T-dose stand with Libreboot and Replicant hardware

• Previous message (by thread): T-dose stand with Libreboot and Replicant hardware
• Next message (by thread): T-dose stand with Libreboot and Replicant hardware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Op 23-11-15 om 10:47 schreef mkesper:
> Hi Paul,
> 
> Am 2015-11-22 15:22, schrieb Paul van der Vlis:
>> Maybe I will show Intel AMT. That's a dangerous feature in Intel CPU's.
>> You can completely control a machine with it, bypassing the operating
>> system. Even when the machine is "off".
> 
> Great show!
> There is nothing you can do against that one, right 

On some older machines it's possible, e.g. by using libreboot.
But in newer machines it's in the processor itself.

It's not sure you can turn the “provisioning” mechanisms really off.
There are mechanisms to configure devices from remote.

And there are public bugs in it, see e.g. this:
https://support.lenovo.com/us/en/product_security/len_3556

> (short from buying hardware not featuring it)?

How do you know for sure the hardware does not feature it? I do not
trust Intel processors anymore.

And I've heard AMD is also working on something like this (but maybe
better). Some names: SIMFIRE, DASH, DMTF.

But I also think this is unacceptable for many organisations, so maybe
it will open eyes for the dangers of closed hardware. In hardware you
can do everything what you can do in software.

With regards,
Paul van der Vlis.




-- 
Paul van der Vlis Linux systeembeheer Groningen
https://www.vandervlis.nl/

• Previous message (by thread): T-dose stand with Libreboot and Replicant hardware
• Next message (by thread): T-dose stand with Libreboot and Replicant hardware
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]