Interesting email with System76 today re: IME
I asked about IME, if it was possible to partially disable it on one of their new laptops. Here's the response:
>"On all System76 laptops with Intel 13th generation processors, including the Galago Pro, the Intel Management Engine is completely disabled. Previously, on Intel 11-12th gen, we were not able to completely disable the IME due to issues with suspend. These have been addressed in our latest Coreboot firmware though, so we are again completely disabling the IME."
I did not know they were "completely disabling" IME.
It's not so impressive. It's not both disabled *AND* neutered. Or better yet: Totally gone.
>"It's not both disabled *AND* neutered."
Which begs the question - what is a "completely disabled" and "not-totally-neutered" IME capable of?
>"Or better yet: Totally gone."
Well, you could smash the cpu with a sledgehammer a few times, and/or melt it. Other than that, "totally gone" ain't happening I don't think since it's supposedly in the silicon itself.
>"It's not so impressive."
No. But it is interesting.
> Which begs the question - what is a "completely disabled" and "not-totally-neutered" IME capable of?
With ME Cleaner the firmware size is reduced(source):
IME Generation 2 from 1.5 MiB / 5 MiB (based on the model) to 84 KiB
IME Generation 3 from 2 MiB / 6.6 MiB to 330 KiB
This means that the operating system of the micro-controller is disabled and most functions are broken.
Coreboot with disabled or neutered IME is impressive. It provides much more confidence than a system without it. Personally in cases that a user cannot absolutely do with the hardware limitations a gnubooted pc has to offer, I make a choice between the "less evil" and I offer him/her the postblobs-libreboot as an alternative, although I first make sure to provide adequate information. For example I present my own choices, my workflow and how I overcome this limitations. But her/his choice is not mine to make.
Even though the huge difference coreboot is making (comparing with one without), those remaining KiB of code, which nobody, except Intel and their partners can review or be sure exactly what they are doing, are still there.
We must also keep in mind that every layer of computer can interact with (even the weakened) ME without anyone noticing. From the lower lever (i.e. bios) to the upper lever (i.e. OS and applications). Imagine what can someone do, even with a less than 1Kib fully privileged script to a computer.
Companies that are selling products with coreboot-IntelME disabled/neutered like the one mentioned and others, they are for sure not the enemies, as they are endorsing that ME is a problem.
But we must understand that their choice between gnuboot and coreboot is not a choice of freedom, is a choice of business model.
That, in my point of view, is the handle. Do we, in the end of the day, declare a "few" non-free lines as acceptable? Do we say that it is what it is and move on declaring it as the only viable option? Do we try to justify this decisions by making excuses about "realism"?
And then why stop there? What keeps us from saying that a few more non-free lines of code in the OS or the browser are acceptable?
I say let's everyone try what we can do best and be completely open about our choices. First to ourselves and then to others.
>"nobody, except Intel and their partners can review or be sure exactly what they are doing"
1. We can run a couple of other machines with packet sniffers on the network and see if the machine with the broken IME is attempting to communicate with Intel or with anyone else on the network. I assume some folks have already done that to their satisfaction that it is not able to communicate, or it seems we would have already heard about it.
2. If it's not able to communicate on the network then another possibility is that the broken IME could be giving backdoor access to a government spy if they had physical access to your machine. But of course, if a government spy has physical access to the machine there's many other ways they could take your data or become the super user, so with or without a possibly backdoor-able broken IME they would get what they want anyway.
3. It's possible that the broken IME is some kind of super-hacking tool that combines the power of Gimp and Caja to create a super cryptominer, or to encrypt all your files as a ransomeware, or something of this nature. Once again, this one is unlikely as it would have been noticed and written about already.
So my ratings:
1. Unlikely - we should have heard about it already
2. Possible, but may or may not significantly change your security behavior (i.e., try not to let government spies (or evil hotel maids that are actually government spies in disguise)) get physical access to your machine)
3. Unlikely - we should have heard about it already
There could be other possibilities beyond the most obvious ones I've thought through here.
PostScript +
>"Coreboot with disabled or neutered IME is impressive."
We now have one vote for "impressive" and one vote for "not very impressive".
As I think through this, I'm a bit more in agreement with jxself that it isn't so impressive - instead, corebooting and breaking the IME is the MINIMUM we should require from companies that design and sell new Intel cpu machines for GNU/Linux. Companies like Dell and HP and Lenovo that don't even do this bare minimum with the new Intel cpu GNU/Linux laptops they sell should be shunned as dishonorable.
