I've seen various web sites about ME_Cleaner[1] and also the strategies[2] used by Purism to avoid Intel ME/AMT/vPro
I understand that with LibreBoot and one of their supported laptops it is possible to completely eliminate the risk by removing 100% of proprietary/hidden code.
However, for people who choose Coreboot, ME_Cleaner, a Purism laptop or some other compromise, leaving in place around 90kb of the Intel code, is there a concise way to explain the attack vectors that they eliminate and the attack vectors that remain?
For example, I've read that Purism doesn't use vPro-compatible wifi hardware, so my impression is they eliminate random attacks coming in through the network and spontaneously activating Intel ME, but if malicious code does get into Intel ME by some other means (such as a malicious email attachment) it may still be able to hide there indefinitely and use any network device on the machine to call home?
Regards,
Daniel
1. https://github.com/corna/me_cleaner 2. https://puri.sm/learn/avoiding-intel-amt/