You can get barebone c3xxx series atom boards from Supermicro. My personal interest is the variants that come with dual SFP+ interfaces. It's a pity that there is no thunderbolt3 on them by default (free 10/40gbit networking).
On 3 December 2017 at 08:54, Rupert Gallagher <r...@protonmail.com> wrote: > Do you have any reference on Intel M.E. being present on Atom C3308? > > Sent from ProtonMail Mobile > > On Sat, Dec 2, 2017 at 20:14, Kevin Chadwick <m8il1i...@gmail.com> wrote: > >> On Sat, 02 Dec 2017 03:11:23 -0500 > IME (vPro) is included in Xeon and Core >> chips. Atom is clear of it. > Just checked. Perhaps the older ones but I >> doubt that. The latest Atom Apollo Lake E3s even PROVIDE "Access to user >> memory". Which I believe means the entire RAM and if so is quite >> ridiculous!! I am sure it will change however the current working exploits >> require access to a USB port, though the OS has access and could turn >> malware into HW resident malware. OpenBSD is as good a protection as you >> will get there though and probably even better for future exploits. I am >> still unclear as to whether a properly setup Trusted Execution Engine can >> protect the system. I guess from persistent firmware invasion but not >> protect kernel memory access or prevent an attacker gaining knowledge for >> gadgets (if can get to a Debug USB from userland) or worse. Reminds me of >> IPv6 to some degree but worse. Take a small problem and expand it until you >> have potential for undermining everything. The most ironic is Intels recent >> adverts for not trusting software but HW instead. Can be true in an >> application specific fashion but even then it has to be done right. >> Unfortunately the lastest hardware is much cheaper so it isn't necessarily >> as simple as just using some older stuff that may just be less understood, >> unless you go further into obsolescence territory. AMD is *maybe* an option >> but they are moving higher end not cheaper by the looks of it.
