From 28f81f4c1af196262bad8f388491eb328db70e41 Mon Sep 17 00:00:00 2001
From: P. J. McDermott <pj@pehjota.net>
Date: Sun, 13 Sep 2015 17:45:51 -0400
Subject: FAQ: Rewrite Intel ME section

Explain in greater detail the ME, its introduction and versions, its
hardware architecture, and and its firmware structure and application
modules.
---
diff --git a/site/faq/index.php b/site/faq/index.php
index b445db2..4f11c3e 100644
--- a/site/faq/index.php
+++ b/site/faq/index.php
@@ -119,43 +119,142 @@
 				</p>
 				<h3 id="intelme">Intel Management Engine (ME) <span class="ref">(<a href="#intelme">#intelme</a>)</span></h3>
 					<p>
-						The ME is a separate microcontroller that exists in all Intel systems past the year ~2006, running its own embedded (and proprietary) operating system, referred to as the ME <i>firmware</i> in this article. It provides remote access capabilities,
-						independently from the running operating system on the main CPU, with full access to RAM, and full networking support. <i>With a functioning ME, your system
-						is left wide open for attack. It can also phone home to Intel.</i> It also handles the
-						TPM, AMT (<a href="https://www.fsf.org/blogs/community/active-management-technology">Active Management Technology</a>), <a href="https://mjg59.dreamwidth.org/33981.html">Boot Guard</a> and various <a href="https://defectivebydesign.org/what_is_drm_digital_restrictions_management">DRM</a> mechanisms.
-						The ME also performs some basic hardware initialization and power management, on recent systems.
-					</p>
-					<p>
-						The ME firmware is <i>cryptographically signed</i>, which means that you cannot run a modified version of it. You also can't boot without it.
-						On some older systems (based on ICH8 and ICH9), it's possible to remove the ME <i>firmware</i> and still have a functioning system, where
-						the ME itself is permanently deactivated. For instance, libreboot supports several ICH9 based
-						laptops (e.g. <a href="../docs/install/x200_external.html">Libreboot X200</a> and <a href="../docs/install/t400_external.html">Libreboot T400</a>); see <a href="../docs/hcl/gm45_remove_me.html">../docs/hcl/gm45_remove_me.html</a>.
-						On later systems (basically anything produced since 2010), this is not possible.
-					</p>
-					<p>
-						All modern Intel systems built after around the year 2008/2009 (after ICH9) require this proprietary firmware, and
-						will not boot without it (or will shut down after 30 minutes). Replacing it is impossible, unless you are Intel (only they have the private
-						key, necessary for signing the firmware). The Management Engine is covered on a lot of websites
-						(e.g. <a href="http://me.bios.io/Main_Page">me.bios.io</a>, <a href="http://io.smashthestack.org/me/">smashthestack.org</a>, 
-						the <a href="http://www.coreboot.org/Intel_Management_Engine">coreboot wiki</a>, <a href="https://en.wikipedia.org/wiki/Intel_Active_Management_Technology">wikipedia</a>, <a href="https://www.fsf.org/blogs/community/active-management-technology">FSF blog</a>) and 
-						a book titled <i><a href="https://www.apress.com/9781430265719">Platform Embedded Security Technology Revealed</a></i> (PESTR), published by Apress (ISBN 9781430265719).
-					</p>
-					<p>
-						The Management Engine is an <i>ARC</i> microcontroller. The firmware is based
-						on <a href="http://rtos.com/products/threadx/ARC">ThreadX RTOS</a>, a proprietary embedded operating system.
-						Manufacturers (not just Intel) can pay for a (proprietary) license
-						providing access to the source code, but they are not allowed to share it with anyone. In other words, even
-						if Intel wanted to release the source code for this blob, they could not do so. Even if they did, the ME
-						firmware is cryptographically signed, where the signature is verified at boot time. If you try to use your own modified
-						version of the ME firmware, it will be rejected by the ARC and your system will not boot. In other words,
-						the ME firmware is <i><a href="https://www.gnu.org/proprietary/proprietary-tyrants.html">tivoized</a></i>.
-					</p>
-					<p>
-						<b><i>
-							The Management Engine is a giant backdoor, allowing full access to your entire system for malicious adversaries. You don't have any privacy
-							at all on systems that have this.
-							The libreboot project strongly recommends that you avoid it entirely, and this means avoiding all recent generations of Intel hardware.
