[coreboot] T450S + Coreboot

Youness Alaoui kakaroto at kakaroto.homelinux.net
Thu Aug 30 23:33:12 CEST 2018

On Thu, Aug 30, 2018 at 2:15 AM Brian Herman
<bherman.aconspart at gmail.com> wrote:
> Sorry, I'm going to read the documentation more and make this a personal goal by the end of 2019. I didn't want to stir up so much drama. Time and money are not constraints on this particular problem. One way or another by January 22, 2019 I will have either figured it out or I will pay to figure it out. I have used Linux since college. I have no kids. I have no girlfriend. I have tons of free time.
Sorry to see your thread going off-topic.
I don't know if it will help you but I've wirtten detailed blog posts
on my experience in getting coreboot to work on the broadwell and
skylake librems. It's not a "guide how to port to coreboot" but it
explains some of the problems I've had and it might help you save some
You can go to https://puri.sm/coreboot/timeline/ and search for
"Youness" to see my blog posts in chronological order on the right
side bar.
Good luck with your project!

> Make It So,
> Brian Herman
> So you have made it to the end......
> Thanks for reading!
> On Wed, Aug 29, 2018 at 4:42 PM Youness Alaoui <kakaroto at kakaroto.homelinux.net> wrote:
>>  Wow, Mike, seriously, I am going to side 100% with Nico, you are
>> spreading FUD, making your own personal opinions (which are themselves
>> derived from other people's FUD) and stating them as the universal
>> law.
>> The ME is not known to be a backdoor. It doesn't mean that it's not a
>> backdoor, it simply means that it's not known to be a backdoor. The
>> fact that it's closed source and not user-controlled (Even if you had
>> the sources, you can't modify them and update it to your custom ME
>> version) is where the problem actually is. There *might* be a backdoor
>> hidden somewhere in there, or maybe there isn't, nobody knows, but
>> there has been a lot of research done on the ME and so far, none have
>> been found as far as I know.
>> Your worry about what the ME does, how it can give someone control
>> over the PC, etc.. are NOT what qualifies it as a "backdoor", but like
>> Nico said, it's a frontdoor, it's not a "hidden access", it's a
>> "promoted access" to the PC, it's the main ME functionality which is
>> well documented. You don't have to use some "only known to some secret
>> person" trick to access the ME, you just need to point your web
>> browser to the right port on localhost.
>> Your comparison of saying the ME is a backdoor is like saying that a
>> webcam is a spying device because it can capture images of you! Yeah,
>> sure, that's technically true, it can capture images of you, but only
>> after you plug it in and open an image capture software, and you still
>> have control of those images. The fact that the webcam schematics
>> isn't open means that it could still have a small wifi or GSM chip
>> embedded inside which makes it send the images to the CIA, but it's
>> not a guarantee that it does. So, yes, you can complain that the
>> webcam isn't open hardware so you can't technically trust what it
>> does, but you can't just come out and say with absolute certainty that
>> any and all webcams in the world are spying devices for the CIA,
>> that's just ridiculous.
>> So, back to the ME, we know exactly what it does, it's all extremely
>> well documented and explained, the fact that it allows remote control
>> of the PC is actually the reason for its existence and it's a very
>> very valid reason in the corporate context and the fact that those
>> features also 'coincidentally' resemble the features of an actual
>> 'trojan horse' virus, doesn't mean that the ME itself is a virus..
>> otherwise the 'rm' linux command would be considered a virus since it
>> deletes files and there are some viruses that can delete your files as
>> well....
>> Now the problem is that it's closed source, and not user controlled
>> (remote control features *are* user controlled, I'm talking about
>> being able to replace the firmware with your own), so yes, it can't be
>> audited by the larger open source community, but that also doesn't
>> guarantee any security necessarily (how many open source programs
>> still have security bugs?).
>> Either way, you yourself said earlier, when talking about the AtomBIOS
>> that "it could be disassembled quite well with AtomDis -
>> https://github.com/mikebdp2/AtomDis - reducing any security concerns
>> regarding this blob to a minimum.", well, the ME can be disassembled
>> with any x86 disassembler, so why can't you also say that "reduces any
>> security concerns regarding the ME to a minimum".
>> We're about to get full control back of the ME. I've been working for
>> the past few weeks on reproducing the PTResearch buffer overflow
>> exploit on the ME, and yesterday they released a PoC for Apollolake
>> (in case you missed it : https://github.com/ptresearch/IntelTXE-PoC),
>> so with the progress I made and with that, I should be able to soon
>> port it to skylake (and write docs on how to port to other platforms
>> as well) which will at least give us the ability to gain back the
>> 'user-controlled' aspect of it as we'd have code execution on it.
>> Which by the way, also means that BootGuard can be disabled (since the
>> ME is the one checking for the boot guard signatures), which should
>> enable the ability to port coreboot to a lot more machines (including
