On Sun, 3 Sep 2017 at 07:32:10 -0400
zap <calmstorm@???> wrote:

>
> On 09/03/2017 05:26 AM, Alessandro Selli wrote:
>> On 01/09/2017 at 20:36, zap wrote:
>>>> I doubt it will be owner controlled, as their laptops aren't - they
>>>> still haven't even gotten a blobbed version of coreboot working
>>>> (blobbed init code + ME enabled as they insisted on a crappy intel soc)
>>>> Purism isn't a trustworthy company.
>>> Gee, I thought purism was a trustworthy company, I mean they claim you
>>> can get the latest and the greatest without intel me
>> This is *not* what they claim:
>>
>> https://puri.sm/learn/intel-me/
>>
>> "Freeing the ME is a challenge, but not impossible"
>>
>> "By working with Intel, motherboard design developers, as well as our
>> coreboot developers, Purism has put in motion a solid approach on how to
>> run a freed Intel ME *in the future*."
> Sorry, but have you talked to libreboot or coreboot about this? and
> also, not even google with all their money can convince intel to give
> their secrets to them. That for me is a solid reason why I said this.

The secret is no more a secret:

http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

August 28, 2017
Disabling Intel ME 11 via undocumented mode

"Our team of Positive Technologies researchers has delved deep into the
internal architecture of Intel Management Engine (ME) 11, revealing a
mechanism that can disable Intel ME after hardware is initialized and the
main processor starts. In this article, we describe how we discovered this
undocumented mode and how it is connected with the U.S. government's High
Assurance Platform (HAP) program."


Good hacking! :-)


--
Alessandro Selli http://alessandro.route-add.net
VOIP SIP: dhatarattha@???
Chiavi PGP/GPG keys: B7FD89FD, 4A904FD9