From 8df313c4d6607181576471e08d7e909c9c0f33e9 Mon Sep 17 00:00:00 2001 From: Francis Rowe Date: Mon, 11 Aug 2014 09:00:00 -0400 Subject: Libreboot release 6 beta 5. - build: added 'luks', 'lvm', 'cmosdump' and 'cmostest' to the list of modules for grub.elf - Documentation: added pics showing T60 unbricking (still need to write a tutorial) - build: include cmos.layout (coreboot/src/mainboard/manufacturer/model/cmos.layout) files in libreboot_bin - Documentation: added ../docs/howtos/x60tablet_unbrick.html - Documentation: added ../docs/howtos/t60_unbrick.html - Documentation: added ../docs/howtos/t60_lcd_15.html - Documentation: added ../docs/howtos/t60_security.html - Documentation: added ../docs/howtos/t60_heatsink.html - Documentation: Renamed RELEASE.html to release.html - Documentation: removed pcmcia reference in x60_security.html (it's cardbus) - Documentation: added preliminary information about randomized seal (for physical intrusion detection) in x60_security.html and t60_security.html - Documentation: added preliminary information about preventing/mitigating cold-boot attack in x60_security.html and t60_security.html - Documentation: added info to ../docs/index.html#macbook21 warning about issues with macbook21 - Documentation: X60/T60: added information about checking custom ROM's using dd to see whether or not the top 64K region is duplicated below top or not. Advise caution about this in the tutorial that deals with flashing on top of Lenovo BIOS, citing the correct dd commands necessary if it is confirmed that the ROM has not been applied with dd yet. (in the case that the user compiled their own ROM's from libreboot, without using the build scripts, or if they forgot to use dd, etc). - Split resources/libreboot/patch/gitdiff into separate patch files (getcb script updated to accomodate this change). - Re-added .git files to bucts - Fixed the oversight where macbook21_firstflash wasn't included in binary archives --- (limited to 'docs/howtos') diff --git a/docs/howtos/t60_dev/.htaccess b/docs/howtos/t60_dev/.htaccess new file mode 100644 index 0000000..75da674 --- /dev/null +++ b/docs/howtos/t60_dev/.htaccess @@ -0,0 +1,2 @@ +Options +Indexes +IndexOptions FancyIndexing FoldersFirst NameWidth=* DescriptionWidth=* diff --git a/docs/howtos/t60_dev/0001.JPG b/docs/howtos/t60_dev/0001.JPG new file mode 100644 index 0000000..84d2f4f --- /dev/null +++ b/docs/howtos/t60_dev/0001.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0002.JPG b/docs/howtos/t60_dev/0002.JPG new file mode 100644 index 0000000..5f8ead5 --- /dev/null +++ b/docs/howtos/t60_dev/0002.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0003.JPG b/docs/howtos/t60_dev/0003.JPG new file mode 100644 index 0000000..4b0826f --- /dev/null +++ b/docs/howtos/t60_dev/0003.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0004.JPG b/docs/howtos/t60_dev/0004.JPG new file mode 100644 index 0000000..42d9086 --- /dev/null +++ b/docs/howtos/t60_dev/0004.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0005.JPG b/docs/howtos/t60_dev/0005.JPG new file mode 100644 index 0000000..8e9bce3 --- /dev/null +++ b/docs/howtos/t60_dev/0005.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0006.JPG b/docs/howtos/t60_dev/0006.JPG new file mode 100644 index 0000000..6371b46 --- /dev/null +++ b/docs/howtos/t60_dev/0006.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0007.JPG b/docs/howtos/t60_dev/0007.JPG new file mode 100644 index 0000000..cedc9d9 --- /dev/null +++ b/docs/howtos/t60_dev/0007.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0008.JPG b/docs/howtos/t60_dev/0008.JPG new file mode 100644 index 0000000..bec57a1 --- /dev/null +++ b/docs/howtos/t60_dev/0008.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0009.JPG b/docs/howtos/t60_dev/0009.JPG new file mode 100644 index 0000000..aeeda57 --- /dev/null +++ b/docs/howtos/t60_dev/0009.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0010.JPG b/docs/howtos/t60_dev/0010.JPG new file mode 100644 index 0000000..c776171 --- /dev/null +++ b/docs/howtos/t60_dev/0010.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0011.JPG b/docs/howtos/t60_dev/0011.JPG new file mode 100644 index 0000000..24cb443 --- /dev/null +++ b/docs/howtos/t60_dev/0011.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0012.JPG b/docs/howtos/t60_dev/0012.JPG new file mode 100644 index 0000000..c719958 --- /dev/null +++ b/docs/howtos/t60_dev/0012.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0013.JPG b/docs/howtos/t60_dev/0013.JPG new file mode 100644 index 0000000..b8ed7ee --- /dev/null +++ b/docs/howtos/t60_dev/0013.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0014.JPG b/docs/howtos/t60_dev/0014.JPG new file mode 100644 index 0000000..5160dc3 --- /dev/null +++ b/docs/howtos/t60_dev/0014.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0015.JPG b/docs/howtos/t60_dev/0015.JPG new file mode 100644 index 0000000..0c1fd18 --- /dev/null +++ b/docs/howtos/t60_dev/0015.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0016.JPG b/docs/howtos/t60_dev/0016.JPG new file mode 100644 index 0000000..c698be2 --- /dev/null +++ b/docs/howtos/t60_dev/0016.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0017.JPG b/docs/howtos/t60_dev/0017.JPG new file mode 100644 index 0000000..652a66e --- /dev/null +++ b/docs/howtos/t60_dev/0017.