It is actually a scandal that the world depends on chips and operating systems – that are designed to do mass-surveillance – it seems – in order to build up a world-wide-dictatorship that no-one can escape… by information and money.

„The Intel Management Engine (Intel ME) refers to the hardware features that operate at the baseboard level, below the operating system. By enabling interaction with low-level hardware, Intel gives administrators the ability to perform tasks that previously required someone to be physically present at the desktop.“ (src: http://www.tomshardware.com/reviews/vpro-amt-management-kvm,3003-6.html)

But why do they not give you the documentation and the manual – to use and utilize this supreme cool feature they build into your computer?

Because you are not meant to use it. I have NEVER seen an Administrator using it.

So please consider support and buying and testing the first kickstarting-Open-Hardware-projects in doing.

Intel’s ME is deeply integrated in the chipset, or SoC.

In computers with Intel processors, the so-called Management Engine (ME) is using undocumented functions;

to remove the encrypted Firmware, there are now Tools for brave hobbyists.

The Italian programmer Nicola Corna has the Tool me_cleaner developed a proprietary and encrypted (see Update 2) Firmware of the Intel Management Engine (ME) BIOS Images removed.

It is, ultimately, a Python script, which some of the so-called Firmware-partitions of the modular (UEFI)BIOS clears simply or overrides. Then fit me_cleaner the Firmware Partition Table (FPT) of the BIOS Images to the System BIOS Code at all to load and to re-boot.

The aim of the campaign is to prevent the execution of the ME, or to block at least their communication and interfaces, for example, by the network Stack is removed from the BIOS Code.

Indeed, there are significant concerns about the undocumented functionality of the ME, which is, in principle, be able to all of the data of an ongoing computer access.

Function circumcision

Nicola Corna expressly points out that the me_cleaner can lead to total failure of a treated computer and many unknown effects on the PC-operation possible.

So, for example, on the Hand, the ME Firmware without a network Stack can provide remote maintenance via Ethernet.

[Update 2:] it was here that the Removal of the ME-network Firmware via Ethernet via PXE blocked, but this Boot Code has nothing to do with the ME Firmware to do.

me_cleaner away, but probably also the Basis of the Protected Audio/Video Path (PAVP), which is likely to undermine on Windows computers DRM-systems, the commercial Streaming services such as Netflix or Amazon Prime Video.

Finally, Trusted Platform Modules according to the fTPM 2.0 should not work – Microsoft BitLocker may be in turn.

However, for people running Windows systems with proprietary Code, the shutdown of the ME is in any case little sense. (in terms of privacy and security)

The BIOS Image with the undocumented ME-Code"Blob" is Far from the only proprietary Firmware in PCs.
The BIOS Image with the undocumented ME-Code“Blob“ is Far from the only proprietary Firmware in PCs. Zoom in
Since the full functionality of the ME undocumented, but also has an impact on power consumption and stability of the computer possible – and also on how feedback brave hobbyists on the GITHub page of the project me_cleaner documents.

External Flash

Use of the me_cleaner is some prior knowledge and special Hardware required: With an external programming adapter for SPI(NOR)Flash Chips, you have to at first, the BIOS Code or the BIOS Image from the memory chip (Notebook)motherboard extract. Then, to edit a copy of the BIOS Image on another System with the me_cleaner to write it again with the programming adapter in the Chip.

[Update:] Of course, you can edit the BIOS-Image is also of a suitable BIOS Update file to extract for each Computer, with me_cleaner and then with a Flash Tool under DOS, Linux, or Windows in the Chip to write or in many BIOS Setups the built-in Flash Tools. However, many manufacturer-specific Flash-Tool checks the BIOS Image before Writing, universal Tools work on every System.And if the computer with the me_cleaner edited the BIOS-no more boot Image, you need a device with an external programmer.

Questionable Success

Quite frankly, Nicola Corna explained that there is of course no proof of this, that can give me_cleaner binds the function to the ME. He developed me_cleaner on the Basis of new findings of inventors such as Trammell Hudson and Igor Skochinsky more and also hopes for feedback from volunteer testers. On systems with Intel Boot Guard works me_cleaner not, because the execution of unsigned Firmware to prevent.

Intel Management Engine (ME)
The ME consists of a micro controller, which is part of the chipset or CPU SoCs, as well as the compressed and encrypted ME Firmware that’s in the BIOS Code Image. Zoom in
Image: Intel
Ultimately, it is up to Intel, finally, the function and the Code of ME to disclose, in order to strengthen the cracked confidence in their own processors and platforms.

[Update 3:] The ME Firmware is signed and compressed, but not in the real sense in an encrypted form, For parts of the code uses Intel conventional LZMA compression, a proprietary (Huffman)coding, in the corresponding dictionary, but in the chip-set is stored. In April 2015 there is a decompressor for ME Firmware up to the Haswell Generation (ME versions 6 to 10). With Skylake (ME Version 11) has Intel switched for ME to a different micro controller than the previously used ARC-core.

Related Links:

auto-translated by: https://translate.yandex.com/translate

admin