No announcement yet.

Intel MKTME Support Being Prepped For The Linux Kernel: Total Memory Encryption

  • Filter
  • Time
  • Show
Clear All
new posts

  • #11
    Originally posted by starshipeleven View Post
    Are you assuming Boot Guard is actually set up properly by the OEMs? Because it's not, and this allows to bypass it.

    Really, all it takes to make the goddamn system safe from digital attack without having to rely on OEMs doing a good job on software is a hardware switch that forces the SPI flash chip into read/only mode, easy, simple and freedom-respecting.

    According to the latest research, you can pwn the ME regardless of boot process.
    *sigh* There's me giving OEMs too much credit again.

    Damn shame SPI doesn't specify some kind of Write Enable line that an aftermarket switch could be patched into like with the battery-backed RAM in various video game cartridges.