[Nottingham] Fwd: Neutralize ME firmware
vadim+NLUG at mankevich.co.uk
Fri Jan 13 23:11:15 UTC 2017
Yay! Have done it to my "Think Different" Yoga that is now used to being
my guinea pig and it's a success!
[root at archie alarm]# python ./me_cleaner.py factory_yoga.bin
Full image detected
The ME region goes from 0x1000 to 0x1fffff
Found FPT header at 0x1010
Found 21 partition(s)
ME firmware version 126.96.36.1990
Found FTPR header: FTPR partition spans from 0x4c000 to 0xd2000
Removing extra partitions...
Removing extra partition entries in FPT...
Removing EFFS presence flag...
Correcting checksum (0x04)...
Reading FTPR modules list...
Wiping LZMA section (0xb19a5 - 0xd2000)
UPDATE (LZMA, 0x0b19a5 - 0x0b1aaf): removed
ROMP (Huffman, 0x052740 - 0x052b03): NOT removed, essential
BUP (Huffman, 0x052b03 - 0x06662c): NOT removed, essential
KERNEL (Huffman, 0x06662c - 0x099368): removed
POLICY (Huffman, 0x099368 - 0x0b19a5): removed
FTPM (LZMA, 0x0b1aaf - 0x0bfc38): removed
HOSTCOMM (LZMA, 0x0bfc38 - 0x0c826c): removed
TDT (LZMA, 0x0c826c - 0x0cd59d): removed
FPF (LZMA, 0x0cd59d - 0x0cf0b5): removed
Done! Good luck!
So overall more time was spent trying to figure out how to enable SPI on
BeagleBoneBlack under Archlinux then actually doing this operation :) I
believe I have disabled updates, low- and high-level APIs (KERNEL,
POLICY), antitheft (TDT), communications to host (HOSTCOMM),firmware TPM
(FTPM), and something called FPF (I actually hope it is the link to
Intel Wifi card). ME still functions independently but it's
functionality is reduced. There is no longer PCI device for two-way
communication with ME and mei_me module is not loaded as confirmed by
lspci and lsmod.
The patient did not pass out after 30 minutes of uptime and is in a
stable condition. Need to check power management because that could be
somehow affected. If ok, my main Yoga will be the next patient. :)
On 01/10/2017 01:55 PM, Martin via Nottingham wrote:
> Thanks for that. Interesting...
> And as always, more time is needed in the day.
> But then again... Why are we having to waste our time 'working around'
> proprietary 'coercive silliness'...
> More time needed!
> On 10/01/17 10:47, VM via Nottingham wrote:
>> Finally there's hope for those who'd like more power over their own PC than Intel currently has.
>> When Martin flashes Libreboot (at last) I might borrow the programming clip. Or was it not necessary for that Chromebook?
>> vadim at mankevich.co.uk PGP key fingerprint
>> Retrieve from hkps://pgp.mit.edu
More information about the Nottingham