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0018.JPG b/docs/howtos/t60_dev/0018.JPG new file mode 100644 index 0000000..cf43067 --- /dev/null +++ b/docs/howtos/t60_dev/0018.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0019.JPG b/docs/howtos/t60_dev/0019.JPG new file mode 100644 index 0000000..a75f68a --- /dev/null +++ b/docs/howtos/t60_dev/0019.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0020.JPG b/docs/howtos/t60_dev/0020.JPG new file mode 100644 index 0000000..0c4f7db --- /dev/null +++ b/docs/howtos/t60_dev/0020.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0021.JPG b/docs/howtos/t60_dev/0021.JPG new file mode 100644 index 0000000..c7d5757 --- /dev/null +++ b/docs/howtos/t60_dev/0021.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0022.JPG b/docs/howtos/t60_dev/0022.JPG new file mode 100644 index 0000000..5971da2 --- /dev/null +++ b/docs/howtos/t60_dev/0022.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0023.JPG b/docs/howtos/t60_dev/0023.JPG new file mode 100644 index 0000000..99f67c3 --- /dev/null +++ b/docs/howtos/t60_dev/0023.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0024.JPG b/docs/howtos/t60_dev/0024.JPG new file mode 100644 index 0000000..f89b537 --- /dev/null +++ b/docs/howtos/t60_dev/0024.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0025.JPG b/docs/howtos/t60_dev/0025.JPG new file mode 100644 index 0000000..d6b180e --- /dev/null +++ b/docs/howtos/t60_dev/0025.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0026.JPG b/docs/howtos/t60_dev/0026.JPG new file mode 100644 index 0000000..c8f3299 --- /dev/null +++ b/docs/howtos/t60_dev/0026.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0027.JPG b/docs/howtos/t60_dev/0027.JPG new file mode 100644 index 0000000..10ab8e0 --- /dev/null +++ b/docs/howtos/t60_dev/0027.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0028.JPG b/docs/howtos/t60_dev/0028.JPG new file mode 100644 index 0000000..64cba1c --- /dev/null +++ b/docs/howtos/t60_dev/0028.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0029.JPG b/docs/howtos/t60_dev/0029.JPG new file mode 100644 index 0000000..960ebdd --- /dev/null +++ b/docs/howtos/t60_dev/0029.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0030.JPG b/docs/howtos/t60_dev/0030.JPG new file mode 100644 index 0000000..046fd00 --- /dev/null +++ b/docs/howtos/t60_dev/0030.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0031.JPG b/docs/howtos/t60_dev/0031.JPG new file mode 100644 index 0000000..870f22b --- /dev/null +++ b/docs/howtos/t60_dev/0031.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0032.JPG b/docs/howtos/t60_dev/0032.JPG new file mode 100644 index 0000000..70ff44a --- /dev/null +++ b/docs/howtos/t60_dev/0032.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0033.JPG b/docs/howtos/t60_dev/0033.JPG new file mode 100644 index 0000000..142ca97 --- /dev/null +++ b/docs/howtos/t60_dev/0033.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0034.JPG b/docs/howtos/t60_dev/0034.JPG new file mode 100644 index 0000000..907192e --- /dev/null +++ b/docs/howtos/t60_dev/0034.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0035.JPG b/docs/howtos/t60_dev/0035.JPG new file mode 100644 index 0000000..bf38c89 --- /dev/null +++ b/docs/howtos/t60_dev/0035.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0036.JPG b/docs/howtos/t60_dev/0036.JPG new file mode 100644 index 0000000..a7e5bdf --- /dev/null +++ b/docs/howtos/t60_dev/0036.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0037.JPG b/docs/howtos/t60_dev/0037.JPG new file mode 100644 index 0000000..ab30c27 --- /dev/null +++ b/docs/howtos/t60_dev/0037.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0038.JPG b/docs/howtos/t60_dev/0038.JPG new file mode 100644 index 0000000..362c547 --- /dev/null +++ b/docs/howtos/t60_dev/0038.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0039.JPG b/docs/howtos/t60_dev/0039.JPG new file mode 100644 index 0000000..224f72e --- /dev/null +++ b/docs/howtos/t60_dev/0039.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0040.JPG b/docs/howtos/t60_dev/0040.JPG new file mode 100644 index 0000000..adcd923 --- /dev/null +++ b/docs/howtos/t60_dev/0040.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0041.JPG b/docs/howtos/t60_dev/0041.JPG new file mode 100644 index 0000000..2a04682 --- /dev/null +++ b/docs/howtos/t60_dev/0041.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0042.JPG b/docs/howtos/t60_dev/0042.JPG new file mode 100644 index 0000000..b5ed8ec --- /dev/null +++ b/docs/howtos/t60_dev/0042.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0043.JPG b/docs/howtos/t60_dev/0043.JPG new file mode 100644 index 0000000..7144a98 --- /dev/null +++ b/docs/howtos/t60_dev/0043.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0044.JPG b/docs/howtos/t60_dev/0044.JPG new file mode 100644 index 0000000..27a24c6 --- /dev/null +++ b/docs/howtos/t60_dev/0044.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0045.JPG b/docs/howtos/t60_dev/0045.JPG new file mode 100644 index 0000000..997b498 --- /dev/null +++ b/docs/howtos/t60_dev/0045.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0046.JPG b/docs/howtos/t60_dev/0046.JPG new file mode 100644 index 0000000..25d6baa --- /dev/null +++ b/docs/howtos/t60_dev/0046.