Youness Alaoui wrote:
So, back to the ME, we know exactly what it does, it's all extremely well documented and explained
I disagree with this.
It is absolutely true that *some* of what the ME does is extremely well documented and explained by the vendor, web services APIs and all, but I would argue that in fact *most* of what the ME does is *not* documented by the vendor, nor by independent research.
Since the ME is colocated with the x86 VM host, has access to all x86 VM memory *and* is a proprietary machine or subsystem I actually don't believe that we will ever "know exactly what it does".
Now the problem is that it's closed source, and not user controlled
Right.
//Peter
On Sat, Sep 8, 2018 at 2:31 PM Peter Stuge peter@stuge.se wrote:
Youness Alaoui wrote:
So, back to the ME, we know exactly what it does, it's all extremely well documented and explained
I disagree with this.
It is absolutely true that *some* of what the ME does is extremely well documented and explained by the vendor, web services APIs and all, but I would argue that in fact *most* of what the ME does is *not* documented by the vendor, nor by independent research.
I mostly agree, I was referring to Mike's talk about the remote control features, so yes, I should have said "AMT is well documented", but yes, there are huge portions of what the ME itself does (such as the power on sequence, or what/how it sets some registers) which are totally undocumented. So yes, even if we don't know exactly what the ME does during the power sequence (among other things), we still know that "it initializes hardware", we just don't know how it achieves that task. So we know "what it does", but we don't know "exactly what it does" and we don't know "how it does it", which is where I was wrong in my previous statement.
However, we need to differentiate between "this ME is something obscure that we have no idea what it's for" versus "we know what this ME thing is supposed to be for or what it's supposed to be doing, we just have no way to be sure that it doesn't do anything else or that it does what it's supposed to". I disagree with the idea that the ME is this black box, this sort of "hidden spy device" that gives full remote capabilities to some unknown entity in the same way that I would disagree that because MS Windows is closed source that any Windows machine is fully remote-controlled by M$ employees at any time or that the OS is commissioned by the CIA or whatever. I do agree that because it's closed source, we can't know whether it is or not, but it's just not a guarantee that it is.
Since the ME is colocated with the x86 VM host, has access to all x86 VM memory *and* is a proprietary machine or subsystem I actually don't believe that we will ever "know exactly what it does".
Well, we could know, if we reverse engineer its code from the maskrom to the BUP, but yes, it would be very hard to fully know for certain. Besides, I'd assume that anything malicious would probably be written in silicon rather than in reverse-engineerable code. So I'd apply the same idea to the whole PCH/CPU. The major problem with the ME when compared to my previous comparison with MS Windows is that we can chose Linux instead of Windows, but we can't choose to disable or to use a custom ME firmware (i.e: the not-user-controlled issue).
Now the problem is that it's closed source, and not user controlled
Right.
//Peter
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot
-
Peter Stuge -
Youness Alaoui