[coreboot] Disabling Intel ME 11 via undocumented mode

Timothy Pearson tpearson at raptorengineering.com
Fri Dec 8 14:59:59 CET 2017 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

That's just the HAP bit.  The ME is limited but NOT disabled, and the
remaining stubs are still hackable [1].

Neither the ME or the PSP can ever be removed from their respective
systems.  They can both be limited to some extent, but to call either of
them "disabled" is rather far from the truth.

This all being said, it's great to see a light being shed on the ME.  It
shows just how dangerous an embedded, mandatory core with signed
firmware can be.

[1] https://twitter.com/rootkovska/status/938458875522666497

On 12/08/2017 07:51 AM, Zoran Stojsavljevic wrote:
> Disabling Intel ME 11 via undocumented mode
> http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
> 
> I just managed (few hours ago) to read this article (way after replying
> to previous thread about Dell HAP, I read only few intro paragraphs)...
> It is, after all, amazing how far these two people, *Mark Ermolov and
> Maxim Goryachy* progressed with ME debugging/cracking
> and understanding how ME is connected/related to the INTEL platforms'
> bring up!
> 
> I just stumbled over it upon searching about ME, and I know what they
> did achieve previously. They achieved some
> steps forward... :-)
> 
> I did not see that this article was published before on Coreboot (excuse
> me for my ignorance if I missed it), but it is worth
> reading, every word of it, especially the second part!
> 
> What is described on the second part is way (much) more than I was
> willing to lament on (since in the lieu of the Legal
> issues). Especially on BringUP stages. Excellent read!
> 
> Something is definitely changing in the Open Source World... And I say,
> I am very happy to read such articles!
> 
> Man, there are very serious people out there trying to demystify secrets.
> 
> I will read again this article later, very concentrated... Trying to put
> some more comprehensive picture in my mind.
> 
> Thank you, all of you, Black Hat, Positive Technology, and others!
> 
> Molodci, rebjata!
> 
> Zoran
> 


- -- 
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
https://www.raptorengineering.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJaKprdAAoJEK+E3vEXDOFbvZUH/0NN/gXYoyR3UIi/JWtZliYL
bo7UAdl7lzLHPzNcZLBeuoYFICl38qKStS/fOHtDj8kHqRzSrMsrWsp7o11K8JjL
vypOIhXnb+S+zBPI9e/ZLx6d9EKSV6KgWQJnVnzdh5ynNP+duR7Hbc322fu0qb/O
XbEyZwlwmMwT9+OJ6fRusyACMdf8RtOrgrg3lyJ4oW66s48RYr3UN+PLImwYH3fX
2Kid5DxtqMQ2BR6cDHKnlGJuV+X83CTZempfgodJWSaQneg7tKqwCa39/Zv9FbC6
RFQ4Z3gkGtXDl4Br2ovxHcuqUtMuuVUwYSoa31nilu0GJRVpA2mgjVMxVw7UGf0=
=AeQJ
-----END PGP SIGNATURE-----

More information about the coreboot mailing list