[coreboot] Disabling Intel ME 11 via undocumented mode
Zoran Stojsavljevic
zoran.stojsavljevic at gmail.com
Fri Dec 8 15:57:23 CET 2017
> Neither the ME or the PSP can ever be removed from their respective
systems.
I already wrote extensively about this in the previous thread (I 1000%
agree with you, Tim). But these people revealed
the almost whole architecture how ME boots the modern INTEL platform, and,
frankly, I never expected that this will be
described very precisely, as they did.
In other words, I never would have expected the description how BUP and
stages work, and other details (what they
wrote/investigated in that article) will ever see/emerge on the Day Light!
:-)
Zoran
On Fri, Dec 8, 2017 at 2:59 PM, Timothy Pearson <
tpearson at raptorengineering.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> That's just the HAP bit. The ME is limited but NOT disabled, and the
> remaining stubs are still hackable [1].
>
> Neither the ME or the PSP can ever be removed from their respective
> systems. They can both be limited to some extent, but to call either of
> them "disabled" is rather far from the truth.
>
> This all being said, it's great to see a light being shed on the ME. It
> shows just how dangerous an embedded, mandatory core with signed
> firmware can be.
>
> [1] https://twitter.com/rootkovska/status/938458875522666497
>
> On 12/08/2017 07:51 AM, Zoran Stojsavljevic wrote:
> > Disabling Intel ME 11 via undocumented mode
> > http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
> >
> > I just managed (few hours ago) to read this article (way after replying
> > to previous thread about Dell HAP, I read only few intro paragraphs)...
> > It is, after all, amazing how far these two people, *Mark Ermolov and
> > Maxim Goryachy* progressed with ME debugging/cracking
> > and understanding how ME is connected/related to the INTEL platforms'
> > bring up!
> >
> > I just stumbled over it upon searching about ME, and I know what they
> > did achieve previously. They achieved some
> > steps forward... :-)
> >
> > I did not see that this article was published before on Coreboot (excuse
> > me for my ignorance if I missed it), but it is worth
> > reading, every word of it, especially the second part!
> >
> > What is described on the second part is way (much) more than I was
> > willing to lament on (since in the lieu of the Legal
> > issues). Especially on BringUP stages. Excellent read!
> >
> > Something is definitely changing in the Open Source World... And I say,
> > I am very happy to read such articles!
> >
> > Man, there are very serious people out there trying to demystify secrets.
> >
> > I will read again this article later, very concentrated... Trying to put
> > some more comprehensive picture in my mind.
> >
> > Thank you, all of you, Black Hat, Positive Technology, and others!
> >
> > Molodci, rebjata!
> >
> > Zoran
> >
>
>
> - --
> Timothy Pearson
> Raptor Engineering
> +1 (415) 727-8645 (direct line)
> +1 (512) 690-0200 (switchboard)
> https://www.raptorengineering.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEcBAEBAgAGBQJaKprdAAoJEK+E3vEXDOFbvZUH/0NN/gXYoyR3UIi/JWtZliYL
> bo7UAdl7lzLHPzNcZLBeuoYFICl38qKStS/fOHtDj8kHqRzSrMsrWsp7o11K8JjL
> vypOIhXnb+S+zBPI9e/ZLx6d9EKSV6KgWQJnVnzdh5ynNP+duR7Hbc322fu0qb/O
> XbEyZwlwmMwT9+OJ6fRusyACMdf8RtOrgrg3lyJ4oW66s48RYr3UN+PLImwYH3fX
> 2Kid5DxtqMQ2BR6cDHKnlGJuV+X83CTZempfgodJWSaQneg7tKqwCa39/Zv9FbC6
> RFQ4Z3gkGtXDl4Br2ovxHcuqUtMuuVUwYSoa31nilu0GJRVpA2mgjVMxVw7UGf0=
> =AeQJ
> -----END PGP SIGNATURE-----
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.coreboot.org/pipermail/coreboot/attachments/20171208/09a203f1/attachment.html>
More information about the coreboot
mailing list