
The simplest option is of course, not to have it in the first place.
Biting the hand that feeds IT