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0047.JPG b/docs/howtos/t60_dev/0047.JPG new file mode 100644 index 0000000..6b57bf3 --- /dev/null +++ b/docs/howtos/t60_dev/0047.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0048.JPG b/docs/howtos/t60_dev/0048.JPG new file mode 100644 index 0000000..7339f07 --- /dev/null +++ b/docs/howtos/t60_dev/0048.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0049.JPG b/docs/howtos/t60_dev/0049.JPG new file mode 100644 index 0000000..cf3a7fd --- /dev/null +++ b/docs/howtos/t60_dev/0049.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0050.JPG b/docs/howtos/t60_dev/0050.JPG new file mode 100644 index 0000000..7de4edd --- /dev/null +++ b/docs/howtos/t60_dev/0050.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0051.JPG b/docs/howtos/t60_dev/0051.JPG new file mode 100644 index 0000000..87c41b3 --- /dev/null +++ b/docs/howtos/t60_dev/0051.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0052.JPG b/docs/howtos/t60_dev/0052.JPG new file mode 100644 index 0000000..4a8e443 --- /dev/null +++ b/docs/howtos/t60_dev/0052.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0053.JPG b/docs/howtos/t60_dev/0053.JPG new file mode 100644 index 0000000..e1044fc --- /dev/null +++ b/docs/howtos/t60_dev/0053.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0054.JPG b/docs/howtos/t60_dev/0054.JPG new file mode 100644 index 0000000..c96c020 --- /dev/null +++ b/docs/howtos/t60_dev/0054.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0055.JPG b/docs/howtos/t60_dev/0055.JPG new file mode 100644 index 0000000..6da87d5 --- /dev/null +++ b/docs/howtos/t60_dev/0055.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0056.JPG b/docs/howtos/t60_dev/0056.JPG new file mode 100644 index 0000000..81a6659 --- /dev/null +++ b/docs/howtos/t60_dev/0056.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0057.JPG b/docs/howtos/t60_dev/0057.JPG new file mode 100644 index 0000000..268fede --- /dev/null +++ b/docs/howtos/t60_dev/0057.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0058.JPG b/docs/howtos/t60_dev/0058.JPG new file mode 100644 index 0000000..bedfb12 --- /dev/null +++ b/docs/howtos/t60_dev/0058.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0059.JPG b/docs/howtos/t60_dev/0059.JPG new file mode 100644 index 0000000..422687c --- /dev/null +++ b/docs/howtos/t60_dev/0059.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0060.JPG b/docs/howtos/t60_dev/0060.JPG new file mode 100644 index 0000000..8743c0d --- /dev/null +++ b/docs/howtos/t60_dev/0060.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0061.JPG b/docs/howtos/t60_dev/0061.JPG new file mode 100644 index 0000000..e05f626 --- /dev/null +++ b/docs/howtos/t60_dev/0061.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0062.JPG b/docs/howtos/t60_dev/0062.JPG new file mode 100644 index 0000000..1fe77a7 --- /dev/null +++ b/docs/howtos/t60_dev/0062.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0063.JPG b/docs/howtos/t60_dev/0063.JPG new file mode 100644 index 0000000..87b7761 --- /dev/null +++ b/docs/howtos/t60_dev/0063.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0064.JPG b/docs/howtos/t60_dev/0064.JPG new file mode 100644 index 0000000..e80189e --- /dev/null +++ b/docs/howtos/t60_dev/0064.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0065.JPG b/docs/howtos/t60_dev/0065.JPG new file mode 100644 index 0000000..4e77a88 --- /dev/null +++ b/docs/howtos/t60_dev/0065.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0066.JPG b/docs/howtos/t60_dev/0066.JPG new file mode 100644 index 0000000..793c0f8 --- /dev/null +++ b/docs/howtos/t60_dev/0066.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0068.JPG b/docs/howtos/t60_dev/0068.JPG new file mode 100644 index 0000000..9f9f299 --- /dev/null +++ b/docs/howtos/t60_dev/0068.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0069.JPG b/docs/howtos/t60_dev/0069.JPG new file mode 100644 index 0000000..98931e6 --- /dev/null +++ b/docs/howtos/t60_dev/0069.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0070.JPG b/docs/howtos/t60_dev/0070.JPG new file mode 100644 index 0000000..09958c3 --- /dev/null +++ b/docs/howtos/t60_dev/0070.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0071.JPG b/docs/howtos/t60_dev/0071.JPG new file mode 100644 index 0000000..104d21e --- /dev/null +++ b/docs/howtos/t60_dev/0071.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0072.JPG b/docs/howtos/t60_dev/0072.JPG new file mode 100644 index 0000000..66c8e3b --- /dev/null +++ b/docs/howtos/t60_dev/0072.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0073.JPG b/docs/howtos/t60_dev/0073.JPG new file mode 100644 index 0000000..5d9b9fa --- /dev/null +++ b/docs/howtos/t60_dev/0073.JPG Binary files differ diff --git a/docs/howtos/t60_dev/0074.JPG b/docs/howtos/t60_dev/0074.JPG new file mode 100644 index 0000000..303264a --- /dev/null +++ b/docs/howtos/t60_dev/0074.JPG Binary files differ diff --git a/docs/howtos/t60_heatsink.html b/docs/howtos/t60_heatsink.html new file mode 100644 index 0000000..d2d52fd --- /dev/null +++ b/docs/howtos/t60_heatsink.html @@ -0,0 +1,126 @@ + + + + + + + + + Libreboot documentation: Unbricking the ThinkPad T60 + + + + +
+

