I bought one of these. I have rpis. I'm gonna disable the Intel ME on my uefi motherboard. How secure is your system, user? What motherboard you have and what firmware is it running? Laptops/Thinkpads welcome too
I bought one of these. I have rpis. I'm gonna disable the Intel ME on my uefi motherboard. How secure is your system...
Zachary Price
Other urls found in this thread:
Wyatt Thompson
I'm using an AMD Threadripper on some gigabyte brand motherboard with the stock BIOS. What do I need to do to just unbotnet my shit up?
Easton Rodriguez
Best you can do is disable PSP UEFI driver in BIOS. Nothing else. Nada
Adrian Bell
What does rpis have with disabling the IME to do?
Robert Price
Good luck lol. As I understand it, one of three things will happen if you attempt that:
>you brick your system
>you out right can't and probably brick your system figuring that out
>you somehow succeed and brick your system because it refuses to boot without ME
Sorry user, if you want to truly escape the botnet, you have to buy pre mid-2000's intel processors. AMD is a similar game.
Owen Turner
They can be used as SPI flashers
OP will obviously dump the working firmware first. If the modified one doesn't work he can reflash the old one using the raspberry pi
Ayden Watson
I wonder who's behind this post...
Anthony Taylor
Someone who's messed with bios flashing before
Angel Walker
Nathaniel Long
This doesn't remove or even disable ME, just elements of it. Furthermore OP said he's flashing, ie nuking all of ME, while this is just a python script you run.
William Phillips
Well so have I, and it worked perfectly well. That being said, I didn't use external hardware to do that; it's perfectly possible to reflash the chip using in-system interfaces. But I did solder an extra, selectable chip onto the motherboard for backup.
Connor Martin
So you're telling me you've completely removed ME from a machine, something coreboot devs havn't been able to do, and have it still work? Please, detail the process.
Leo Nelson
No, I said I've been messing with BIOS flashing without bricking the machine. That was on a K8 that didn't have a PSP to begin with.
Landon Rogers
ME can't be killed! 666
Landon Brooks
3edgy5me
Joshua Morales
rip the ARM chip on the motherboard that lets full botnet take over if or when it ever needs to
Asher Foster
Python script that nukes all parts of ME that can be nuked from your existing image.
Aaron Parker
>that can be nuked
exactly my point
Ayden Williams
Can you tell me more?
Kevin Perry
>I'm gonna disable the Intel ME
Hackintosh will not work/will not have gpu hardware acceleration/will have long boot times
Ethan James
I have two Thinkpads, a X200 and W500, both personally Librebooted. It's a very easy process once you have the software set up properly on your flasher.
retard
Cameron Lewis
no idk anything about it. am4 motherboards have an arm chip for no CPU bios flashing etc, but of course they added more into that than just that..
Jason Hernandez
I ordered an x230 yesterday. I'm going to try to disable ME and run coreboot on it
Aiden Campbell
>no idk anything
based and redpilled, thanks for your contribution to this board.
Joseph Richardson
>based and redpilled
thank you for your epic meme redditbro
Andrew Green
No problem, autismo
Joseph Brown
Whats this talk about botnet here on Jow Forums please someone elaborate?
Ian Stewart
>you brick your system
reflash it until it works
>you out right can't and probably brick your system figuring that out
again, reflash it untill it works. worst case scenario get another eeprom chip and flash it
>you somehow succeed and brick your system because it refuses to boot without ME
reflash the backup you made
nigger eeprom is literally like a pendrive with firmware on it. if it doesn't work it's because the firmware is incompatible or you fucked up with flashing it somehow
Asher Peterson
Running it with /S (HAP(High Assurance Platform,Skylake+)/MAD(MeAltDisable, pre-Skylake) bit + removing most modules) will cause it to only initialize the CPU and lie dormant thereafter. Pre-skylake CPUs only need 2 modules to boot, out of many. Skylake+ need 4. The network stack for example is completely nuked. The ME is so reduced that it is much better than the placebo PSP switch for AMD Ryzen. Hopefully a equivalent PSP Cleaner will come soon.
Kayden Hughes
My point isn't that OP can't reflash the BIOS it's that he's going to have to in the first place if he tried to fuck with ME beyond ME cleaner.
Lincoln Hall
google the board if you want to learn about it
Mason King
[Citation Needed]
David Ross
>truly escape the botnet,
Honestly speaking, the ME_Cleaner is good enough. The ME will just initialize the CPU and thereafter pretty much lose access to almost everything else it previously had access to, such as network stack etc.
Gavin Clark
I have a libreboot X200
Angel Jenkins
not every mobo has no cpu flashing, that's why they had the whole loaner thing going for upgrading to 2xxx series.
AMD have a secondary on-die arm chip for privileged tasks that is closed sourced and cannot be definitely disabled.
Elijah Young
OP here: I am going to use me_cleaner. You need to use an external flasher for me_cleaner.
Does anyone know of any modern ATX motherboards that support libreboot?
Brody Cooper
Wait, really? I thought you just ran the Python script. How do you flash it?
Aaron Stewart
Super juicy, I had an x200 as well and had to flash the firmware when I changed the wifi card
Good luck do post about it maybe in /tpg/
The socketed chips are best
I have devil's canyon so I was happy to see that pre Skylake can run with just the basic ME initializer
I'm only going to fuck with me_cleaner
Although I'd love to also get an open uefi but it seems that mostly only laptops get that treatment
Legit
Read the GitHub README it clearly states the operation is not safe to be ran on the live system. The python script should be ran on a pi to first make a backup of your flash. Then patch it and reupload
Josiah Gutierrez
>hack Sussex
I live in East Sussex desu >.