On Fri, 8 Dec 2017 21:34:57 +0100 (CET)
eche...@free.fr wrote:
> For those who are interested in the Intel ME, the slides and white
> papers
> from the Black Hat Europe are public.
>
>
Nico,
I faced this same thing earlier I believe.
The reason I disabled it was to stop coreboot from writing to the flash chip. I
was advised to turn off CONFIG_ENABLE_FSP_FAST_BOOT and this worked for the
flash but had this side affect.
Garrett, Are you disabling it for the same reason?
Congratulations for following through on the investigation :D
I am not sure how to do a commit, but I hope you are able to find out as
you will have helped a lot of people.
I am pleased with myself for noticing that the lack of microcode updates
was the issue - as the CPU is similar to a
On Wed, 29 Nov 2017 23:39:27 +0100
"Enrico Weigelt, metux IT consult" wrote:
> Hi folks,
>
> i'm curios whether Goryachy's JTAG hack is a chance for
> getting rid of all proprietary ME/UEFI firmware.
>
> If i'm correct, the ME firmware (or parts of it) is signed, and
> the CPU
On Thu, 07 Dec 2017 16:22:48 -0600
Timothy Pearson wrote:
> While dell has not gone into detail on this offering, from what has
> been described it is highly likely that they were setting the HAP bit.
I would guess that too, especially since Dell was already part
Hi,
On Thu, 7 Dec 2017 22:29:44 +0100 (CET)
eche...@free.fr wrote:
> [...] to this new initiative of Dell or System76?..
For Intel devices with chipsets more recent than the GM45, so far I
know only the following manufacturers that "disables" the Management
Engine:
- Puri.sm which enables the HAP
On 12/12/2017 12:11 PM, Denis 'GNUtoo' Carikli wrote:
As I understand, this by itself isn't sufficient yet to boot a post-GM45
Intel with free software, however it gives a lot of insight on how
things work and enables all researchers to understand better the
Management Engine and recent Intel
Hi,
>From the PT article you linked to, after the stage 5 of BUP execution :
"It is at this stage that we find HAP processing; in this mode, BUP
hangs instead of executing InitScript. This means that the remaining
sequence of actions in normal mode has nothing to do with HAP and will
not be
> I guess I still disagree with the use of the word "disabled". If the ME
> wasn't required for boot, and was actually disabled within a few cycles
> of its CPU starting, the remaining attack surface simply wouldn't exist.
> This is not what happens though, and AFAIK even the ME kernel continues
Hey,
I've bought a Minnowboard Turbot (quad core / E3845) to start developing
on the Atom's.
I was hopping that it has support like the Minnowboard Max but it get
stuck right after FspInitApi(); in
coreboot/src/drivers/intel/fsp1_0/fsp_util.c. The last output i can see
is "POST: 0x92" which
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
According to Positive Technologies, on Skylake and higher (like the
Purism machines) the kernel loads the BUP, and the HAP bit only disables
the normal userspace processes [1].
What proof do you have that the kernel itself is halted?
[1]
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 12/13/2017 07:29 PM, Michael Graichen wrote:
> Hey,
Hi Michael,
>
> I've bought a Minnowboard Turbot (quad core / E3845) to start
> developing on the Atom's.
>
> I was hopping that it has support like the Minnowboard Max but it
> get stuck
12 matches
Mail list logo