NOOB Question Coreboot + ME Cleaner + SeaBIOS + Nouvea

Hi, first time post and yes, I searched for the answer to this question but couldn’t find one.

I have an old Dell E6400 and for fun, want to make it hackproof. To this end, I want to flash the BIOS to Coreboot, get ME Cleaner installed, then add SeaBIOS and finally run Nouvea because I have a Nvidia GE98-920-20 graphics chip.

So, how do I get all that to work? There are no forums for any of these open source projects, so I’m posting here. If this is the wrong forum, please let me know.

AFAIK, I need to flash Coreboot, get ME cleaner to remove the Intel Backdoor Inside (ME), then add blobs, like Seabios but then somehow leave off VGABios and install Nouvea instead.

Can anyone walk me through the process? I’m pretty good a running terminal commands if that helps.

BTW, if anyone knows of better hardware to use, I’d consider buying it. I’ll be installing Cubes OS and only using the laptop for MS Office (LIbreOffice) and surfing the web.

Thanks for your help.

The only way to be %100 sure it cannot be hacked is breaking it so it no longer works.

The e6400 is currently not supported by Coreboot. There have been a couple of people talking about it, and someone has started development on support.

I think the main thing is DDR2 support for the motherboard chipset, although there may be other things.

Thanks to everyone for your responses. I bought a Thinkpad T530 so I can get my Coreboot fixation resolved.

Hi! Yes, the main thing is DDR2 support. Looking at some schematics I found online, as well as the motherboard itself, there are a few chips that make up the keyboard/touchpad controller and super IO, none of which are supported by coreboot. I can’t seem to track down any datasheets whatsoever on those chips, even on archives of various sites, which makes it hard to support these components. So I don’t know if this board can be fully supported. Also, I think code would have to be written to support the Nvidia graphics chip, but my E6400 only has Intel graphics from the chipset, so I likely wouldn’t be able to code that. I’m actually new to coreboot development, and this is a rather challenging first project, but I’m going to attempt it anyway, if only for the learning experience.

Hey, just an idea but would simply cutting ALL of the Intel ME code from the BIOS disable the Intel Backdoor Inside? I have a pre Haswell Intel CPU.

It’s been a while since I read about the ME, so please do your own research. IIRC, the ME is required to not only provide the unwanted (from a security perspective) communications functionality, but also to “bring up and initialize” various internal CPU sub-components. Without a working ME, the CPU will shutdown after +/- 30 seconds. The trick is to have the ME provide the aforementioned CPU initialization and then shut itself down, so that its comms back-channel (it’s plumbed directly into the Ethernet port - among other things) can not be compromised by nefarious actors.