Intel ME - real threat for ordinary persons?

Dear Qubes community, I would like to ask you for your personal opinion. I have option to have new Lenovo T490 or NitroPC x230. Lenovo T490 will have nice performance and quality, but it will have active Intel ME. NitroPC x230 will be refurbished and less powerful (only 16 GB RAM and 3th gen of CPU), but it will have Intel ME removed. Do you think that Intel ME is real security threat for ordinary people or it is dangerous just for high level persons like Snowden? If I understand it correctly, it is not possible to exploit Intel ME remotely, so it makes sense to have newer Lenovo T490 with Intel ME right?

Thank you very much for yours opinions!

1 Like

This is a very hard question. Intel ME has access to everything and nobody knows what it does. Nobody knows for sure whether it can be exploited remotely (no evidence for that currently). Everyone decides on their own how important this problem is depending on their threat model.

Current understanding is indeed that only NSA and co. can exploit it. Note that Qubes OS recommends devices with open-source firmware and as few blobs as possible and celebrates when a device has a neutralized Intel ME.

5 Likes

Hi @CaesarVialpando,

it appears you misunderstand a bit what the difference between those two machines would be in terms of security. In fact it is likely that you would be able to neuter/disable ME on the T490 (not trivial, but doable).

What a NitroPad X230 will provide you is a lot more than a neutered/disabled ME.

Tamper Detection Through Measured Boot
Thanks to the combination of the open source solutions Coreboot, Heads and Nitrokey USB hardware, you can verify that your laptop hardware has not been tampered with in transit or in your absence (so-called evil maid attack). The integrity of the TPM, the firmware and the operating system is effectively checked by a separate Nitrokey USB key. Simply connect your Nitrokey to the NitroPad while booting and a green LED on the Nitrokey will show that your NitroPad has not been tampered with. If the LED should turn red one day, it indicates a manipulation.

coreboot is an extended firmware platform that delivers a lightning fast and secure boot experience on modern computers and embedded systems. As an Open Source project it provides auditability and maximum control over technology.

Heads is not just another Linux distribution – it combines physical hardening of specific hardware platforms and flash security features with custom coreboot firmware and a Linux boot loader in ROM. This moves the root of trust into the write-protected region of the SPI flash and prevents further software modifications to the bootup code (and on platforms that support it, Bootguard can protect against many hardware attacks as well). Controlling the first instruction the CPU executes allows Heads to measure every step of the boot firmware and configuration into the TPM, which makes it possible to attest to the user or a remote system that the machine has not been tampered with. While modern Intel CPUs require binary blobs to boot, these non-Free components are included in the measurements and are at least guaranteed to be unchanging. Once the system is in a known good state, the TPM is used as a hardware key storage to decrypt the drive.

So when running Qubes OS on a T490 even with neutered ME, you are still subject to “evil maid attacks”. Yes, there is AEM, but that in turn relies on ME :wink: … so clearly Coreboot/Heads plus a Yubi/Librem/Nitrokey are far superior.

Make sure you understand the implications before making your decision. I personally “downgraded” from a ThinkPad P51 to a ThinkPad T430 and modded it myself to be the security equivalent of a NitroPad T430. Technically the CPU is slower and I have less RAM, but I find the difference almost negligible. Especially if you invest in a decent SSD and use minimal templates. However from a trust perspective this is far superior!

3 Likes

Not now. If an exploit exists, the possibility that anyone would risk burning to get an “ordinary person” is close to zero. I would say it is like 0.1% of chance to be attacked by NSO Pegasus 0day.

Thank you very much!