> Neither the ME or the PSP can ever be removed from their respective systems.

I already wrote extensively about this in the previous thread (I 1000% agree with you, Tim). But these people revealed

the almost whole architecture how ME boots the modern INTEL platform, and, frankly, I never expected that this will be

described very precisely, as they did.

In other words, I never would have expected the description how BUP and stages work, and other details (what they

wrote/investigated in that article) will ever see/emerge on the Day Light! :-)

Zoran

On Fri, Dec 8, 2017 at 2:59 PM, Timothy Pearson <tpearson@raptorengineering.com> wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

That's just the HAP bit. The ME is limited but NOT disabled, and the
remaining stubs are still hackable [1].

Neither the ME or the PSP can ever be removed from their respective
systems. They can both be limited to some extent, but to call either of
them "disabled" is rather far from the truth.

This all being said, it's great to see a light being shed on the ME. It
shows just how dangerous an embedded, mandatory core with signed
firmware can be.

[1] https://twitter.com/rootkovska/status/938458875522666497

On 12/08/2017 07:51 AM, Zoran Stojsavljevic wrote:
> Disabling Intel ME 11 via undocumented mode
> http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
>
> I just managed (few hours ago) to read this article (way after replying
> to previous thread about Dell HAP, I read only few intro paragraphs)...
> It is, after all, amazing how far these two people, *Mark Ermolov and
> Maxim Goryachy* progressed with ME debugging/cracking
> and understanding how ME is connected/related to the INTEL platforms'
> bring up!
>
> I just stumbled over it upon searching about ME, and I know what they
> did achieve previously. They achieved some
> steps forward... :-)
>
> I did not see that this article was published before on Coreboot (excuse
> me for my ignorance if I missed it), but it is worth
> reading, every word of it, especially the second part!
>
> What is described on the second part is way (much) more than I was
> willing to lament on (since in the lieu of the Legal
> issues). Especially on BringUP stages. Excellent read!
>
> Something is definitely changing in the Open Source World... And I say,
> I am very happy to read such articles!
>
> Man, there are very serious people out there trying to demystify secrets.
>
> I will read again this article later, very concentrated... Trying to put
> some more comprehensive picture in my mind.
>
> Thank you, all of you, Black Hat, Positive Technology, and others!
>
> Molodci, rebjata!
>
> Zoran
>

- --
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJaKprdAAoJEK+E3vEXDOFbvZUH/0NN/gXYoyR3UIi/JWtZliYL
bo7UAdl7lzLHPzNcZLBeuoYFICl38qKStS/fOHtDj8kHqRzSrMsrWsp7o11K8JjL
vypOIhXnb+S+zBPI9e/ZLx6d9EKSV6KgWQJnVnzdh5ynNP+duR7Hbc322fu0qb/O
XbEyZwlwmMwT9+OJ6fRusyACMdf8RtOrgrg3lyJ4oW66s48RYr3UN+PLImwYH3fX
2Kid5DxtqMQ2BR6cDHKnlGJuV+X83CTZempfgodJWSaQneg7tKqwCa39/Zv9FbC6
RFQ4Z3gkGtXDl4Br2ovxHcuqUtMuuVUwYSoa31nilu0GJRVpA2mgjVMxVw7UGf0=
=AeQJ
-----END PGP SIGNATURE-----