Intel Management Engine

18 respostas [Última entrada]
damidu
Desconectado
Joined: 03/30/2021

I'm answering a question that I had. Globally I was asking my self if I can execute any instructions with a computer. I can do what I like, they know it.

https://en.wikipedia.org/wiki/Intel_Management_Engine

That's really funny because now I have another question. Why people do stupid things with computers? ... Use word, use that, use this. Funny.

And if people think that about my self, I like GNU. It's my choice and I have strong opinions about that.

With intel ME technology I feel a little discouraged.

damidu
Desconectado
Joined: 03/30/2021

I think they know every human on the planet. But yeah, Think about that. It can't be discouraging. If you want to hide something don't do that with a computer. Easy fix. But I maybe wrong.

lanun
Desconectado
Joined: 04/01/2021

> If you want to hide something don't do that with a computer.

I always hide behind my computer when I am reading comics. That is the reason why I need a large monitor.

nadebula.1984
Desconectado
Joined: 05/01/2018

It's not stupid at all. In contrary, it's a very clever way (implementing ME) to control the users.

Anything that is bad for the users is good for the manufacturer. Vice versa.

This is the very foundation of dialectics.

lanun
Desconectado
Joined: 04/01/2021

> This is the very foundation of dialectics.

I don't understand. Where is the contradiction? Where are its primary and secondary aspects?

Let's redefine the problem: users want both freedom and computing power. With ME, they cannot have both, so they have to choose. Intel is fine providing computing power to users, but want their soul in return. Now, there's a nice contradiction for the course of History to gnaw.

lanun
Desconectado
Joined: 04/01/2021

Just to make sure we are talking about the same thing:

"The Marxian process of change through the conflict of opposing forces, whereby a given contradiction is characterized by a primary and a secondary aspect, the secondary succumbing to the primary, which is then transformed into an aspect of a new contradiction."

https://www.thefreedictionary.com/dialectic [3]

damidu
Desconectado
Joined: 03/30/2021

"It's not stupid at all. In contrary, it's a very clever way (implementing ME) to control the users."

I didn't think about that when I posted. I read on wikipedia that it's under the "operating system" level. You can install any os you want, they know it. I don't want to move more because I don't really know. I don't have libreboot machines.

But yeah, if you "deactive" it they will know it... It's an "operating system" under the main os. "GNU/Linux, Windows, BSD, etc.". It can "access" the content in ram, has a networking capability. If you shutdown the machine, it's open, run all the time.

"Intel Management Engine, Explained: The Tiny Computer Inside Your CPU"
https://www.howtogeek.com/334013/intel-management-engine-explained-the-tiny-computer-inside-your-cpu/

For my self, I don't care a lot, but some people can become crazy. It's a blackbox.

Legimet
Desconectado
Joined: 12/10/2013

Have you tried me_cleaner? It's not that difficult of a procedure.

damidu
Desconectado
Joined: 03/30/2021

Thanks for the links. It's very interesting.

Legimet
Desconectado
Joined: 12/10/2013

If you want to know how to do it, I can help. I used a Raspberry Pi, a Pomona SOIC-8 clip, and 6 female to female jumper wires. Of course you can replace the RPi with something freer. me_cleaner removes most of the ME, as much as possible while keeping the computer functional.

SkedarKing
Desconectado
Joined: 11/01/2021

Me cleaner is awesome, got a few comps with a version of coreboot + me cleaner on it.

X230 and T430 + a quad core. :)

damidu
Desconectado
Joined: 03/30/2021

I was looking the Intel website and I found an historical article about the 8086 cpu. I don't want to past the picture but you have a "microcode rom" on the chip. It seem that you can do nothing about that. It's a blackbox. I think it's a 'secret operating system/interface" that's run with the cpu. So yeah... I think you can't hide very much. They know what you with your computer all the time. It's like a "bios software" that is already flashed and come with the cpu.

well, I think I need to learn
https://en.wikipedia.org/wiki/Intel_Microcode

https://en.wikipedia.org/wiki/Microcode

but I'm suspicious.

But thank you for me_cleaner. There are a lot of resources.

https://www.youtube.com/watch?v=wsmHmYxyoxg

https://www.youtube.com/watch?v=3CQUNd3oKBM

jahoti
Desconectado
Joined: 07/31/2021

Microcode is purely a hack to support certain features in the microprocessor without having to implement them in hardware. It is very common in CPUs, regardless of the manufacturer, and still used today (I'm not sure if it's still on a ROM).

While Intel might theoretically have smuggled in- or be smuggling in- nefarious code this way, it's hard to see any reason for that. The 8086 was released in 1978 (https://en.wikipedia.org/wiki/Intel_8086), well before the Internet or encryption was available to the public. What exactly would they have expected to do with a back door?

SkedarKing
Desconectado
Joined: 11/01/2021

I think libreboot devices are a dead end at this point, mostly, until newer tech can be librebooted.

We have two options that might work long term, laptops like mnt reform which have only one harmless blob, or coreboot + intel me disabled, which are way newer, albeit not nearly as libre as libreboot.

Keep in mind, libreboot devices will eventually run out and/or die.

I get why some like Jxself prefer to use libreboot, but I think what is important more, is running a fully free os, without a functional backdoor, meaning it can't do anything dangerous to anyone.

I used to think Parabola had some merit, but I think they may need a larger team, due to having 50k packages...

As for Guix, Trisquel and especially pureos, they fail in my opinion for other reasons. Hyperbola, is the only one I will use, but that being said, its not for anyone who is a newbie who isn't willing to learn.

