this post was submitted on 26 Jul 2023
1124 points (91.7% liked)

Programmer Humor

32464 readers
312 users here now

Post funny things about programming here! (Or just rant about your favourite programming language.)

Rules:

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] mimichuu_@lemm.ee 1 points 1 year ago (1 children)

Coreboot doesn't disable the IME by the way. It just gets rid of some of it's functionality blobs and sends a signal to it telling it to please disable itself. No one knows if that signal actually works. Only Intel themselves can actually fully remove it from a processor, like they did with the processors they sold to the NSA.

[–] spez@sh.itjust.works 2 points 1 year ago* (last edited 1 year ago) (1 children)

Only Intel themselves can actually fully remove it from a processor, like they did with the processors they sold to the NSA.

Looks interesting, source please.

[–] mimichuu_@lemm.ee 3 points 1 year ago* (last edited 1 year ago)

Okay I did some research and I was wrong. There is no confirmation Intel specifically removed the IME from NSA's PCs. It's just that some reverse engineers found a flag that supposedly disables it, and their theory is that it was meant for the NSA.

https://www.notebookcheck.net/Eureka-The-Intel-Management-Engine-can-finally-be-disabled-thanks-to-the-NSA.245922.0.html

I believe this is the switch System76 and Purism turn off, but as I said, since the blob is still there, we can't be sure that switch actually works or if it's just a trap.