Hello,
I have beenĀ using Qubes 4 on a thinkpad x220 and it runs very well.
Unfortunately, my model is the one with the i7 which is not very well
tested/supported by coreboot and i failed multiple times while trying to
flash it.
So i had to keep the original BIOS but at least i removed the ME
sections and set the disable bit using me_cleaner. The problem is that
this operation makes the TPM non functioning for the operating system:
it is impossible to take ownership.
In the future i'll try to only set the disable bit without removing the
sections and some other combinations of that but in case the TPM will
still not work i'm wondering if i should re flash the original BIOS. In
summary, are the TPM benefits enough to forcw me to keep the ME?
I know this may be more subjective depending on everyone's own threat
model but i would like to hear opinions on it.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/6c195f3e-d0e6-2006-ec9a-12e872501c4a%40anche.no.
For more options, visit https://groups.google.com/d/optout.
