Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Sunday January 15 2017, @12:21AM   Printer-friendly
from the where-there-is-a-will,-there-is-a-way dept.

In some shiny good news to us of the tinfoil hat crew, Phoronix is reporting:

Many free software advocates have been concerned by Intel's binary-only Management Engine (ME) built into the motherboards on newer generations of Intel motherboards. The good news is there is now a working, third-party approach for disabling the ME and reducing the risk of its binary blobs.

Via an open-source, third-party tool called me_cleaner it's possible to partially deblob Intel's ME firmware images by removing any unnecessary partitions from the firmware, reducing its ability to interface with the system. The me_cleaner works not only with free software firmware images like Coreboot/Libreboot but can also work with factory-blobbed images. I was able to confirm with a Coreboot developer that this program can disable the ME on older boards or devices with BootGuard and disable Secure Boot. This is all done with a Python script.

Those unfamiliar with the implications on Intel's ME for those wanting a fully-open system can read about it on Libreboot.org.

Looks like I may not have to go ARM on my next desktop build after all.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1) by Burz on Thursday January 19 2017, @06:12AM

    by Burz (6156) on Thursday January 19 2017, @06:12AM (#455918)

    The reason why we're having this discussion is that yes, indeed, the industry is "going there"... trying to spy on and manipulate every last aspect of an individual's life. The other aspects of computing products are divided between the competent, useful bits and the incompetent f-ckery. What we're seeing already on the horizon is mostly an unsavory mixuture of manipulation and f-ckery (the competence is mostly focused on manipulation).

    ME's aren't "too useful". That's an idiotic position when other architectures operate fine without it. The only truly useful aspect of ME is TXT that allows a machine to verify itself to a user (yes, you read that right). Now, tell me that can't be done without a general purpose extra-processor and its idiotic radio/Internet connection.

    RMS is right. At least in the sense that there will have to be fully open and viable hardware designs--with fabs that are open to auditing--to keep the proprietary vendors honest. And for that to happen, open hardware will have to claim a really large chunk of the 'market'. You look at the security-focused distros like Qubes, even when they got into this swearing that proprietary=fine, now see the writing on the wall... the security focus is now paramount, and it converts the most ardent proprietor.

    So mewl about "purity" all you want. It won't convince anyone studying today's critical problem spaces that their Bitcoin or other ops are safe in the hands of either MS *or* Intel. Give them a few thousand bits or logic gates to rule with, and they will f-ck us all over with them if they are unchallenged (and do NOT preach to me about 'competition' between corporate players).