You are partly correct, but I think you're overlooking some things. I agree that we realistically have to trust Intel that their CPUs will do what the code tells them to. However, in this case they're actually telling us that the ME chip has overriding control over the system, that we can't tell the chip what to do, and that they won't tell us exactly what it's doing at any time or allow inspect the code its running. That isn't the case for their CPUs. This also opens up the possibility of a third party either finding a vulnerability in the code that we don't have access too, or simply gaining access to Intel's code signing keys, and using it to attack our computers. That's possible if the code works as designed, whereas that does not apply to CPUs.
Yeah, I guess my comments was assuming the trust was of the type 'trust not to do something nefarious' rather than 'trust not to have a vulnerability'. You make a good point about the latter being a more serious concern in this case.