-						</i></b>
+						Introduced in June 2006 in Intel's 965 Express Chipset Family of (Graphics and)
+						Memory Controller Hubs, or (G)MCHs, and the ICH8 I/O Controller Family, the
+						Intel Management Engine (ME) is a separate computing environment physically
+						located in the (G)MCH chip.  In Q3 2009, the first generation of Intel Core
+						i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller
+						Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside
+						the PCH chip, which itself replaced the ICH.  Thus, the ME is <em>present on all
+						Intel desktop, mobile (laptop), and server systems since mid 2006</em>.
+					</p>
+					<p>
+						The ME consists of an ARC processor core (replaced with other processor cores in
+						later generations of the ME), code and data caches, a timer, and a secure
+						internal bus to which additional devices are connected, including a cryptography
+						engine, internal ROM and RAM, memory controllers, and a <em>direct memory access
+						(DMA) engine</em> to access the host operating system's memory as well as to
+						reserve a region of protected external memory to supplement the ME's limited
+						internal RAM.  The ME also has <em>network access</em> with its own MAC address
+						through an Intel Gigabit Ethernet Controller.  Its boot program, stored on the
+						internal ROM, loads a firmware "manifest" from the PC's SPI flash chip.  This
+						manifest is <em>signed with a strong cryptographic key</em>, which differs
+						between versions of the ME firmware.  If the manifest isn't signed by a specific
+						Intel key, the boot ROM won't load and execute the firmware and the ME processor
+						core will be halted.
+					</p>
+					<p>
+						The ME firmware is compressed and consists of modules that are listed in the
+						manifest along with secure cryptographic hashes of their contents.  One module
+						is the operating system kernel, which is based on a <em>proprietary real-time
+						operating system (RTOS) kernel</em> called "ThreadX".  The developer, Express
+						Logic, sells licenses and source code for ThreadX.  Customers such as Intel are
+						forbidden from disclosing or sublicensing the ThreadX source code.  Another
+						module is the Dynamic Application Loader (DAL), which consists of a <em>Java
+						virtual machine</em> and set of pre-installed Java classes for cryptography,
+						secure storage, etc.  The DAL module can load and execute additional ME modules
+						from the PC's HDD or SSD.  The ME firmware also includes a number of native
+						application modules within its flash memory space, including Intel Active
+						Management Technology (AMT), an implementation of a Trusted Platform Module
+						(TPM), Intel Boot Guard, and audio and video DRM systems.
+					</p>
+					<p>
+						The <a href="https://www.fsf.org/blogs/community/active-management-technology">
+						Active Management Technology (AMT)</a> application, part of the Intel "vPro"
+						brand, is a Web server and application code that enables remote users to power
+						on, power off, view information about, and otherwise manage the PC.  It can
+						be <em>used remotely even while the PC is powered off</em> (via Wake-on-Lan).
+						Traffic is encrypted using SSL/TLS libraries, but recall that all of the major
+						SSL/TLS implementations have had highly publicized vulnerabilities.  The AMT
+						application itself has <em><a
+						href="https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Known_vulnerabilities_and_exploits">
+						known vulnerabilities</a></em>, which have been exploited to develop rootkits
+						and keyloggers and covertly gain encrypted access to the management features of
+						a PC.  Remember that the ME has full access to the PC's RAM.  This means that an
+						attacker exploiting any of these vulnerabilities may gain access to everything
+						on the PC as it runs: all open files, all running applications, all keys
+						pressed, and more.
+					</p>
+					<p>
+						<a href="https://mjg59.dreamwidth.org/33981.html">Intel Boot Guard</a> is an ME
+						application introduced in Q2 2013 with ME firmware version 9.0 on 4th Generation
+						Intel Core i3/i5/i7 (Haswell) CPUs.  It allows a PC OEM to generate an
+						asymmetric cryptographic keypair, install the public key in the CPU, and prevent
+						the CPU from executing boot firmware that isn't signed with their private key.
+						This means that <em>coreboot and libreboot are impossible to port</em> to such
+						PCs, without the OEM's private signing key.  Note that systems assembled from
+						separately purchased mainboard and CPU parts are unaffected, since the vendor of
+						the mainboard (on which the boot firmware is stored) can't possibly affect the
+						public key stored on the CPU.
