Taiidan, > I doubt those guys have the skill to do so but for those who do - you'd > spend tens of thousands in order to have a port for an old machine that > still is stuck with ME and hardware init done entirely by binary blobs.
It is not about the skill or money involved in the process, it is about the *possibility* of even running coreboot on said machine, which is most likely zero. > I would save your money and instead buy an ivy/sandybridge thinkpad (can > nerf the ME - but not disable which is impossible) AFAIK, you can still run me_cleaner on a Broadwell laptop. I don't think the ME is the main reason to get a XX20/XX30 Thinkpad over newer models. Mike, > microcode - is optional I assume you refer to microcode *updates*, not the microcode that is hard-coded inside the CPU. Still, I fail to understand why there is so much worry about microcode updates, as if they were going to open a backdoor of some sorts. To me, the only gain of not updating the microcode is in the number of bugs. I do understand temporarily delaying the updates of known unstable microcode versions while awaiting for a fix, though. > as far as I know its impossible to completely replace ME, only to trim > its' firmware as much as possible and hope for the best that it > doesn't have some undocumented "backdoor restore" mechanism that could > restore the original uncut blob under some conditions. Undoubtedly, > Intel ME is a backdoor, e.g. because it contains some antitheft > features which could be used to control your computer remotely: shut > it down, wipe or retrieve data from it, etc This makes me feel I should recall what Nico told you earlier: "please don't spread FUD on this list." Regards, Angel Pons
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot