Purism Librem Laptops Completely Disable the Intel ME!!!

12 Antworten [Letzter Beitrag]
0d54770d

I am a member!

Offline
Beigetreten: 04/09/2016
ivanB1975
Offline
Beigetreten: 08/29/2017

Mhmm.... This is already done by many here....
check here please: https://github.com/corna/me_cleaner/issues/3
All these people did already this.
The developer that achieved this is Nicola Corna. Credit to him.
I also disabled intel ME.
If you check here: https://puri.sm/posts/deep-dive-into-intel-me-disablement/
They use the script of Corna.

0d54770d

I am a member!

Offline
Beigetreten: 04/09/2016

I never said that Purism did this work all by themselves; I merely bring it up, because it demonstrates their commitment to free software, making it harder to believe that they are some kind of fraud (which a lot of people on this forum think is the case).

ivanB1975
Offline
Beigetreten: 08/29/2017

yep, I think the same. They are really doing some work.
Ps I didn't mean to be rude, I am just tired :) late hours here in Europe :)

ivanB1975
Offline
Beigetreten: 08/29/2017
tonlee
Offline
Beigetreten: 09/08/2014

People on libreboot's irc say differently. Libre software requires you have all the source code. You do not. The intel cpus will only work, if the software is signed by an encryption key only intel has. That is why you cannot select what cpu software to install.

ivanB1975
Offline
Beigetreten: 08/29/2017

Not totally correct. You are speaking about the intel Boot guard that is not enabled on all laptop. If it is enabled me_cleaner doesn't work. Check here please: https://github.com/corna/me_cleaner/wiki/Intel-Boot-Guard
So if you are able to use the me_cleaner script means that there is no intel Boot guard.
Regarding the phrase: "The intel cpus will only work, if the software is signed by an encryption key only intel has. That is why you cannot select what cpu software to install." I really don't get it...

tonlee
Offline
Beigetreten: 09/08/2014

>You are speaking about the intel Boot guard

I speak about, you do not have the source code. You cannot install your own software, because you cannot sign the software, because you do not have the key.
The software, which the cpu require, you cannot audit it.
You do not know what it does.

ivanB1975
Offline
Beigetreten: 08/29/2017

The only credit I would give to Purism company is the fact that they are investing on this topic. They ported their hardware to coreboot. This requires some work as I am finding out. Not so easy as disabling intel ME.

chaosmonk

I am a member!

I am a translator!

Offline
Beigetreten: 07/07/2017

I think the page you link to is a good example of why Purism comes across as less-than-honest. While they avoid explicitly taking credit for disabling the ME, they phrase everything so that if you aren't paying very close attention you'll interpret it that way.

For example, your initial post indicates that the Purism article led you to believe that this is a new accomplishment and that Purism is responsible for it. When ivanB1975 pointed out that this is not true, you acknowledged that he was correct but apparently did not feel lied to by the article, perhaps because it avoided making any explicit claims about the issue.

As far as I know Purism hasn't actually lied about anything, in which case you are correct that they are not literal frauds. However, they use misleading language so consistently that it is certainly intentional, and the tactic seems to have worked here.

Compare that to the language Technoethical uses here.

"Technoethical S3 smartphones are refurbished Samsung Galaxy S3's pre-installed with the 100% free operating system Replicant. Please note that while the main processor is running only free software, the modem processor is running a Samsung nonfree system."

They state exactly what they are selling, appropriately credit Replicant for their work, and then immediately draw attention to the nonfree modem. They then go on to disclose the other limitations of the product, with phrases like "read-only nonfree boot rom" and "nonfree bootloader" in bold so the reader won't miss them. When they describe research, they acknowledge who was behind it ("In 2014, Replicant developers have found..."). It isn't until the fourth paragraph, after they are certain that the reader has been adequately informed, that they begin to actually try to advertise the product. In doing so they credit Replicant for all features for which they are responsible, rather than implying that these features are unique to Technoethical's products. After that, they let the specifications speak for themselves so that the reader can decide for themselves whether the product is what they want.

Companies like Technoethical, Minifree, and ThinkPenguin are of course businesses that want you to buy from them, but they consistently prioritize accurately informing potential customers. Purism does the opposite. they prioritize creating as positive an image of themselves and their products as possible, and only disclose information to the contrary when they absolutely have to, and in as little detail as possible.

IrishUSA
Offline
Beigetreten: 12/03/2016

This is an excellent post, but ThinkPenguin does not go as far out of its way to caution customers as Technoethical does. A relevant point of comparison would be Technoethical's up-front and proactive discussion of the limitations of its smartphones, including from a freedom perspective, while ThinkPenguin does not mention that its PCs use the default manufacturer-supplied BIOS.

onpon4
Offline
Beigetreten: 05/30/2012

This is true, but Think Penguin also doesn't market itself as selling freedom-respecting hardware. It just markets itself as selling hardware that works with libre GNU/Linux distros out-of-the-box. Only products which have been RYF-certified are labeled as freedom-friendly.

onpon4
Offline
Beigetreten: 05/30/2012

I don't even like the fact that they're calling this "disabling" the ME. That term suggests that it's not being run, when it absolutely is; it's just being run less.