:: Re: [DNG] Purism Librem and disabli…
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Alessandro Selli
日付:  
To: dng
題目: Re: [DNG] Purism Librem and disabling Intel ME: it can be done [Re: TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server ]
On Tue, 5 Sep 2017 at 11:53:46 -0400
"Taiidan@???" <Taiidan@???> wrote:

> On 09/05/2017 06:34 AM, Alessandro Selli wrote:
>
>> On Sun, 3 Sep 2017 at 07:32:10 -0400
>> zap <calmstorm@???> wrote:
>>
>>> On 09/03/2017 05:26 AM, Alessandro Selli wrote:
>>>> On 01/09/2017 at 20:36, zap wrote:
>>>>>> I doubt it will be owner controlled, as their laptops aren't - they
>>>>>> still haven't even gotten a blobbed version of coreboot working
>>>>>> (blobbed init code + ME enabled as they insisted on a crappy intel
>>>>>> soc) Purism isn't a trustworthy company.
>>>>> Gee, I thought purism was a trustworthy company, I mean they claim you
>>>>> can get the latest and the greatest without intel me
>>>>    This is *not* what they claim:

>>>>
>>>> https://puri.sm/learn/intel-me/
>>>>
>>>> "Freeing the ME is a challenge, but not impossible"
>>>>
>>>> "By working with Intel, motherboard design developers, as well as our
>>>> coreboot developers, Purism has put in motion a solid approach on how to
>>> run a freed Intel ME *in the future*."
>>> Sorry, but have you talked to libreboot or coreboot about this? and
>>> also, not even google with all their money can convince intel to give
>>> their secrets to them. That for me is a solid reason why I said this.
>>    The secret is no more a secret:

>>
>> http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
>>
>> August 28, 2017
>> Disabling Intel ME 11 via undocumented mode
>>
>> "Our team of Positive Technologies researchers has delved deep into the
>> internal architecture of Intel Management Engine (ME) 11, revealing a
>> mechanism that can disable Intel ME after hardware is initialized and the
>> main processor starts. In this article, we describe how we discovered this
>> undocumented mode and how it is connected with the U.S. government's High
>> Assurance Platform (HAP) program."
> That isn't disabling it, it is still involved in the boot process and
> you are simply again trusting intels word that everything is fine with
> zero verification.
>
> I take it you work for purism....raptor has made a legitimately owner
> controlled computer - whats stopping you?


The steep price.

> (besides obsession over intel
> x86) It is possible to make a POWER laptop with todays lower wattage POWER
> cpu's.


What makes you think IBM is more trustable than Intel? Who, other than
IBM, produces Power8 CPUs? Are the blueprints publicly available?


--
Alessandro Selli http://alessandro.route-add.net
VOIP SIP: dhatarattha@???
Chiavi PGP/GPG keys: B7FD89FD, 4A904FD9