thinkpad-firmware-patches
me_cleaner
thinkpad-firmware-patches | me_cleaner | |
---|---|---|
21 | 101 | |
280 | 4,566 | |
- | - | |
6.7 | 0.0 | |
about 2 months ago | 8 months ago | |
Python | ||
Do What The F*ck You Want To Public License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
thinkpad-firmware-patches
-
[GUIDE] ThinkPad BIOS: Reading, Patching, and Flashing
"skyra1n" ThinkPad Firmware Patches from digmorepaka's GitHub a list of UEFI patches for ThinkPads, these are the special sauce for adding features to our BIOS. If you have a ThinkPad 30 series device, you do not need to follow this guide for flashing skyra1n, you can flash your BIOS with the internal flashing software.
- Did a few mods on my T480s
- where to find t480 custom bios?
-
T480 Advice ?
I bios unlocked and enabled the custom undervolt menu on 1.44 bios using a ch341 bios programmer. This way I set the undervolt via the bios rather than throttlestop.
-
Disabling Intel AMT on T460s
-thinkpad-firmware-patches;https://github.com/digmorepaka/thinkpad-firmware-patches
-
t14 gen1 AMD BIOS mod?
Hey guys! Have any one tried this BIOS mod on latest firmware?
-
My new T480s
Here's the link to the uefi patches which are used to unlock the bios. https://github.com/digmorepaka/thinkpad-firmware-patches There's a very short and undetailed guide how to apply the patches to your bios. But just know that you need an external bios programmer like ch341a
-
Snagged a cheap Thinkpad T480 i5-8250U, would love some advice on upgrades and distros
First thing is to verify that the thunderbolt firmware is up to date and that both ports are working. Start here https://pcsupport.lenovo.com/br/en/solutions/ht508988. Then, if you want, you can buy these two and use these equipment (Ams1117 3.3v ) > aliexpress.com/item/32838236408.html with my ch341a > aliexpress.com/item/32841448145.html to make the bios mod (this will work for cards of wifi better wifi 6 and hackintosh) the patches are here (https://github.com/digmorepaka/thinkpad-firmware-patches), (it is possible to clean the intel ME) too, if you can't do it, don't risk it, ask help here in the community. I suggest backing up your bios and also the thunderbolt bios. Here is another topic from a colleague in the community and in it there is a pdf of mine where to check the cfg-lock to enable or disable.
-
Thinkpad T480S Bios Error 1802: Unauthorized network card stops bios post
You can try flash this bios mod to remove the whitelist. https://github.com/digmorepaka/thinkpad-firmware-patches
-
Lenovo Expects 30+ Platforms With Linux Support This Year
Pretty sure the whitelist for wifi is long gone, if not, there's always patches. Not for newbs admittedly.
me_cleaner
-
When power cycling your (x86) server isn't enough to recover it
No, I actually uploaded the firmware images here:
https://github.com/corna/me_cleaner/issues/233
- Intel ME Cleaner
- How to verify boot firmware integrity if you prioritize neutralizing Intel ME?
-
Power issue with my X250. Time to upgrade? (more info in comments)
Some times Intel version of Lenovo have a problem with Intel ME , check this out. LINK
-
System76's Coreboot Open Firmware Manages to Disable Intel Me for Raptor Lake
Yes; there are several ways, depending heavily on the version, and ranging from most trustworthy to least trustworthy:
* By patching the ME firmware itself - see the me_cleaner project, and methods documented here: https://puri.sm/posts/deep-dive-into-intel-me-disablement/ . This is Pretty Reliable; the runtime code has been deleted from flash.
* By setting a bit in the flash configuration, assumed to be added for the US High Assurance program: https://github.com/corna/me_cleaner/wiki/HAP-AltMeDisable-bi... , https://www.ptsecurity.com/ww-en/analytics/disabling-intel-m... . This is Mostly Reliable; the mechanism has been fairly aggressively reverse engineered and was added for a program with strict requirements.
* By sending an HECI command that says "hey ME, turn off your runtime" https://review.coreboot.org/c/coreboot/+/52800 . This is Somewhat Reliable; the method is well understood and seems to work but I'm not sure someone has done a deep dive audit into whether it could be re-enabled somehow.
-
Modern CPUs have a backstage cast
"...this is interesting is because POWER9 is basically the first time the public got a real view of how sophisticated the backstage cast actually is of a modern server CPU."
Not quite correct; the OpenSPARC T1 and T2 were publicly released and available by 2008.
https://www.oracle.com/servers/technologies/opensparc.html
"Large parts of this process are handled by vendor-supplied mystery firmware blobs, which may as well be boxes with “???” written in them.
The maintainers of the me_cleaner script likely have the clearest view of what is known.
https://github.com/corna/me_cleaner
- What is the most trusted hardware most OpenBSD people would suggest?
-
Let's find our next HW wallet
Your dedicated laptop with disabled Intel ME running OpenBSD might be the gold standard choice for your hardware wallet. Main discussion here.
-
Laptop with deactivated Intel ME running OpenBSD as a hardware wallet for top cryptos
I consider a dedicated laptop with deactivated Intel ME running OpenBSD (maybe from USB flash) can be a much secure alternative to a proprietary hardware wallet connected to your casual multi-purpose laptop.
-
On Intel ME
On a side note, if Intel has made it this hard to disable Intel ME, is the US government happy with this change? It was them who got the HAP bit part working, and I do not see any news suggesting they have another trick to disable Intel ME. Should I just assume that this still works? Has anybody here tried? And does me_cleaner still work (last updated in 2018: https://github.com/corna/me_cleaner)?
What are some alternatives?
UEFITool - UEFI firmware image viewer and editor
firmware-open - System76 Open Firmware