*"The ME code to start the platform is in (on-chip) ROM and a failed signature c... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Animats on Sept 13, 2016 | parent | context | favorite | on: Experiments with disabling the ME on Sandybridge x...

"The ME code to start the platform is in (on-chip) ROM and a failed signature check of the (compressed with AFAIK still unknown codebook) ME code in flash just means that the ME considers the system broken and allows it to run for a little while so that a human can repair it."

So 1) will the system stay up with the ME software erased, 2) what's the ROM component doing besides managing the boot, and 3) what access does it take to alter the ME's firmware?

yuhong on Sept 13, 2016 [–]

The ME firmware is signed by Intel I think.

yellowapple on Sept 14, 2016 | [–]

So compromise their signing keys and we have a wide-open door to neutralizing (and/or replacing) ME, right?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact