diff options
author | Francis Rowe <info@gluglug.org.uk> | 2015-07-28 07:42:57 (EDT) |
---|---|---|
committer | Francis Rowe <info@gluglug.org.uk> | 2015-07-28 07:42:57 (EDT) |
commit | a21049e02d7db9acc9c929cc17e50cb2c0e51353 (patch) | |
tree | 368c2fe200aa6b5926d81a8e44db5b72202fee5d | |
parent | 66cc4a917eeb021713dd3bb361fe44f1525eb3ce (diff) | |
download | libreboot.org-a21049e02d7db9acc9c929cc17e50cb2c0e51353.zip libreboot.org-a21049e02d7db9acc9c929cc17e50cb2c0e51353.tar.gz libreboot.org-a21049e02d7db9acc9c929cc17e50cb2c0e51353.tar.bz2 |
FAQ: more info about the Intel Management Engine
-rw-r--r-- | site/faq/index.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/site/faq/index.php b/site/faq/index.php index dc08b80..88e5e95 100644 --- a/site/faq/index.php +++ b/site/faq/index.php @@ -108,10 +108,14 @@ on <a href="http://rtos.com/products/threadx/ARC">ThreadX RTOS</a>, which is an embedded operating system designed specifically for those chips. Manufacturers (not just Intel) can pay for a (proprietary) license providing access to the source code, but they are not allowed to share it with anyone. In other words, even - if Intel wanted to release the source code for this blob, they could not do so. + if Intel wanted to release the source code for this blob, they could not do so. Even if they did, the ME + firmware is cryptographically signed, where the signature is verified at boot time. If you try to use your own modified + version of the ME firmware, it will be rejected by the ARC processor and your system will not boot. In other words, + the ME firmware is <i>tivoized</i>. </p> <p> The Management Engine is a giant backdoor, allowing full access to your entire system for malicious adversaries. + The libreboot project strongly recommends that you avoid it. </p> <h3>CPU microcode updates</h3> <p> |