• MigratingtoLemmy@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    1 year ago

    Technically speaking, Intel can take steps to make it easier for consumers to prevent ME from booting.

    Take AMD for example. In 2027, AMD plans to publish OpenSIL, which will basically give the community keys to the initialisation of silicon (which includes AMD PSP). Of course, Intel being the POS that they are aren’t going to do that

      • dcat@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Intel isn’t preventing you from using Coreboot, or disabling IME.

        You are probably never going to be able to boot intel CPUs without using IME.

        so … intel is preventing you from disabling IME …

    • gh0stcassette@lemmy.fmhy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Bit of a noob question wrt IME, but I noticed a toggle in the linux kernel configuration menu to disable IME the other day when I was compiling my first custom kernel. I understand that IME is a separate processor with separate network access that operates at or below the BIOS/UEFI level of the system. Does the linux kernel option actually do anything? And if not why is it there.

      It doesn’t seem like that should be able to do anything, knowing what I do know about the IME

      • MigratingtoLemmy@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        This is serious (and exciting) news to me. I need to take a look, do you have any resources that talk about this? Indeed, the kernel should not be able to do anything about ME, but what do I know, Kernel developers are much smarter than I am.

      • SaltyCheesecake@lemmy.fmhy.mlB
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Can’t check right now, but I think the option you saw in the kernel config is for a driver to interact with the ME. Intel Management Engine has an interface called HECI for firmware and operating systems to query status and get event messages. It probably is also used to configure other stuff like AMT remote management.