Thus, I recommend newbies go for Trisquel even though I don't believe its that good, because the worst thing is going back to proprietary garbage like malwaresoft winbugs, especially version 11, crapple whatever version, gaggle croakbooks or anything on that level...

If you don't use those distros but want something that can be free software, depending on its use, devuan or debian and use jxself's repo to install a libre kernel and remove all blobs in general.

Those would be my suggestions, though if these don't sit well with you, feel free to look for other likewise alternatives or better.

I actually think Hyperbola has the better documentation for installation, parabola doesn't say how to install with FDE without encrypting boot for non libreboot devices, last I checked...

Albeit, the guide I found for this on Hyperbola was made by a user in hyperbola's installation part of the forum, it might be on page 2 or three by now and isn't official yet, but I used that guide for a lot of my devices, because typing two passwords into my computer to load it, the same one, is annoying.

;)

Anywho, sorry for the long winded response, peace all, hope this helps somewhat.

damidu
Desconectado
Joined: 03/30/2021

I may be wrong but I think the cpu (processor) has access to all the hardware. At less at the computer memory. You rely on the cpu to do all the things with the computer. The computer can't work without one.

SkedarKing
Desconectado
Joined: 11/01/2021

Well, when I said harmless blob, its not in the cpu, its a lpddr4 blob,

aka, it works with the RAM and has no effect on the processor.

So yeah...

IF you aren't sure about this, wait for the LS1028A proccesor option on mnt reform...

I haven't bought one yet, mostly because I am waiting for the pocket version...

It will be 5.5 inches, which means I can have it with me almost anywhere... :)

Side note btw, the smaller the hardware, the harder it is to make a difficult backdoor, aka one that can't be circumvented...

:)

Legimet
Desconectado
Joined: 12/10/2013

> As for Guix, Trisquel and especially pureos, they fail in my opinion for other reasons

I don't know why you think these are bad distros. Hyperbola may be great for some people but I prefer to have a wider selection of packages including a full-fledged desktop environment, and I don't have any problem with things like systemd, Wayland, pipewire, OpenJDK, etc. since they are all free software. I liked Parabola when I tried it, and the only problem I have with Trisquel is that it is usually two years behind Ubuntu.

SkedarKing
Desconectado
Joined: 11/01/2021

Well, PureOS, some have said has vanilla kernel, but my reason? its the same with trisquel, guix and others,

I don't see the point of all the bloated software,

I know people think free software is the best, but I sometimes wish more distros would ask this question before switching methods from stuff like sysvinit:

Is it bloated, heavy? Or lightweight and minimal...

Most won't agree with this, and I don't expect most people to care anyways,

Whether or not its always true, I have the belief that the more bloated the code, the more difficult it is to fix and to find bugs, OpenBSD devs have a similiar belief.

Systemd, wayland, pipewire, openssl, pulseaudio and openjdk, rust, etc.. all imo have problems when it comes to bloat and cpu usage... and especially dbus.

I am not saying that all distros are bad, as much as I have no interest in them.

If every gnu distro sucked because they absorbed redhat's ideas, then we would be almost completely and compellingly screwed with one soul exception.

Then I would be stuck with OpenBSD which, I guess? I prefer not to do that though at this time though.

I currently have heads bios which would make that tricky...

Btw, heads the gnu/linux distro has the same problem as trisquel only 10x worse and it doesn't even have systemd...

It is heavily outdated! still on the same version it was 3+ years ago. :(

My point being, Trisquel, Guix, Parabola and the optionally free: Devuan, Debian, etc...

even though they fail, which is a darn shame, are still better than most of the really bad copycat distros, ubuntu or debian based ones that try to be hyper beginner friendly. Although the rpm based gnu distros are especially bloated.

The only thing stopping me from switching to Openbsd on that comp is, I am not sure how to completely use OpenBSD for that one, tried once, wasn't ready then too frustrating.

;)

Also not enough documenation for my taste...

Do what you have to do, I just don't think all the bloat does anything except bloat the system.

Also, side note:

If a DE wants to force requirement of a type of software that isn't strictly necessary such as systemd, in the case of GNOME,

that sounds like a bunch of crap.

If a DE does that, you drop it till they are willing to be reasonable.

Or you don't and they take advantage of what you let them do...

that is the reality we live in...

Legimet
Desconectado
Joined: 12/10/2013

> wayland

I don't know anyone can say that Wayland is bloated compared to X.org. Wayland gets rid of a lot of now-unnecessary feaures of X.org. And it is just a protocol, different compositors will implement it differently.

> dbus

I've used GNU/Linux for over 15 years and I've never had issues with dbus using excessive CPU or RAM. Total amount of RAM used by dbus on my system right now is around 5MB.

And there are reasons that people use the rest of the software that you consider bloated. We're not just making our systems bloated for the heck of it. For example, pulseaudio and pipewire have per-application volume control which is a pretty useful feature. And I've never heard pipewire described as bloated.

I don't really care for Java that much, but I use Java software such as pdftk and josm, so I wouldn't want to use a distro that excludes OpenJDK for ideological reasons. And Rust is a systems programming language that helps prevent memory safety bugs, so I would say the added bloat is worth it in some cases.

In general, I don't really have much time to tinker with my system to customize and make it as minimalist as possible. This is why I use Debian, and you will see that there are a lot of experienced GNU/Linux users/developers who use distros that you would consider bloated. RMS uses Trisquel, and Linus Torvalds uses Fedora. I have nothing against more minimalist distros like Hyperbola, but I need more convenience than that.