I'm sorry to break it to you, but Coreboot does not protect you from the Intel ME. Coreboot contains a number of binary blobs required to bring up the system, including the ME firmware. The only way to get a true 100% FOSS BIOS is to use Libreboot, which unfortunately works on even fewer systems. The majority of boards will not even boot if the ME firmware is not present and executing, and some of them start up for 30 minutes, then shut down. A few notable exceptions are the Thinkpad x60 and Thinkpad x200 laptops which can survive with the ME-killing Libreboot BIOS.
If you want a system without the ME firmware or any other binary blobs, I think you can get systems with Libreboot pre-installed from https://minifree.org/ or the Gluglug website (if it still exists).
More information: http://me.bios.io/Main_Page https://www.coreboot.org/Intel_Management_Engine https://www.coreboot.org/Binary_situation https://libreboot.org/docs/hcl/gm45_remove_me.html https://libreboot.org/faq/#intelme https://libreboot.org/docs/hcl/index.html#supported_list
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: Who cares?
Date: 2016-02-29 11:48 pm (UTC)If you want a system without the ME firmware or any other binary blobs, I think you can get systems with Libreboot pre-installed from https://minifree.org/ or the Gluglug website (if it still exists).
More information:
http://me.bios.io/Main_Page
https://www.coreboot.org/Intel_Management_Engine
https://www.coreboot.org/Binary_situation
https://libreboot.org/docs/hcl/gm45_remove_me.html
https://libreboot.org/faq/#intelme
https://libreboot.org/docs/hcl/index.html#supported_list