While I am unsure if switchting to Linux for ME is a good solution, open sourcing whatever runs ME is a very important step towards user/customer security. And that is not because we all want to know intels secrets about 'how to make the fastest CPU' but because ME can change the product on a fundamental level while we use the product.
The reason I doubt that Linux is a good solution is that linux wasn't built to run somewhere deep inside a cpu with very little overhead. Surely, it can run nearly everywhere, I just doubt that it is the best choice for that job.
Just to be clear: I love Linux, not just for what it is, but also for what it does and use it every day since more than a decade.
> While I am unsure if switchting to Linux for ME is a good solution
FWIW, this is NOT at all the goal of the NERF project that this zdnet article talks about. So what the idea is roughly:
- Remove or disable the ME as much as possible (impossible to do 100% since e.g. the ME is responsible for booting up the main CPU, but it appears you can remove a large part of it)
- Replace the upper levels of the UEFI firmware stack and the bootloader with Linux + a minimal userspace written in Go (u-root).
Linux has actually run on a Motorola 68k for quite some time (late 90's I think?)- what makes this special is its a 68008, which is a 68000, with an 8 bit data bus.
A shrunk version of Linux can run on 8088 CPUs too.
https://github.com/jbruchon/elks
But the problem here isn't to put this or that OS in place of Minix but rather to get rid of that completely for good. Different licensing also wouldn't help at all: behind those people are the ones who actually write the laws; it would require 10 minutes of their time to make an exception for terrorism or child porn motivated surveillance.
The reason I doubt that Linux is a good solution is that linux wasn't built to run somewhere deep inside a cpu with very little overhead. Surely, it can run nearly everywhere, I just doubt that it is the best choice for that job.
Just to be clear: I love Linux, not just for what it is, but also for what it does and use it every day since more than a decade.