SoylentNews is people
SoylentNews
from the where-there-is-a-will,-there-is-a-way dept.
In some shiny good news to us of the tinfoil hat crew, Phoronix is reporting:
Many free software advocates have been concerned by Intel's binary-only Management Engine (ME) built into the motherboards on newer generations of Intel motherboards. The good news is there is now a working, third-party approach for disabling the ME and reducing the risk of its binary blobs.
Via an open-source, third-party tool called me_cleaner it's possible to partially deblob Intel's ME firmware images by removing any unnecessary partitions from the firmware, reducing its ability to interface with the system. The me_cleaner works not only with free software firmware images like Coreboot/Libreboot but can also work with factory-blobbed images. I was able to confirm with a Coreboot developer that this program can disable the ME on older boards or devices with BootGuard and disable Secure Boot. This is all done with a Python script.
Those unfamiliar with the implications on Intel's ME for those wanting a fully-open system can read about it on Libreboot.org.
Looks like I may not have to go ARM on my next desktop build after all.
(Score: 2, Insightful) by Anonymous Coward on Sunday January 15 2017, @02:20AM
You're surprised people are upset about this because you're an "open source" advocate and not a free software advocate [gnu.org]; there's a subtle yet important difference between the two. To someone who values freedom, any proprietary software is going to disgust them to some extent.
(Score: 5, Insightful) by The Mighty Buzzard on Sunday January 15 2017, @02:51AM
It's proprietary hardware that you're utterly and completely unable to shut off in this case. It's another CPU running below ring 0 that's able to access memory and peripherals, up to and including activating while the computer is "powered off". It is straight up a hardware root kit that it has been completely impossible to remove and still have a functioning computer. What possible reason could there be for not allowing the disabling of it in home computers besides allowing remote surveillance?
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Sunday January 15 2017, @05:20AM
So is absolute computrace but at least you can supposedly disable that in the Bios/uefi sometimes. UEFI rootkits are what scare me.
(Score: 3, Informative) by RamiK on Sunday January 15 2017, @11:28AM
What possible reason could there be for not allowing the disabling of it in home computers besides allowing remote surveillance?
As with the case of HDCP [wikipedia.org], the official rational is DRM.
And yeah, it's bull-manure.
compiling...
(Score: 0) by Anonymous Coward on Sunday January 15 2017, @02:51AM
"open source" advocate and not a free software advocate
Some call me . . . . . Bruce?
(Score: 0) by Anonymous Coward on Sunday January 15 2017, @05:18AM
No no, original Anonymous coward here. Sorry I was lazy with my verbiage. FLOSS and Richard Stallman definitely Reigns Supreme in my book. I still rock the copyleft DECSS t-shirt.
(Score: 2) by butthurt on Monday January 16 2017, @01:47AM
Just trolling? Intel have released open-source drivers for their Active Management Technology (which is part of the IME) but the AMT and IME are, if I'm not mistaken, totally closed-source.
https://sourceforge.net/projects/openamt/ [sourceforge.net]
Open source proponents share some beliefs with the GNU folks. For instance, they advocate that software should be freely redistributable and that programmers should be allowed to make derivative works.
https://opensource.org/docs/osd [opensource.org]
They differ about making proprietary software from free code. There is a GNU licence which permits that, but its use is discouraged.
https://en.wikipedia.org/wiki/LGPL [wikipedia.org]