Hey Andy,
> 1. We can run a couple of other machines with packet sniffers on the network and see if the machine with the broken IME is attempting to communicate with Intel or with anyone else on the network. I assume some folks have already done that to their satisfaction that it is not able to communicate, or it seems we would have already heard about it.
> 2. If it's not able to communicate on the network then another possibility is that the broken IME could be giving backdoor access to a government spy if they had physical access to your machine. But of course, if a government spy has physical access to the machine there's many other ways they could take your data or become the super user, so with or without a possibly backdoor-able broken IME they would get what they want anyway.
We can argue that having an isolated ram/rom from the rest of the system can hide some info which are transmitted later when the data can be hide.
Something like "if there are normal data send using network then send evil stuff to headquarters"...
Seriously though, some researchers said that they also used physical metrics to check that IME doesn't perform malicious tasks. They even got as far as saying that not having the source code is not important and that these method is also legit[1]! Other scientists don't agree though[2].
To my knowledge there isn't an audit of the neutered ME.
For me the issue is that some private company forces us to have non-free software or else they don't let our computer equipment to boot [even with ME neutered]. As well as a privacy concern it is a matter of democracy and liberty.
> 3. It's possible that the broken IME is some kind of super-hacking tool that combines the power of Gimp and Caja to create a super cryptominer, or to encrypt all your files as a ransomeware, or something of this nature. Once again, this one is unlikely as it would have been noticed and written about already.
IME is completely separate from the main computer, both from hardware and software. Nobody outside Intel and Co can really notice anything, because nobody else knows what the heck this thing really does.
[1] https://media.ccc.de/v/34c3-8782-intel_me_myths_and_reality
[2] https://blog.invisiblethings.org/2015/10/27/x86_harmful.html
P.S. The cow looks way more suspicious to plot with Intel than Gimp and Caja :)
>"For me the issue is that some private company forces us to have non-free software or else they don't let our computer equipment to boot [even with ME neutered]. As well as a privacy concern it is a matter of democracy and liberty."
You already have non-free code in the cpu microcode. Also, there's apparently non-free code in various other components of our computers, from my understanding. I think the question is if a) is it doing anything (hopefully not in the case of IME if it is broken); and b) can we keep it from upgrading itself? (probably yes in the case of IME, by breaking it).
The document you referenced in argument against IME seems to have been written prior to 2015 and prior to successful attempts at disabling IME. Keep in mind, what system76 is claiming is complete disabling of IME.
>You already have non-free code in the cpu microcode.
This is really well discussed in this forum. I hear this argument, but I also don't mix it with IME situation.
>The document you referenced in argument against IME
Yes I said that it was talking about IME not disabled IME. I apologize if that wasn't clear.
For the rest I just need some more concrete evidence.
>"For the rest I just need some more concrete evidence."
I'm thinking about getting one of these for a project at work, so if I get one we'll have to figure out different ways to test out the IME and other aspects. If I get it I'll also be highly interested to see if Trisquel runs well on it, or if there's any trouble because of it using such new components. From what I can figure out so far it should run Trisquel just fine.
I am also extremely interested in this. Please continue post your findings or contact me using xmpp or e-mail to my username at totsipaki.net
> 1. We can run a couple of other machines with packet sniffers on the network and see if the machine with the broken IME is attempting to communicate with Intel or with anyone else on the network. I assume some folks have already done that to their satisfaction that it is not able to communicate, or it seems we would have already heard about it.
I have read some slides that present me_cleaner. In there, the argument to say that the IME is then harmless was rather short and not terribly clear, so I wonder whether there was any serious testing actually.
Are you aware of some reference of people doing testing of that, with some detailed explanation of what they tested? I'd be curious to see what people tested exactly. Not seeing any communication in a number of conditions is not the same as not being able to communicate. The communication could have triggers that were never hit in the testing and it may not be that easy to identify.
>"Are you aware of some reference of people doing testing of that, with some detailed explanation of what they tested?"
No, I just assumed that after all this time of people attempting to disable IME that we would have heard about it if a broken IME was still communicating over the network. But you are right, it could be a very rare instance that people are missing. I wonder if there is a way to thoroughly test for it. That would be a good use of this laptop in its down hours if I do get one at work. And that would be a legitimate use of it, as the company is certainly wanting to proactively find security vulnerabilities.
> The communication could have triggers that were never hit in the testing and it may not be that easy to identify.
I agree. Intel ME could be silently listening to LAN traffic and e.g. only respond to some previously chosen magic number.
Such magic number would likely be a cryptographically-secure one that cannot be "guessed".