Changing heatsink (or CPU) on the ThinkPad T60

+ +
+ +

Or go back to main index

+ +

Hardware requirements

+ + +

Software requirements

+ + +

Disassembly

+ +

+ Remove those screws and remove the HDD:
+ +

+ +

+ Lift off the palm rest:
+ +

+ +

+ Lift up the keyboard, pull it back a bit, flip it over like that and then disconnect it from the board:
+ +

+ +

+ Gently wedge both sides loose:
+ +

+ +

+ Remove that cable from the position:
+ +

+ +

+ Remove the bezel (sorry forgot to take pics). +

+ +

+ On the CPU (and there is another chip south-east to it, sorry forgot to take pic) + clean off the old thermal paste (rubbing a1ocheal (misspelling intentional. halal internet)) and apply new (Artic Silver 5 is good, others are good too) + you should also clean the heatsink the same way
+ +

+ +

+ This is also an opportunity to change the CPU to another one. For example if you had a Core Duo T2400, you can upgrade it to a better processor + (higher speed, 64-bit support). A Core 2 Duo T7600 was installed here. +

+ +

+ Attach the heatsink and install the screws (also, make sure to install the AC jack as highlighted):
+ +

+ +

+ Reinstall that upper bezel:
+ +

+ +

+ Do that:
+ +

+ +

+ Attach keyboard:
+ +

+ +

+ Place keyboard and (sorry, forgot to take pics) reinstall the palmrest and insert screws on the underside:
+ +

+ +

+ It lives!
+ +

+ +

+ Always stress test ('stress -c 2' and xsensors. below 90C is ok) when replacing cpu paste/heatsink:
+ +

+ +
+ +

+ Copyright © 2014 Francis Rowe, All Rights Reserved.
+ See ../license.html for license conditions. +

