Home | News | Download | Packages | Forum | Wiki | Github

Critical flaws in some Intel chips


#22

Yes I’ve also seen me_cleaner. Unfortunately it does not seem to work on newer generation (yet) and I’m affraid to break my computer, despite now I just want to throw it through the Window (not the OS) and boycott intel!


#23

There’s an interesting idea.

I know AMD ships with its own technology called PSP. I don’t know much more about it, though. It does not seem to be a hot topic in the free software community like ME is currently. That leads me to believe that it’s not quite as dangerous. The next CPU I purchase may very well be AMD, I’ll have to do some research.


(Erin) #24

Indeed, Big Brother does not ride only the Intel horse.


#25

This is far beyond my understanding but, very interesting reading anyway…


…and maybe some hope…

EDIT: And from the Gentoo wiki…
https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Disabling_the_Intel_Management_Engine
…nothing I would be able to do on my own but…


(Ben Hsu) #26

AMD has their own version of this remote management stuff. Who knows what’s lurking there.

The only thing that doesn’t have all this baggage these days will probably at first come from the ARM or POWER-based systems. As those are going to be running on SoC’s that’s less adulterated with the enterprise-thought fever that caused Intel/AMD to put in the IME/AMT in the first place.


A little off topic but in the interest of free and open computing. I would like to direct your attention to two noteworthy open source projects that can mitigate issues like this in the future. Just as open-source (and to a large extent free software, as in GPL) operating systems gave us the ability to run whatever we want on our computer. These projects provide somewhat of an analog to open source/free CPUs:

  1. RISC-V (https://riscv.org/)
  2. J2/J4 Cores (http://j-core.org/)

Both of these projects are Open Source CPUs for FPGA/ASIC solutions. In the case of RISC-V, there are several vendors that are making dedicated chips using the design.

I bring these up because a truly open source computer would require no hidden, proprietary components that bugs and backdoors can be hidden in. It also necessarily needs to have support for users to upgrade and patch any bugs or vulnerabilities.

J-Core:

The J2 Core is aimed at very low-end, low-RAM, and low resource environments with a MMU-less CPU, but running Linux. You can watch Linux Foundation talk on JCore here: (https://youtu.be/lZGHbMS882w). There are later talks where they demo the J2 Core on a board you can already buy for $50. They are supposed to be making a J4 Core based on the SH4 (with MMU support), etc. The project is in VHDL.

RISC-V:

The RISC-V processor is a family of processors designed in UC Berkley. It is an open source family of processors that are more sophisticated. Some forms are just microprocessors and others can be a full multi-staged pipelined out of order execution CPU like any modern ARM processors. The starting cost of this project is a lot higher. You will need to bring your own FPGA devkit (and some of the reference design costs in the $100 if not $1000s). The project is written in Chisel, which is a domain-specific dialect of Scala.

Both are very worthy efforts if you have the expertise, interesting, or funding to support.

</ digression >


#27

Yes thanks for the info!

I was also thinking about microblaze that is not open source unfortunately. I’m also wondering what kind of performance we can achieve with an FPGA, that is probably poorer than a modern silicium CPU.

Nice to have such of projects anyway! To your lab and let’s get building an open computer :stuck_out_tongue:!


#28

PSP is similar to ME but not quite as bad, most notably for not having a built in network tap, but can still read everything in memory and access any PCI device. Libreboot has a good page on it: https://libreboot.org/faq.html#amd-platform-security-processor-psp

I found this as I was writing this post, there could be hope for AMD:

It may be possible to disable PSP (or suitably neutralise it). This needs to thoughly tested first, just in case it actually is not disabling it…

EDIT: It also looks like its getting worse for Intel…


#29

Saw the same post earlier today. I might be building an AMD workstation for Christmas, this is great news!