+					</p>
+					<p>
+						ME firmware versions 4.0 and later (Intel 4 Series and later chipsets) include
+						an ME application for <em>audio and video <a
+						href="https://defectivebydesign.org/what_is_drm_digital_restrictions_management">
+						DRM</a></em> called "Protected Audio Video Path" (PAVP).  The ME receives from
+						the host operating system an encrypted media stream and encrypted key, decrypts
+						the key, and sends the encrypted media decrypted key to the GPU, which then
+						decrypts the media.  PAVP is also used by another ME application to draw an
+						authentication PIN pad directly onto the screen.  In this usage, the PAVP
+						application directly controls the graphics that appear on the PC's screen in a
+						way that the host OS cannot detect.  ME firmware version 7.0 on PCHs with 2nd
+						Generation Intel Core i3/i5/i7 (Sandy Bridge) CPUs replaces PAVP with a similar
+						DRM application called "Intel Insider".  Like the AMT application, these DRM
+						applications, which in themselves are defective by design, demonstrate the
+						omnipotent capabilities of the ME: this hardware and its proprietary firmware
+						can access and control everything that is in RAM and even <em>everything that is
+						shown on the screen</em>.
+					</p>
+					<p>
+						The Intel Management Engine with its proprietary firmware has complete access to
+						and control over the PC: it can power on or shut down the PC, read all open
+						files, examine all running applications, track all keys pressed and mouse
+						movements, and even capture or display images on the screen.  And it has a
+						network interface that is demonstrably unsecure, which can allow an attacker on
+						the network to inject rootkits that completely compromise the PC and can report
+						to the attacker all activities performed on the PC.  It is a threat to freedom,
+						security, and privacy that can't be ignored.
+					</p>
+					<p>
+						Before version 6.0 (that is, on systems from 2008/2009 and earlier), the ME can
+						be disabled by setting a couple of values in the SPI flash memory.  The ME
+						firmware can then be removed entirely from the flash memory space.  libreboot <a
+						href="../docs/hcl/gm45_remove_me.html">does this</a> on the Intel 4 Series
+						systems that it supports, such as the <a
+						href="../docs/install/x200_external.html">Libreboot X200</a> and <a
+						href="../docs/install/t400_external.html">Libreboot T400</a>.  ME firmware
+						versions 6.0 and later, which are found on all systems with an Intel Core
+						i3/i5/i7 CPU and a PCH, include "ME Ingition" firmware that performs some
+						hardware initialization and power management.  If the ME's boot ROM does not
+						find in the SPI flash memory an ME firmware manifest with a valid Intel
+						signature, the whole PC will shut down after 30 minutes.
+					</p>
+					<p>
+						Due to the signature verification, developing free replacement firmware for the
+						ME is basically impossible.  The only entity capable of replacing the ME
+						firmware is Intel.  As previously stated, the ME firmware includes proprietary
+						code licensed from third parties, so Intel couldn't release the source code even
+						if they wanted to.  And even if they developed completely new ME firmware
+						without third-party proprietary code and released its source code, the ME's boot
+						ROM would reject any modified firmware that isn't signed by Intel.  Thus, the ME
+						firmware is both hopelessly proprietary and "tivoized".
+					</p>
+					<p><strong>
+						In summary, the Intel Management Engine and its applications are a backdoor with
+						total access to and control over the rest of the PC.  The ME is a threat to
+						freedom, security, and privacy, and the libreboot project strongly recommends
+						avoiding it entirely.  Since recent versions of it can't be removed, this means
+						avoiding all recent generations of Intel hardware.
+					</strong></p>
+					<p>
+						More information about the Management Engine can be found on various Web sites,
+						including <a href="http://me.bios.io/Main_Page">me.bios.io</a>, <a
+						href="http://io.smashthestack.org/me/">the smashthestack network</a>, <a
+						href="http://www.coreboot.org/Intel_Management_Engine">coreboot wiki</a>, and <a
+						href="https://en.wikipedia.org/wiki/Intel_Active_Management_Technology">
+						Wikipedia</a>.  The book <em><a href="https://www.apress.com/9781430265719">
+						Platform Embedded Security Technology Revealed</a></em> describes in great
+						detail the ME's hardware architecture and firmware application modules.
 					</p>
 				<h3 id="fsp">Firmware Support Package (FSP) <span class="ref">(<a href="#fsp">#fsp</a>)</span></h3>
 					<p>
--
cgit v0.9.1