Announcement

Collapse
No announcement yet.

It's Now Possible To Disable & Strip Down Intel's ME Blob

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by Master5000 View Post
    Intel ME actually has a very good purpose for IT guys and it's not for spying your dumbasses. Leave it alone don't fuck with it, the moron who created that stuff will probably get his ass sued by Intel and get badly fucked. If they want to spy on you you are already fucked. Disabling Intel ME isn't gonna change shit. Be smart! Don't be a conspiracy nutjob. Dumb kids have too much time on their hands to invent shit like this...
    Yeah, but not everyone needs it and there have been proof-of-concept firmware rootkits for earlier revisions of it. I think I'll leave functioning ME support for people who actually need it.

    Comment


    • #22
      Intel ME. one more reason to look forward to ryzen. (keep reminding myself that). I think I got it, a cool ryzen/vega based System76 laptop could last me a few years.
      Last edited by sarfarazahmad; 13 January 2017, 02:47 AM.

      Comment


      • #23
        sarfarazahmad lol, you do know that ryzen will have PSP right? It's basically ME: https://libreboot.org/faq/#amdpsp

        Comment


        • #24
          Originally posted by Las_ View Post
          sarfarazahmad lol, you do know that ryzen will have PSP right? It's basically ME: https://libreboot.org/faq/#amdpsp
          haha there go my hopes down the toilet. Can we have an arm Computer without such proprietary blobs ? is that possible ?

          Comment


          • #25
            Originally posted by sarfarazahmad View Post

            haha there go my hopes down the toilet. Can we have an arm Computer without such proprietary blobs ? is that possible ?
            Probably not, i wonder who has pushed AMD to do this.

            Comment


            • #26
              Originally posted by darkbasic View Post
              Partially?
              I'm quite afraid of what 8 MiB or 16 MiB of code could be doing in the background. *If* that was reduced to something like 64 KiB though, I'd feel quite comfortable. How could such small code locate and make sense of kernel data structures in memory like the ones storing disk-encryption keys? Or implement networking protocol to exfiltrate data or fetch additional code at run-time? Or interface with any hardware? Maybe it could hook into or insert some backdoor in a running kernel, but if I run a recent kernel version, one that didn't even exist yet when the ME blob was written, would that still be able to function at all?

              Originally posted by schmidtbag View Post
              I know you're joking but I do slightly agree - I couldn't care less about ME existing. As long as it isn't interfering with my user experience, I'll just leave it alone.
              Or maybe, having some mini- operating system running on the chip has some performance impact after all. Oh Phoronix, please benchmark a system before+after de-blobbing!

              Comment


              • #27
                Originally posted by Tomin View Post
                It seems that sometimes the network card doesn't wake up on cold boot if ME it's initialization code is removed. I don't know if this applies only to Linux and anyway it will work after reboot.
                That same guy said that if he ran the more through erase, the network card issues disappeared.

                Comment


                • #28
                  Originally posted by zboson View Post
                  Intel does not implement UEFI or BIOS on most motherboards (though I think it does with the NUC). What's stopping a board manufacture such as ASUS from adding this as an advanced option in their BIOS/UEFI?
                  The fact that ME was not supposed to be disabled by the user, note how this script to disable it actually goes and erases partitions on flash.

                  Comment


                  • #29
                    Originally posted by Master5000 View Post
                    Intel ME actually has a very good purpose for IT guys and it's not for spying your dumbasses. Leave it alone don't fuck with it, the moron who created that stuff will probably get his ass sued by Intel and get badly fucked. If they want to spy on you you are already fucked. Disabling Intel ME isn't gonna change shit. Be smart! Don't be a conspiracy nutjob. Dumb kids have too much time on their hands to invent shit like this...
                    Thanks for confirming that your puppet masters don't want people to deblob their PCs.

                    Comment


                    • #30
                      Originally posted by Tomin View Post
                      Edit again: Well, it actually contradicts some of the things I said and I realized that I'd need the flasher anyway to actually flash the firmware. Flashrom doesn't support my board (and many other laptops).
                      In any case you want a flasher, as in case something goes wrong and the board does not boot, only way to flash the chip with the backup of the firmware is with an external flasher.

                      Comment

                      Working...
                      X