>> the T450S that this thread is supposed to be about). Hopefully....
>> On Wed, Aug 29, 2018 at 5:50 AM Mike Banon <mikebdp2 at gmail.com> wrote:
>> >
>> > > What suspicious activities? I know, for many people the Intel ME firmware
>> > > contains unwanted features. But these features are documented.
>> > > In your world, a device becomes backdoored because somebody
>> > > didn't read the manual?!?
>> >
>> > Somewhere I've seen a report about Intel ME suspicious network
>> > activities (if I remember correctly they were using Wireshark on a PC
>> > placed between a computer with ME and the outside network) which has
>> > affected my personal opinion. Although it could be argued that its
>> > just some OEM has set up their ME in such a way, maybe even in a
>> > documented way (although a way undesirable to the end user), still it
>> > didn't look good to me. In addition, regarding all those Intel ME
>> > vulnerabilities recently discovered: one could assume that at least
>> > some of these "vulnerabilities" @ were actually the backdoors which
>> > have been patched just because they have been discovered by someone
>> > else than the american intelligence agencies who always knew them @ .
>> > Now Intel has patched these "vulnerabilities", but we do not know if
>> > some other "vulnerabilities" have been left unnoticed by the outsiders
>> > or if some new "vulnerabilities" have been added. And we the open
>> > source enthusiasts can't even verify that personally, because the
>> > source code of Intel ME firmware is closed. I cannot understand, how
>> > such a high level professional open source developer as you, Nico,
>> > finds it okay to just trust Intel ME despite its' deeply proprietary
>> > nature. Management engine with a closed source proprietary firmware -
>> > it even sounds awful..... I totally agree with Richard Stallman when
>> > he calls Intel ME a backdoor - https://stallman.org/intel.html
>> >
>> > > Please read [1] and [2] very carefully, I hope even you will spot
>> > > technical differences. [...] You cannot just take somebody's words
>> > > and give them a different meaning just because somebody else used
>> > > them in a different context. [...] You did it again, btw., stating something
>> > > (definition of frontdoor) and making it look like the generally accepted definition.
>> >
>> > Before receiving your message I knew only one definition of a
>> > "frontdoor" computing term which I described in my previous message.
>> > Although I don't know which definition is more popular, sorry for
>> > misunderstanding you.
>> >
>> > Mike
>> >
>> >
>> > On Wed, Aug 29, 2018 at 12:24 AM Nico Huber <nico.h at gmx.de> wrote:
>> > >
>> > > *sigh*,
>> > >
>> > > On 28.08.2018 22:00, Mike Banon wrote:
>> > > > You are right, my choice of words has been far from ideal. I apologize
>> > > > for that. However, to be confident that Intel ME is a backdoor
>> > > > (personal opinion) - one does not have to be its' creator.
>> > >
>> > > sorry I meant the creator of us (God) not the ME. I doubt the creator
>> > > of the ME knows everybody's opinion either. Which is what I was talking
>> > > about. A good practice is to quote and answer below that quote, this way
>> > > you can easily check if what you write makes sense in the given context.
>> > >
>> > > > I think
>> > > > there are enough documents describing its' functionality and enough
>> > > > evidence gathered by the independent security researchers about the
>> > > > suspicious activities of this hardware module. If it looks like a
>> > > > duck, swims like a duck, and quacks like a duck, then it probably is a
>> > > > duck?
>> > >
>> > > WTF again? what suspicious activities? I know, for many people the ME
>> > > firmware contains unwanted features. But these features are documented.
>> > > In your world, a device becomes backdoored because somebody didn't read
>> > > the manual?!?
>> > >
>> > > > There are no technical differences between the 'backdoor', and
>> > > > 'frontdoor'.
>> > >
>> > > Please read [1] and [2] very carefully, I hope even you will spot tech-
>> > > nical differences.
>> > >
>> > > > Like a 'conspiracy theorist', 'frontdoor' is a term
>> > > > coming from the american 3-letter-agencies. 'Frontdoor' is their term
>> > > > for a 'backdoor' to which only they (currently) have an access. This
>> > > > article summarizes it well:
>> > > > https://www.justsecurity.org/16503/security-front-doors-vs-back-doors-distinction-difference/
>> > > > . 'Backdoor' term has a negative reputation, so they would like to
>> > > > push this 'frontdoor' term forward.
>> > >
>> > > This is very infantile. You cannot just take somebody's words and give
>> > > them a different meaning just because somebody else used them in a dif-
>> > > ferent context. When I say frontdoor, I mean a door at a front where
>> > > everyone can see it. A backdoor implies something hidden, the ME fea-
>> > > tures were never hidden (AFAIK, a stupid OEM may prove me wrong, but I
>> > > don't know any instance).
>> > >
>> > > You did it again, btw., stating something (definition of frontdoor) and
>> > > making it look like the generally accepted definition.
>> > >
>> > > Nico
>> > >
>> > > [1] https://en.wiktionary.org/wiki/back_door
>> > > [2] https://en.wiktionary.org/wiki/front_door
>> --
>> coreboot mailing list: coreboot at coreboot.org
>> https://mail.coreboot.org/mailman/listinfo/coreboot

More information about the coreboot mailing list