+ + + diff --git a/docs/howtos/t60_lcd_15.html b/docs/howtos/t60_lcd_15.html new file mode 100644 index 0000000..b5fbd5f --- /dev/null +++ b/docs/howtos/t60_lcd_15.html @@ -0,0 +1,87 @@ + + + + + + + + + Libreboot documentation: Unbricking the ThinkPad T60 + + + + +
+

Changing the LCD panel on a 15.1" T60

+ +
+ +

Or go back to main index

+ +

Disassembly

+ +

+ Remove those covers and unscrew:
+ +

+ +

+ Gently pry off the front bezel. +

+ +

+ Remove inverter board:
+ +

+ +

+ Disconnect LCD cable:
+ +

+ +

+ Remove the panel:
+ +

+ +

+ Move the rails (left and right side) from the old panel to the new one and then attach LCD cable:
+ +

+ +

+ Insert panel (this one is an LG-Philips LP150E05-A2K1, and there are others. See ../index.html#supported_t60_list):
+ +

+ +

+ Insert new inverter board (see ../index.html#supported_t60_list for what is recommended on your LCD panel):
+ +

+ +

+ Now re-attach the front bezel and put all the screws in. +

+ +

+ It lives!
+ +

+ +
+ +

+ Copyright © 2014 Francis Rowe, All Rights Reserved.
+ See ../license.html for license conditions. +

+ + + diff --git a/docs/howtos/t60_security.html b/docs/howtos/t60_security.html new file mode 100644 index 0000000..0ce3645 --- /dev/null +++ b/docs/howtos/t60_security.html @@ -0,0 +1,431 @@ + + + + + + + + + Libreboot documentation: Security on the ThinkPad T60 + + + + +
+

Security on the ThinkPad T60

+ +
+ +

Or go back to main index

+ +

Table of Contents

+ + +

Hardware requirements

+ + +

Software requirements

+ + +

+ Rationale +

+

+ Most people think of security on the software side: the hardware is important aswell. + Hardware security is useful in particular to journalists (or activists in a given movement) who need absolute privacy in their work. + It is also generally useful to all those that believe security and privacy are inalienable rights. + Security starts with the hardware; crypto and network security come later. +

+

+ Paradoxically, going this far to increase your security also makes you a bigger target. + At the same time, it protects you in the case that someone does attack your machine. + This paradox only exists while few people take adequate steps to protect yourself: it is your duty + to protect yourself, not only for your benefit but to make strong security normal so + that those who do need protection (and claim it) are a smaller target against the masses. +

+

+ Even if there are levels of security beyond your ability (technically, financially and so on) + doing at least something (what you are able to do) is extremely important. + If you use the internet and your computer without protection, attacking you is cheap (some say it is + only a few US cents). If everyone (majority of people) use strong security by default, + it makes attacks more costly and time consuming; in effect, making them disappear. +

+

+ This tutorial deals with reducing the number of devices that have direct memory access that + could communicate with inputs/outputs that could be used to remotely + command the machine (or leak data). +

+ +

Disassembly

+ +

+ Remove those screws and remove the HDD:
+ +

+ +

+ Lift off the palm rest:
+ +

+ +

+ Lift up the keyboard, pull it back a bit, flip it over like that and then disconnect it from the board:
+ +

+ +

+ Gently wedge both sides loose:
+ +

+ +

+ Remove that cable from the position:
+ +

+ +

+ Now remove that bezel. Remove wifi, nvram battery and speaker connector (also remove 56k modem, on the left of wifi):
+
+ Reason: has direct (and very fast) memory access, and could (theoretically) leak data over a side-channel.
+ Wifi: The ath5k/ath9k cards might not have firmware at all. They might safe but could have + access to the computer's RAM trough DMA. If people have an intel + card(most T60's come with Intel wifi by default, until you change it),then that card runs + a non-free firwamre and has access to the computer's RAM trough DMA! So + it's risk-level is very high. +

+ +

+ Remove those screws:
+ +

+ +

+ Disconnect the power jack:
+ +

+ +

+ Remove nvram battery (we will put it back later):
+ +

+ +

+ Disconnect cable (for 56k modem) and disconnect the other cable:
+ +

+ +

+ Disconnect speaker cable:
+ +

+ +

+ Disconnect the other end of the 56k modem cable:
+ +

+ +

+ Make sure you removed it:
+ +

+ +

+ Unscrew those:
+ +

+ +

+ Make sure you removed those:
+ +

+ +

+ Disconnect LCD cable from board:
+ +

+ +

+ Remove those screws then remove the LCD assembly:
+ +

+ +

+ Once again, make sure you removed those:
+ +

+ +

+ Remove the shielding containing the motherboard, then flip it over. Remove these screws, placing them on a steady + surface in the same layout as they were in before you removed them. Also, you should mark each screw hole after removing the + screw (a permanent marker pen will do), this is so that you have a point of reference when re-assembling the machine:
+ + +

