I was thinking that the x230 was so old it would just keep running, is that possible? I know that on newer platforms you only get the 30 minutes.
ron On Mon, Sep 12, 2016 at 10:28 AM Peter Stuge <pe...@stuge.se> wrote: > ron minnich wrote: > > That's pretty interesting. I had no idea that would work. > > > > I wonder if erasing it all erases that little boot of the ME you need to > > get the hardware going, whereas the 4KB erase lets the little bootstrap > > run but disables the ME otherwise. If so, that's great news. > > The ME code to start the platform is in (on-chip) ROM and a failed > signature check of the (compressed with AFAIK still unknown codebook) > ME code in flash just means that the ME considers the system broken > and allows it to run for a little while so that a human can repair it. > > It's described pretty well in the Platform Embedded Security Revealed > book, along with the fact that the ME will sync it's internal clock > with NTP servers across the internet once every 30 days, to make CRL > checks for the remote management PKI work. Maybe this particular thing > doesn't happen with the smaller ME firmware. Dunno. > > > //Peter > > -- > coreboot mailing list: coreboot@coreboot.org > https://www.coreboot.org/mailman/listinfo/coreboot >
-- coreboot mailing list: coreboot@coreboot.org https://www.coreboot.org/mailman/listinfo/coreboot
