Yes, that is correct. On 1/30/19 4:33 AM, Frank Beuth wrote: > On Tue, Jan 29, 2019 at 10:09:23PM -0500, Chris Laprise wrote: >> On 1/29/19 8:59 PM, Frank Beuth wrote: >>> Can someone explain the interaction between Anti Evil Maid/HEADS and >>> the Intel Management Engine to me? >>> >>> I read an article which stated that disabling Intel ME also prevents >>> installing AEM (and related technologies), but I am not sure why (or >>> if this is really true). Is ME needed to access the TPM? >> >> Someone correct me if I'm wrong... IIRC the ME processor is needed to >> operate the TXT feature which verifies code present at boot. TXT >> utilizes a TPM but is separate. >> >> https://en.wikipedia.org/wiki/Trusted_Execution_Technology >> >> Newer systems also have the TPM built into the CPU and I believe these > > That makes sense, thank you. > > Apologies if this is getting offtopic, but: one author suggested that > modern versions of Coreboot could (in absence of Intel ME or AEM) > reduce Evil Maid attacks to physical attacks requiring the attacker to > open the laptop and physically reflash the SPI flash. > > Does this sound correct? >
-- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7f9b96b5-3c93-7a5d-dbfb-1098fc10b6f4%40cryptogs.de. For more options, visit https://groups.google.com/d/optout.