+ +

+ Remove microphone (soldering iron not needed. Just wedge it out gently):
+
+ Rationale:
+ Another reason to remove the microphone: If your computer gets[1] compromised, it can + record what you say, and use it to receive data from nearby devices if + they're compromised too. Also, we do not know what the built-in microcode (in the CPU) is doing; it could theoretically + be programmed to accept remote commands from some speaker somewhere (remote security hole). In other words, + the machine could already be compromised from the factory. +

+ +

+ Remove infrared:
+ +

+ +

+ Remove cardbus (it's in a socket, no need to disable. Just remove the port itself):
+
+ Rationale:
+ It has direct memory access and can be used to extract sensitive details (such as LUKS keys). See + 'GoodBIOS' video linked at the end (speaker is Peter Stuge, a coreboot hacker). The video covers X60 + but the same topics apply to T60. +

+ +

+ Before re-installing the upper chassis, remove the speaker:
+
+ Reason: combined with the microphone issue, this could be used to leak data.
+ If your computer gets[1] compromised, it can be used to + transmit data to nearby compromised devices. It's unknown if it can be + turned into a microphone[2].
+ Replacement: headphones/speakers (line-out) or external DAC (USB). +

+ +

+ Remove the wwan:
+
+ Wwan (3d modem): They run proprietary software and have access to the + computer's RAM! So it's like AMT but over the GSM network which is + probably even worse.
+ Replacement: external USB wifi dongle. (or USB wwan/3g dongle; note, this has all the same privacy issues as mobile phones. wwan not recommended). +

+ +

+ This is where the simcard connector is soldered. See notes above about wwan. Remove simcard by removing battery + and then it's accessible (so, remember to do this when you re-assemble. or you could do it now?)
+ +

+ +

+ Put those screws back:
+ +

+ +

+ Put it back into lower chassis:
+ +

+ +

+ Attach LCD and insert screws (also, attach the lcd cable to the board):
+ +

+ +

+ Insert those screws:
+ +

+ +

+ On the CPU (and there is another chip south-east to it, sorry forgot to take pic) + clean off the old thermal paste (rubbing a1ocheal (misspelling intentional. halal internet)) and apply new (Artic Silver 5 is good, others are good too) + you should also clean the heatsink the same way
+ +

+ +

+ Attach the heatsink and install the screws (also, make sure to install the AC jack as highlighted):
+ +

+ +

+ Reinstall that upper bezel:
+ +

+ +

+ Do that:
+ +

+ +

+ Attach keyboard and install nvram battery:
+ +

+ +

+ Place keyboard and (sorry, forgot to take pics) reinstall the palmrest and insert screws on the underside:
+ +

+ +

+ Remove those covers and unscrew:
+ +

+ +

+ Gently pry off the front bezel (sorry, forgot to take pics). +

+ +

+ Remove bluetooth module:
+ +

+ +

+ Re-attach the front bezel and re-insert the screws (sorry, forgot to take pics). +

+ +

+ It lives!
+ +

+ +

+ Always stress test ('stress -c 2' and xsensors. below 90C is ok) when replacing cpu paste/heatsink:
+ +

+ +

+ Not covered yet: +

+ +

+ Go to http://media.ccc.de/browse/congress/2013/30C3_-_5529_-_en_-_saal_2_-_201312271830_-_hardening_hardware_and_choosing_a_goodbios_-_peter_stuge.html + or directly to the video: http://mirror.netcologne.de/CCC/congress/2013/webm/30c3-5529-en-Hardening_hardware_and_choosing_a_goodBIOS_webm.webm. +

+

+ A lot of this tutorial is based on that video. Look towards the second half of the video to see how to do the above. +

+ +

+ Also not covered yet: +

+ + +

+ Extra notes +

+

+ EC: Cannot be removed but can be mitigated: it contains non-free + non-loadable code, but it has no access to the computer's RAM. + It has access to the on-switch of the wifi, bluetooth, modem and some + other power management features. The issue is that it has access to the + keyboard, however if the software security howto (not yet written) is followed correctly, + it won't be able to leak data to a local attacker. It has no network + access but it may still be able to leak data remotely, but that + requires someone to be nearby to recover the data with the help of an + SDR and some directional antennas[3]. +

