http://blog.ptsecurity.com/2017/08/disabling-intel-me.html
Very interesting, makes me wonder about the AMD equivalent, and if there was similar provisions built into it for the US government’s “High Assurance Platform” program.
Out of curiosity, did you come across this from Hacker News as I did? If not, where?
Also, for older ME versions where ROMP and BUP can be the only loaded modules, Purism has been doing some reverse engineering. Might be of interest to you as it was to me.
I happened upon it on Reddit.
I have been looking into ME a bit more lately, thought I would drop some links for anyone else interested:
- IO - Intel ME (Manageability engine) Huffman algorithm
- [coreboot] Experiments with disabling the ME on Sandybridge x230 - original thread about the process used by ME Cleaner
- Flashrom wiki - ME
- me.bios.io
- Platform Embedded Security Technology Revealed - doi: 10.1007/978-1-4302-6572-6 - chapter 2
- CCC 2014 - AMD x86 SMU firmware analysis - about AMD’s ASP/PSP, which is similar to Intel’s ME