me_cleaner
thinkpad-firmware-patches
Our great sponsors
me_cleaner | thinkpad-firmware-patches | |
---|---|---|
97 | 21 | |
4,352 | 218 | |
- | - | |
0.0 | 2.7 | |
over 1 year ago | 2 months ago | |
Python | ||
GNU General Public License v3.0 only | Do What The F*ck You Want To Public License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
me_cleaner
-
Modern CPUs have a backstage cast
"...this is interesting is because POWER9 is basically the first time the public got a real view of how sophisticated the backstage cast actually is of a modern server CPU."
Not quite correct; the OpenSPARC T1 and T2 were publicly released and available by 2008.
https://www.oracle.com/servers/technologies/opensparc.html
"Large parts of this process are handled by vendor-supplied mystery firmware blobs, which may as well be boxes with “???” written in them.
The maintainers of the me_cleaner script likely have the clearest view of what is known.
- What is the most trusted hardware most OpenBSD people would suggest?
-
Let's find our next HW wallet
Your dedicated laptop with disabled Intel ME running OpenBSD might be the gold standard choice for your hardware wallet. Main discussion here.
-
Laptop with deactivated Intel ME running OpenBSD as a hardware wallet for top cryptos
I consider a dedicated laptop with deactivated Intel ME running OpenBSD (maybe from USB flash) can be a much secure alternative to a proprietary hardware wallet connected to your casual multi-purpose laptop.
-
Why I Use Old Hardware
If you are sensitive about the Intel Management Engine, the original Core 2 Duo/Quad systems are the last where it could be fully disabled.
Anything later will forcibly shut down after 30 minutes if (at least a fragment of) Intel's closed & bug-ridden monitoring code is not present.
I ran me_cleaner on a few of these systems, and I do all my finances with them running OpenBSD (usually on q9550s).
Yes, this effort to run old hardware is worth it for me. Below are the bios images that I was able to produce:
-
Ask HN: How to know if laptop enrolled in Intel Management Engine?
What's you're interested in is called Active Management Technology, it's not supported by all boards, but typically if it is there's a bios screen labelled something like "AMT Configuration" where it can be enabled or disabled.
https://virtualizationreview.com/articles/2020/01/13/configu...
Intel ME is its own can of worms and can only be fully disabled by modifying the firmware image, see tools like me_cleaner.
-
How to go about lost ME chip (for Thinkpad t440p)
I understand that for the bottom chip skulls runs me_cleaner described on github on the present chip content -> deleting the parts that are not necessary for starting the boot process. That is why I do not have a good image file for the lower chip as I could not manage to make a good backup of it.
- Minix
-
Google announces official Android support for RISC-V
it's possible to disable intel management engine for all cpu's prior to 2009, and post 2009 you can disable many of the features. Combine this with a motherboard that supports libreboot and blobless boot, and you can LIBRE THE SHIT OUT OF IT WHEEEEeeeee
-
Question about IME
If you asking about the reference in the me_cleaner readme about full network access, this is less to do ME and more how it integrates with other Intel platforms. ME requires network access for platforms like Intel AMT. If your network card does not support enterprise level remote administration feature like AMT, you have nothing to worry about. If you ran ME cleaner, you also have nothing to worry about.
thinkpad-firmware-patches
-
[GUIDE] ThinkPad BIOS: Reading, Patching, and Flashing
"skyra1n" ThinkPad Firmware Patches from digmorepaka's GitHub a list of UEFI patches for ThinkPads, these are the special sauce for adding features to our BIOS. If you have a ThinkPad 30 series device, you do not need to follow this guide for flashing skyra1n, you can flash your BIOS with the internal flashing software.
-
A very strange problem in running WWAN on a thinkpad x1 yoga 3rd gen
https://github.com/digmorepaka/thinkpad-firmware-patches *
-
Using only free software on Thinkpad T480
I'm considering to buy an used T480 which is getting pretty inexpensive these days. I'm planning to buy one and flash its BIOS with the image where Intel ME is neutralized with me_cleaner and wlan whitelist is removed with this patch.
-
X230 NVROM is about full...
Note that I had no such issues with it on my ThinkPad X131e, though I didn't have the TPM enabled at the time. Later, when I did have it enabled, the laptop would beep quite a bit upon boot (but it would still reach the OS) - though this may have been due to the patched BIOS I had installed, which is known to break the TPM.
- Where do I start learning bios modding? I saw people here who create modified bioses for whitelisting issues, advanced menus etc.. How do you start learning this?
What are some alternatives?
UEFITool - UEFI firmware image viewer and editor
coreboot - Mirror of https://review.coreboot.org/coreboot.git. We don't handle Pull Requests.
firmware-open - System76 Open Firmware
t430-coreboot - coreboot rom for thinkpad t430
coreboot - DEPRECATED: coreboot on the w541. See link below.
cadmium - [Moved to: https://github.com/Maccraft123/Cadmium]
thepyphone - Voice and SMS/MMS on a Raspberry Pi 3B+
Remove_IntelME_FPT - A guide for disabling Intel Management Engine using FPT on PCH SPI
1vyrain - LiveUSB Bootable exploit chain to unlock all features of xx30 ThinkPad machines. WiFi Whitelist, Advanced Menu, Overclocking.
universal-android-debloater
amd-sp-glitch - Supplemental material to our paper: "One Glitch to Rule Them All: Fault Injection Attacks Against AMD's Secure Encrypted Virtualization"
Wu10Man - Enable/Disable Windows 10 Automatic Updates