+ +

+ Risk level +

+ + +

+ References +

+

[1] physical access

+

+ Explain that black hats, TAO, and so on might use a 0day to get in, + and explain that in this case it mitigates what the attacker can do. + Also the TAO do some evaluation before launching an attack: they take + the probability of beeing caught into account, along with the kind of + target. A 0day costs a lot of money, I heard that it was from 100000$ + to 400000$, some other websites had prices 10 times lower but that + but it was probably a typo. So if people increase their security it + makes it more risky and more costly to attack people. +

+

[2] microphone

+

+ It's possible to turn headphones into a microphone, you could try + yourself, however they don't record loud at all. Also intel cards have + the capability to change a connector's function, for instance the + microphone jack can now become a headphone plug, that's called + retasking. There is some support for it in GNU/Linux but it's not very + well known. +

+

[3] Video (CCC)

+

+ 30c3-5356-en-Firmware_Fat_Camp_webm.webm from the 30th CCC. While + their demo is experimental(their hardware also got damaged during the + transport), the spies probably already have that since a long time. + http://berlin.ftp.media.ccc.de/congress/2013/webm/30c3-5356-en-Firmware_Fat_Camp_webm.webm +

+ +
+ +

+ Copyright © 2014 Francis Rowe, All Rights Reserved.
+ See ../license.html for license conditions. +

+ + + diff --git a/docs/howtos/t60_unbrick.html b/docs/howtos/t60_unbrick.html new file mode 100644 index 0000000..9a26212 --- /dev/null +++ b/docs/howtos/t60_unbrick.html @@ -0,0 +1,312 @@ + + + + + + + + + Libreboot documentation: Unbricking the ThinkPad T60 + + + + +
+

Unbricking the ThinkPad T60

+ +
+ +

Or go back to main index

+ +

Table of Contents

+ + +

Hardware requirements

+ + +

Software requirements

+ + +

Brick type 1: bucts not reset.

+

+ You still have Lenovo BIOS, or you had libreboot running and you flashed another ROM; and you had bucts 1 set and + the ROM wasn't dd'd.* or if Lenovo BIOS was present and libreboot wasn't flashed.

+ + In this case, unbricking is easy: reset BUC.TS to 0 by removing that yellow cmos coin (it's a battery) and putting it back after a minute or two:
+

+ + *Those dd commands should be applied to all newly compiled T60 ROM's (the ROM's in libreboot binary archives already have this applied!):
+ dd if=coreboot.rom of=top64k.bin bs=1 skip=$[$(stat -c %s coreboot.rom) - 0x10000] count=64k
+ dd if=coreboot.rom bs=1 skip=$[$(stat -c %s coreboot.rom) - 0x20000] count=64k | hexdump
+ dd if=top64k.bin of=coreboot.rom bs=1 seek=$[$(stat -c %s coreboot.rom) - 0x20000] count=64k conv=notrunc
+ (doing this makes the ROM suitable for use when flashing a machine that still has Lenovo BIOS running, + using those instructions: http://www.coreboot.org/Board:lenovo/x60/Installation. + (it says x60, but instructions for t60 are identical) +

+ +

bad rom (or user error), machine won't boot

+ +

+ In this scenario, you compiled a ROM that had an incorrect configuration, or there is an actual bug preventing your machine from + booting. Or, maybe, you set BUC.TS to 0 and shut down after first flash while Lenovo BIOS was running. In any case, your machine is bricked and will not boot at all. +

+

+ "Unbricking" means flashing a known-good (working) ROM. The problem: you can't boot the machine, making this difficult. In this situation, external hardware (see hardware requirements above) is needed which can flash the SPI chip (where libreboot resides). +

+ +

+ Remove those screws and remove the HDD:
+ +

+ +

+ Lift off the palm rest:
+ +

+ +

+ Lift up the keyboard, pull it back a bit, flip it over like that and then disconnect it from the board:
+ +

+ +

+ Gently wedge both sides loose:
+ +

+ +

+ Remove that cable from the position:
+ +

+ +

+ Now remove that bezel. Remove wifi, nvram battery and speaker connector (also remove 56k modem, on the left of wifi):
+ +

+ +

+ Remove those screws:
+ +

+ +

+ Disconnect the power jack:
+ +

+ +

+ Remove nvram battery:
+ +

+ +

+ Disconnect cable (for 56k modem) and disconnect the other cable:
+ +

+ +

+ Disconnect speaker cable:
+ +

+ +

+ Disconnect the other end of the 56k modem cable:
+ +

+ +

+ Make sure you removed it:
+ +

+ +

+ Unscrew those:
+ +

+ +

+ Make sure you removed those:
+ +

+ +

+ Disconnect LCD cable from board:
+ +

+ +

+ Remove those screws then remove the LCD assembly:
+ +

+ +

+ Once again, make sure you removed those:
+ +

+ +

+ Remove the shielding containing the motherboard, then flip it over. Remove these screws, placing them on a steady + surface in the same layout as they were in before you removed them. Also, you should mark each screw hole after removing the + screw (a permanent marker pen will do), this is so that you have a point of reference when re-assembling the machine:
+ + +

