Taiidan,
> I doubt those guys have the skill to do so but for those who do - you'd
> spend tens of thousands in order to have a port for an old machine that
> still is stuck with ME and hardware init done entirely by binary blobs.
It is not about the skill or money involved in the process, it is about the
*possibility* of even running coreboot on said machine, which is most
likely zero.
> I would save your money and instead buy an ivy/sandybridge thinkpad (can
> nerf the ME - but not disable which is impossible)
AFAIK, you can still run me_cleaner on a Broadwell laptop. I don't think the
ME is the main reason to get a XX20/XX30 Thinkpad over newer models.
Mike,
> microcode - is optional
I assume you refer to microcode *updates*, not the microcode that is
hard-coded inside the CPU. Still, I fail to understand why there is so much
worry about microcode updates, as if they were going to open a backdoor
of some sorts. To me, the only gain of not updating the microcode is in the
number of bugs.
I do understand temporarily delaying the updates of known unstable
microcode versions while awaiting for a fix, though.
> as far as I know its impossible to completely replace ME, only to trim
> its' firmware as much as possible and hope for the best that it
> doesn't have some undocumented "backdoor restore" mechanism that could
> restore the original uncut blob under some conditions. Undoubtedly,
> Intel ME is a backdoor, e.g. because it contains some antitheft
> features which could be used to control your computer remotely: shut
> it down, wipe or retrieve data from it, etc
This makes me feel I should recall what Nico told you earlier:
"please don't spread FUD on this list."
Regards,
Angel Pons