[coreboot] Disabling Intel ME 11 via undocumented mode

Timothy Pearson tpearson at raptorengineering.com
Fri Dec 8 15:54:55 CET 2017

Hash: SHA1

On 12/08/2017 08:40 AM, Alberto Bursi wrote:
> On 12/08/2017 02:59 PM, Timothy Pearson wrote:
>> That's just the HAP bit.  The ME is limited but NOT disabled, and the
>> remaining stubs are still hackable [1].
>> Neither the ME or the PSP can ever be removed from their respective
>> systems.  They can both be limited to some extent, but to call either of
>> them "disabled" is rather far from the truth.
> Hacking them requires being able to write in the SPI flash, or to have 
> buggy UEFI firmware. Which means most systems are still vulnerable.
> But it is also true that if someone can hack UEFI he pwns you anyway, 
> even without ME.
> So imho ME with the HAP bit can be called "disabled", although the fight 
> isn't over as ME isn't the only thing that was a threat anyway.

I guess I still disagree with the use of the word "disabled".  If the ME
wasn't required for boot, and was actually disabled within a few cycles
of its CPU starting, the remaining attack surface simply wouldn't exist.
 This is not what happens though, and AFAIK even the ME kernel continues
to run since the ME needs to continue handling platform power events.
If this many holes are present in even the ROM code, then having the ME
kernel running remains a massive security problem.

Pretty much every computing platform, with the exception of some of the
ARM SBCs with key fuses or Talos with FlexVer, are vulnerable to attack
via Flash reprogramming, so I agree that this in and of itself should
not be a disqualifier for many use cases.  I simply take issue with
calling the ME "disabled" when the reality is very different.

- -- 
Timothy Pearson
Raptor Engineering
+1 (415) 727-8645 (direct line)
+1 (512) 690-0200 (switchboard)
Version: GnuPG v1


More information about the coreboot mailing list