+ +

+ At this point, you should wire up your programmer according to it's documentation. For me, this was (see: "SparkFun cable pin reference"):
+ http://dangerousprototypes.com/docs/Common_Bus_Pirate_cable_pinouts.
+ Correlating with the following information, I was able to wire up my pirate correctly:
+ http://flashrom.org/Bus_Pirate#Connections
+ And by following that advice:
+ http://www.coreboot.org/Board:lenovo/x60/Installation#Howto.
+ (it says X60 but instructions are virtually the same for the T60, with except to physical differences in how to disassemble the machine)
+ Note: that last page says to wire up only those 5 pins (see below) like that: 1, 2, 4, 5, 6.
+ Note: and then, for power it says (on that coreboot.org page) to connect the power jack to the board and connect the + AC adapter (without powering on the board).
+ Note: I ignored that advice, and wired up all 8 pins. And it worked.
+ + Here is the pinout (correlate it with your programmer's documentation):
+ +

+ +

+ Connecting the pomona:
+ +

+ +

+ Connect programmer to 2nd computer:
+ +

+ +

+ Programmer has power:
+ +

+ +

+ Now flash the bricked machine using the 2nd computer. in my case I did:
+ flashrom -p buspirate_spi:dev=/dev/ttyUSB0 -w bin/t60/libreboot_usqwerty.rom
+ Note: there are also other ROM images for T60
+ Note: this is using buspirate as the programmer, so it is flashing the T60, not the 2nd computer!
+ Here's my terminal window on the 2nd computer (also the programmer is active):
+
+ So, you should see the following:
+ -- + 

+			flashrom v0.9.5.2-r1517 on Linux 3.2.0-61-generic (i686), built with libpci 3.1.8, GCC 4.6.3, little endian
+			flashrom is free software, get the source code at http://www.flashrom.org
+
+			Calibrating delay loop... delay loop is unreliable, trying to continue OK.
+			Found Macronix flash chip "MX25L1605" (2048 kB, SPI) on buspirate_spi.
+			Reading old flash chip contents... done.
+			Erasing and writing flash chip... Erase/write done.
+			Verifying flash... VERIFIED. 
+
+ --
+ At the end it says "VERIFIED", which means that the procedure worked. If you see this, it means + that you can put your T60 back together. So let's do that now. +

+ +

+ Put those screws back:
+ +

+ +

+ Put it back into lower chassis:
+ +

+ +

+ Attach LCD and insert screws (also, attach the lcd cable to the board):
+ +

+ +

+ Insert those screws:
+ +

+ +

+ On the CPU (and there is another chip south-east to it, sorry forgot to take pic) + clean off the old thermal paste (rubbing a1ocheal (misspelling intentional. halal internet)) and apply new (Artic Silver 5 is good, others are good too) + you should also clean the heatsink the same way
+ +

+ +

+ Attach the heatsink and install the screws (also, make sure to install the AC jack as highlighted):
+ +

+ +

+ Reinstall that upper bezel:
+ +

+ +

+ Do that:
+ +

+ +

+ Re-attach modem, wifi, (wwan?), and all necessary cables. Sorry, forgot to take pics. Look at previous removal steps to see where they go back to. +

+ +

+ Attach keyboard and install nvram battery:
+ +

+ +

+ Place keyboard and (sorry, forgot to take pics) reinstall the palmrest and insert screws on the underside:
+ +

+ +

+ It lives!
+ +

+ +

+ Always stress test ('stress -c 2' and xsensors. below 90C is ok) when replacing cpu paste/heatsink:
+ +

+ +
+ +

+ Copyright © 2014 Francis Rowe, All Rights Reserved.
+ See ../license.html for license conditions. +

+ + + diff --git a/docs/howtos/x60_security.html b/docs/howtos/x60_security.html index fc631bf..6abda98 100644 --- a/docs/howtos/x60_security.html +++ b/docs/howtos/x60_security.html @@ -42,6 +42,7 @@

Software requirements

@@ -171,12 +172,12 @@ Not covered yet:

Go to http://media.ccc.de/browse/congress/2013/30C3_-_5529_-_en_-_saal_2_-_201312271830_-_hardening_hardware_and_choosing_a_goodbios_-_peter_stuge.html @@ -191,13 +192,25 @@

@@ -226,7 +242,7 @@ Risk level