For these reasons it seems black-box testing is not very useful here. Having RE'd the code could be a basis for deciding it does not contain a backdoor, I again agree. But none of us has the resources to perform this. Positive Technologies and maybe others claim to have RE'd Intel ME's code but can we be sure it's the same version of ME that we have? And even if so — why should we trust their word?
Edit: I'm editing out my prior response because it was overly harsh and because I'm not an expert on IME or broken IME.
Thank you for that comment @koszkonutek. I wrote an earlier response which I've edited out because what I wrote was snarky and rude. I do not know enough about IME or disabled IME to know what it is capable of, I can only make poorly informed guesses.
So in the end, I hope if I do get to use one of these system76 laptops, that you will help me figure out ways to test to see if the broken IME appears to be active in any way.
I agree with koszkonutek and Avron.
Furthermore, is is impossible to compete with the huge funding and research resources of Intel. Even if someone finds a way to prove that IME is disabled, this most probably won't apply to all situations and computer environments.
Another subject is that it is way worse to trust something you shouldn't. I imagine that if Intel wanted to make me_cleaner obsolete then it would make removing files impossible.
For example in the "Why does it work? Aren't the partitions signed? How can you modify them?" there is the following reference:
> Luckily for us, Intel ME doesn't check all the hashes at once, but only when it needs to execute them.
I find this too convenient.
In philosophical terms: "trust may not be the sort of attitude that one can will oneself to have without any evidence of a person’s trustworthiness". So we can trust something we can view and modify. Right now for x86, this is GNU-Boot (and post-blobs Libreboot).
Now, speaking exclusively for security, the suggestion for an "one for all uses secure laptop" is problematic.
I do not suggest to anyone to give her/his freedom away, but if security is a life or death matter (i.e. activists, whistleblowers etc), then it is way better to have a "whatever laptop" for everyday stuff AND an 100% free software/hardware one, that can be absolutely audited, for the things that must be kept private.
Why it also crucial to choose the "whatever laptop" based on freedom is another topic which I analyze here .
PS: My ongoing effort to collect ME related stuff: https://totsipaki.net/shaarli/?searchtags=IntelME+
https://novacustom.com/product/nv41-series/
jx, can you list all
objections you have
againt the novacustom NV41 14 inch?
The better question to me would be whether the network stack part of the intel me disabled.
There is no way intel me can be totally gone on newer intel processors beyond sandy bridge.
But even having the network stack part disabled would be a blessing to be sure.
I think that's what the me cleaner does supposedly.
Although, I recall that if you are an OEM, you have more power over intel me than a regular user and can keep it disabled.
Privacy is a possible goal on those newer computers. Freedom as the FSF speaks of, is not possible on those.
System76 uses the HECI method for disabling IME, which is described by NovaCustom as incomplete[1]:
>"There are two methods to disable Intel ME on a laptop. The first method is the HECI (soft-disabling) method. Mainly proprietary firmware suppliers use this way of ME disabling for laptops like Dell and HP. It is an official method to disable Intel ME that’s not fully trusted by the community. The HECI method only partially disables Intel ME, leaving some functionality still active."
NovaCustom uses a different method of disabling IME by setting the "HAP bit". The HAP bit is a kill switch that is one of the main methods used by me_cleaner to completely turn off IME. NovaCustom describes HAP bit as follows[1]:
>"The second method is the HAP disabling method, which involves disabling a bit that acts like a kill-switch. This method has gained popularity in recent years, and for good reason. The HAP disabling method is considered more secure because it’s a hard-disable method that completely turns off Intel ME. The open source community has tested and verified this method of ME disabling, making it a trusted and reliable way to disable Intel ME."
me_cleaner gives more information on HAP bit disabling on this page: https://github.com/corna/me_cleaner/wiki/HAP-AltMeDisable-bit
[1] NovaCustom's IME disabling page, describing their use of the Dasharo coreboot function to flip the HAP bit to disable IME: https://novacustom.com/intel-me-disabling-feature/
My only gripe with novacustom is a very silly one to most probably. There isn't a trackpoint option. It's a shame, but not a huge deal. A lot of vendors don't have that option on their keyboards either. All in all, novacustom is probably on the top tier of newer computers, till Risc-V, Microwatt or better yet Libre-Soc become more viable options.
Until then, having the hap bit set is the best option if you want something that isn't before 2012 and/or still has no privacy threat via intel me malware. Instead of intel me management.
:D
>"My only gripe with novacustom is a very silly one to most probably. There isn't a trackpoint option."
