:: Re: [DNG] Purism Librem and disabli…
Top Page
Delete this message
Reply to this message
Author: Erik Christiansen
Date:  
To: dng
Subject: Re: [DNG] Purism Librem and disabling Intel ME: it can be done [ Re: TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server ]
On 07.09.17 14:05, Alessandro Selli wrote:
> ROMB is the ROM Bypass and that too is builtin the PCH chip:
>
>     Loading starts with the ROM program, which is contained in the
>     built-in PCH read-only memory. Unfortunately, no way to read or
>     rewrite this memory is known to the general public. However, one can
>     find pre-release versions of ME firmware on the Internet containing
>     the ROMB (ROM BYPASS) section which, as we can assume, duplicates the
>     functionality of ROM.


Many thanks Alessandro for elucidating that. I'm experiencing some
culture shock on reading it.

I have not made a survey of the open source CPU cores implemented on
FPGAs, but a quick "fpga linux board" google shows multiple candidates.
Running a minimal kernel with little more than packet routing filtering
and a local management interface - console only if we're paranoid, means
we _are_ in full control of all network traffic in and out of out LAN.
(I do not plan to use wlan.)

Presumably all externally initiated connections are already blocked.
Then if we only allow outgoing connections to whitelisted IPs, we're
beginning to make things more difficult for snoops. Vulnerabilities on
our hardware-compromised hosts are less exploitable if they can't be
reached, I figure.

If the firewall is on a FPGA, then we know what every gate is doing, as
we have the VHDL source for it.

Erik