On 11/22/2017 11:16 PM, R0b0t1 wrote:
Does anyone have more information on this? Has anything been
published? I'm interested in exploiting my own computers so I can
control the ME.
It seems that it is the same people who figured out HAP mode but they
haven't made a blog update I would ask on the coreboot mailinglist,
there are some very smart people there.
Although I doubt you will find any real information anywhere at all due
to the recent "white hat" tendency to restrict the real nuts and bolts
info and utilities to wealthy corporations instead of us peons who
*gasp* might do something "bad" with it/don't have lots of money to pay
for a "premier" support account.
I am curious as to why you wish to do this, considering you can buy a
libre firmware owner controlled motherboard with better functionality
(ex: OpenBMC) than any me/psp board for only $250 and $100 for a FX-8310
equivalent cpu.
On 11/22/2017 11:18 PM, R0b0t1 wrote:
On Wed, Nov 22, 2017 at 6:03 PM, taii...@gmx.com <taii...@gmx.com> wrote:
Using ME cleaner would also solve the issue and you wouldn't need any more
firmware updates when the next "bug" comes around.
Intel ME has been found to remain active after being disabled, and
some motherboards that do not ship as "vPro enabled" and consequently
haven't had the licensing paid for certain features have been found
with those same features enabled. I own an Asus laptop which is
affected. Some Asus forum post reported that there's a Java-based SOAP
webserver listening on the port associated with Intel ME. Intel ME is
not visible to the BIOS, and so it can't be turned any more "off."
I understand the limitations of me_cleaner, although in this case it
would in fact solve the problems as all the currently *publicly*
discovered "bugs" are all ME feature exploits (and the features are
removed by me_cleaner) rather than exploits of the ME kernel although I
am certain that one is on the way.
Believe me I know what I am talking about, I regularly provide support
on the coreboot mailinglist and I own a variety of devices that are
owner controlled with libre firmware (and of course no ME/PSP).