Well, NovaCustom and System76 are both just buying their physical laptops from a company called Clevo, which makes laptops for lots of other customers. I feel very lucky that they even have an Ethernet port, as most laptop makers stopped including that long ago. Also full-sized HDMI, which is getting more rare these days.
Yes, that's why I said I felt like it would be considered silly. And really, I don't blame anyone on this, its a personal pet peeve that I wish I didn't have.
But meh, oh well.
Good that what they have is even an option.
Any step they can take is appreciated. People can talk about how a Libreboot/Canoeboot/GNU Boot system or a Talos II is better for being even more free than a System76 system would be but at the end of the day for many users this presents something that can meet needs while being more free than other alternatives. Facts are that if you need a more powerful GPU than a GTX 780 Ti on Nouveau or the Intel GMA on a Lenovo than using a Coreboot system like this provides you with a way to stay on the libre kernel while using your system the way you need to use it.
I wonder if the WiFi card could be replaced with something with an Atheros chip. Can you do that with modern laptops, or only with older Thinkpads?
"I wonder if the WiFi card could be replaced with something with an Atheros chip. Can you do that with modern laptops, or only with older Thinkpads?"
It's pretty likely they can. On the off chance they weren't NovaCustom makes a Coreboot laptop that they offer a blob free wifi chip on:
It appears that the wifi card can be changed out for an Atheros card that runs with the libre drivers. It's a standard M.2 2230 card with PCIe and USB interfaces (E-key). According to some prior posts on this forum, the AR5B95, AR5BXB92, and AR5BHB92 are all Atheros cards that will work. I see that the AR5B95 is available new on eBay.
I'm reading more about this - system76 is not using ME Cleaner to reduce the firmware size per @nparafe's post above.
Instead what they are doing is send a Host Embedded Controller Interface ("HECI") command to tell the Intel ME to disable runtime components during early boot.[1]
Per their instructions, "The IME can be enabled or disabled via the coreboot CMOS option me_state. The value can be set using coreboot's nvramtool."
What system76 was telling me in their recent email is that this technique did not work with suspend on Intel's 11th and 12th generation CPU's, but it now works with suspend with Intel's newer 13th generation CPU's. So system76 was shipping their laptops with IME enabled by default for Intel generations 11 & 12, but now with Intel generation 13 system76 is shipping with IME disabled by default.
The user has been able to disable or to enable the IME state via the coreboot CMOS option me_state with 11th, 12th and 13th generation CPUs (and some generations prior), using coreboot's nvramtool followed by a restart:
make -C coreboot/util/nvramtool
sudo ./coreboot/util/nvramtool/nvramtool -w me_state={Enable,Disable}
sudo reboot
The cbmem package can be used to check the IME state:
make -C coreboot/util/cbmem
sudo ./coreboot/util/cbmem/cbmem -c
Depending on whether the IME is disabled or enabled you will get different cbmem codes:
When disabled it will report:
ME: Current Working State : 4
ME: Current Operation State : 1
ME: Current Operation Mode : 3
ME: Error Code : 2
When enabled it will report:
ME: Current Working State : 5
ME: Current Operation State : 1
ME: Current Operation Mode : 0
ME: Error Code : 0
This is not a new technique - system76 claims to have used it for several years, and Dell was selling systems to select commercial customers with IME disabled by default starting several years prior to 2017. [2]
I do not know if this technique is truly disabling IME, or if it allows the IME to continue to run processes prior to receiving the HECI command during early boot. I'd be interested in reading more about the pro's and con's of this type of IME disabling if anyone has a source they can cite.
[1] https://github.com/system76/firmware-open/blob/master/docs/intel-me.md
[2] https://www.extremetech.com/computing/260219-dell-sells-pcs-without-intel-management-engine-tradeoffs
I'm going through the laptop options from NovaCustom as recommended by @PublicLewdness earlier in this thread, and these look like the better option. NovaCustom disables IME through the HAP disabling method, which from my reading now appears to be the superior method of disabling IME.[1]
HAP disabling is done by setting the HAP (Intel ME >= 11) or the AltMeDisable (Intel ME < 11) bit in the flash descriptor.[2]
Apparently the IME disabling for NovaCustom's laptops is done through the Dasharo coreboot firmware.
Also they do offer the blob-free Atheros wifi chip built in for nearly the same price as purchasing it on eBay. So all in all, this does look like the superior laptop from a perspective of IME cleaning and of wifi. And I like their prices. I might go with the NovaCustom laptop instead of system76.
[1] https://configurelaptop.eu/intel-me-disabling-feature/
[2] https://github.com/corna/me_cleaner/wiki/HAP-AltMeDisable-bit