[Arm-netbook] OT: Librem 5?

Bill Kontos vkontogpls at gmail.com
Wed Sep 27 11:59:46 BST 2017


On Wed, Sep 27, 2017 at 10:10 AM, J.B. Nicholson <jbn at forestfield.org> wrote:

>
>
> Quite; does this disable function fully and completely disable all attempts
> at using any ME functionality such that nothing can re-enable the ME, or is
> this disablement somehow impermanent or more limited in some way?
>

AFAIK the ME will start booting, see the switch, disable the watchdog
that would shut the machine down in 30 minutes normally and turn
itself off.

> I ask because I vaguely recall that someone (Purism, perhaps?) had remote ME
> accesses disabled but still allowed local accesses. This struck me as nearly
> useless because such an arrangement would allow running a program to relay
> ME requests and responses over a network connection (an ME proxy,
> basically).
>

No Purism has effectively disabled the ME completely at this point. I
say effectively because they have disabled everything but the BUP
module. So no it doesn't have remote access and it can't run anny 3d
party code. It seems like they have put this on hold and switched to
porting Coreboot. But even assuming they had only disabled remote
access wouldn't that mean that an attacker would need physical access
to the machine instead of doing a remote attack?

https://puri.sm/posts/neutralizing-intel-management-engine-on-librem-laptops/


>
> _______________________________________________
> arm-netbook mailing list arm-netbook at lists.phcomp.co.uk
> http://lists.phcomp.co.uk/mailman/listinfo/arm-netbook
> Send large attachments to arm-netbook at files.phcomp.co.uk



More information about the arm-netbook mailing list