On Tue, Jan 29, 2019 at 10:09:23PM -0500, Chris Laprise wrote:
On 1/29/19 8:59 PM, Frank Beuth wrote:
Can someone explain the interaction between Anti Evil Maid/HEADS and
the Intel Management Engine to me?
I read an article which stated that disabling Intel ME also prevents
installing AEM (and related technologies), but I am not sure why (or
if this is really true). Is ME needed to access the TPM?
Someone correct me if I'm wrong... IIRC the ME processor is needed to
operate the TXT feature which verifies code present at boot. TXT
utilizes a TPM but is separate.
https://en.wikipedia.org/wiki/Trusted_Execution_Technology
Newer systems also have the TPM built into the CPU and I believe these
That makes sense, thank you.
Apologies if this is getting offtopic, but: one author suggested that modern
versions of Coreboot could (in absence of Intel ME or AEM) reduce Evil Maid
attacks to physical attacks requiring the attacker to open the laptop and
physically reflash the SPI flash.
Does this sound correct?
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20190130033349.vvskj53hqta7pxek%40web.local.
For more options, visit https://groups.google.com/d/optout.
