On Sat, Sep 8, 2018 at 2:31 PM Peter Stuge wrote:
>
> Youness Alaoui wrote:
> > So, back to the ME, we know exactly what it does, it's all extremely
> > well documented and explained
>
> I disagree with this.
>
> It is absolutely true that *some* of what the ME does is extremely well
> documented
Youness Alaoui wrote:
> So, back to the ME, we know exactly what it does, it's all extremely
> well documented and explained
I disagree with this.
It is absolutely true that *some* of what the ME does is extremely well
documented and explained by the vendor, web services APIs and all, but
I
On Wed, August 29, 2018 9:41 pm, Youness Alaoui wrote:
>
> We're about to get full control back of the ME. I've been working for
> the past few weeks on reproducing the PTResearch buffer overflow exploit on
> the ME, and yesterday they released a PoC for Apollolake (in case you
> missed it :
Hello again,
> Sorry, I'm going to read the documentation more and make this a
> personal goal by the end of 2019. I didn't want to stir up so much
> drama. Time and money are not constraints on this particular
> problem. One way or another by January 22, 2019 I will have either
> figured it out
My suggestion: pick a laptop or system you like, for whatever reason you
like it. And work on it. And produce and upstream code.
If you do that, and you create more code, you are moving us all to a better
place. The more knowledge we can put into source code form, the better.
And, if you are one
On 08/30/2018 11:47 AM, Nico Huber wrote:
>> Actually it might be a good idea for Purism to at least consider the
>> switch to AMD Ryzen CPUs.
Absolutely not.
If anything they should leave x86 not simply waste money going to
another blobbed never-owner-controlled platform with a now unfriendly
I agree that the G505S is a superior choice vs the ivy/sandy thinkpads
as it has no ME/PSP thus making it the newest and last owner controlled
x86 laptop but everyone be aware that it NEEDS a microcode update or you
are very easily rooted due to the piledriver+ NMI CPU exploit
additionally without
On Thu, Aug 30, 2018 at 9:51 AM Mike Banon wrote:
>
> Hi Youness,
>
> > The fact that it's closed source and not user-controlled (Even if you had
> > the sources, you can't modify them and update it to your custom ME
> > version) is where the problem actually is. There *might* be a backdoor
> >
On Thu, Aug 30, 2018 at 2:15 AM Brian Herman
wrote:
>
> Sorry, I'm going to read the documentation more and make this a personal goal
> by the end of 2019. I didn't want to stir up so much drama. Time and money
> are not constraints on this particular problem. One way or another by January
>
Hi Mike,
On 30.08.2018 15:51, Mike Banon wrote:
>> The fact that it's closed source and not user-controlled (Even if you had
>> the sources, you can't modify them and update it to your custom ME
>> version) is where the problem actually is. There *might* be a backdoor
>> hidden somewhere in
Hi Youness,
> The fact that it's closed source and not user-controlled (Even if you had
> the sources, you can't modify them and update it to your custom ME
> version) is where the problem actually is. There *might* be a backdoor
> hidden somewhere in there, or maybe there isn't, nobody knows.
I
Sorry, I'm going to read the documentation more and make this a personal
goal by the end of 2019. I didn't want to stir up so much drama. Time and
money are not constraints on this particular problem. One way or another by
January 22, 2019 I will have either figured it out or I will pay to figure
Wow, Mike, seriously, I am going to side 100% with Nico, you are
spreading FUD, making your own personal opinions (which are themselves
derived from other people's FUD) and stating them as the universal
law.
The ME is not known to be a backdoor. It doesn't mean that it's not a
backdoor, it simply
> What suspicious activities? I know, for many people the Intel ME firmware
> contains unwanted features. But these features are documented.
> In your world, a device becomes backdoored because somebody
> didn't read the manual?!?
Somewhere I've seen a report about Intel ME suspicious network
*sigh*,
On 28.08.2018 22:00, Mike Banon wrote:
> You are right, my choice of words has been far from ideal. I apologize
> for that. However, to be confident that Intel ME is a backdoor
> (personal opinion) - one does not have to be its' creator.
sorry I meant the creator of us (God) not the ME.
Hi Nico,
You are right, my choice of words has been far from ideal. I apologize
for that. However, to be confident that Intel ME is a backdoor
(personal opinion) - one does not have to be its' creator. I think
there are enough documents describing its' functionality and enough
evidence gathered
Hi Mike,
you can be as much biased as you want, and you can express that here. I
have no trouble with that. What I don't like is your choice of words.
For instance with "Undoubtedly, Intel ME is a backdoor," you imply to
know everybody's opinion on the matter. Because I don't think you are
the
Taiidan,
> I doubt those guys have the skill to do so but for those who do - you'd
> spend tens of thousands in order to have a port for an old machine that
> still is stuck with ME and hardware init done entirely by binary blobs.
It is not about the skill or money involved in the process, it is
Hi Nico,
Although it can't be denied that I'm a bit biased here (since I own
that G505S), I'm less critical towards G505S blobs partially because
some of these blobs are indeed completely optional (e.g. xHCI - never
used it; microcode - is optional if you don't need a stable low level
Xen HVM
Pointless IMO.
I doubt those guys have the skill to do so but for those who do - you'd
spend tens of thousands in order to have a port for an old machine that
still is stuck with ME and hardware init done entirely by binary blobs.
I would save your money and instead buy an ivy/sandybridge
hi,
at the current state it is not possible to properly install Coreboot to a
ThinkPad, that is newer than the **3* series, because since Haswell, Intel
introduced a new technology called "Intel Boot Guard"- which prevents any
firmware that is not signed by Intel firmware to be used by the
Hi Mike,
please don't spread FUD on this list.
On 28.08.2018 09:54, Mike Banon wrote:
> And even if there weren't any problem with Intel Boot Guard, its not
> that easy to add a support for new board (impossible to do it over
> weekends, especially for the newcomers).
The T450s would probably
And even if there weren't any problem with Intel Boot Guard, its not
that easy to add a support for new board (impossible to do it over
weekends, especially for the newcomers). If I were you I would have
sold these T450S and bought some machine already supported by
coreboot. It could be one of
Hello Brian,
As far as I am concerned, Haswell or newer ThinkPads ship with Intel Boot
Guard enabled in Verified Mode. This prevents coreboot from running on
them. I assume this is the case on your machine as well, thus I advise you
to check before proceeding, to avoid wasting time.
Best
im sorry i should really read the documentation first i want to create the
support for a t450s ill do that this weekend
Sent from my iPhone
> On Aug 27, 2018, at 8:34 AM, Mike Banon wrote:
>
> Sorry but T450S is not supported by coreboot.
> Here is a list of laptops that ARE supported:
>
Sorry but T450S is not supported by coreboot.
Here is a list of laptops that ARE supported:
https://www.coreboot.org/Supported_Motherboards/old
On Mon, Aug 27, 2018 at 4:23 AM Brian Herman
wrote:
>
> I am in contact with a person with the means to reprogram a T450S.
>
26 matches
Mail list logo