Hardware Backdoors: Intel Management Engine (good detailed anonymity / privacy threat article)
telegra.phPosted by righttoprivacy in Privacy
I have heard about Intel putting backdoors in their chips. Is there a good alternative? The puri.sm librum computers theoretically wouldn't be safe, since I believe that they use intel chips.
Personally, I've been using older models allowing at least majority neutering of Intel management engine.
coreboot Thinkpads come to mind.
My personal machines are not the "full ME removal", but vast majority partitions, leaving just what is needed to bring up hardware.
Outside this, there are more "modern" options out there from companies, albeit not removed in same way (disabled under HAP bit and others). Some prefer Arm.
But everyone has a different use cases. I want to be able to use Qubes as an option at times, and some older models are not capable of this. T430 (i5-3320M and greater CPU) and later mostly have the right virtualization options for it.
I see UEFI / BIOS being #1 concern along with some network cards that work along with it. Some for AMT.
It is a shame there aren't more options out there.
Viewing a single comment thread. View all comments