I guess you’re referring to Intel ME. AMD have the same thing called PSP.
2 Likes
Discussion (which is only available to users with Trust level 2+, which results in many unnecessary threads like this one):
https://forum.qubes-os.org/t/intel-me-real-threat-for-ordinary-persons/7693
Sorry to burst your innocent and well-intended bubble, but AMD has been doing the same thing for just about as long. This wasn’t Intel’s decision - both companies were coerced by the government to do this, and they have been since 2013 or so. Intel’s backdoor is called IME, while AMD’s is called PSP.
Long story short, if you want anything resembling peace of mind in computing moving forward, you have to use old hardware (DDR2-era or so) or opt out of x86 entirely, switching to something like OpenPOWER. x86 has sadly been devoured and spit out by the mainstream and the powerful elites of the world.
2 Likes
If you do not have any reliable source to back this up, please do not spread this unconfirmed information. (This is possible, but we don’t know.)
5 Likes
Right, let’s not discuss anything that hasn’t been confirmed and sanitized by higher authorities. We don’t know any better, for we are merely sheep. Thank you for reminding me of my place in this corral. In the meanwhile, let’s all assume our hardware is not rigged and instead fully designed with the customer in mind. x86 is indeed 100% safe to use for privacy and anonymity purposes, for the idea of a hardware-level backdoor is LUDICROUS!! I feel so bad now I should even apologize to the OP for needlessly worrying them with my spooky 1984 ghost stories
3 Likes
First, in this case, not by “higher authorities”, but by anyone at all. There are assertions that Intel ME is a backdoor and you are allowed to cite that. You are not allowed to state that it’s a fact (as you just did), because we do not know. This is a technical forum, and discussions should be technical.
Second, Category General Discussion should be explicitly about Qubes OS.
We do not do this. See Community-recommended computers, where many devices have neutralized or disabled Intel ME. There are other efforts, too, if you search the forum.
5 Likes
Some facts are obvious enough that they don’t need to be scientifically proven, such as the color of the sky, the passage of time, or the presence of ill-intended backdoors in modern x86 CPUs. The lack of evidence AGAINST it being a backdoor, coupled with the timing of its implementation across the industry, should be enough of a red flag to warrant a stern determination of untrustworthiness by any user with even a remote interest in their digital security and privacy.
Fair point! Allow me to correct the relevant statement: let all of us who don’t own one of a handful of specific Thinkpad models to assume our hardware is not rigged and instead fully designed with the customer in mind.
I know coreboot and libreboot exist, and they are admirable projects, but it’s not a viable solution for many users. Some of us can’t afford new hardware, some of us prefer desktops, and some of us like to build our own systems from parts. All of those people are SOL when it comes to disabling the backdoor. I guess there was that one MSI source leak that might prove fruitful some day, but I’m not necessarily holding my breath for it.
Who and where said that? I certainly didn’t. ME is a problem, but it’s not an easy one to solve, especially if you can’t change your hardware. If your threat model says that Intel ME is untrusted, you simply should stop using it. There is no other way. By the way, desktops with neutralized ME also exist.
Let me also quote myself from the hidden topic:
1 Like
This points directly to the answer to the original question: people’s threat model do vary and the Qubes OS team decides to support folks whose threat models either don’t include Intel ME, or accomodate mitigations like AEM. (That doesn’t prevent them from also supporting folks whose threat mode does include those!)
Folks often forget to mention the threat model that constitutes the context of any question, and given how often that results in heated (and mostly sterile) discussions, I think we should remind more often that there is no such thing as “right or wrong” in security without a context.
One way to identify that context is threat modelling, that is identifying what you need to protect, from whom, and what are the consequences if you fail / how much convenience you are ready to loose to achieve that goal.
If you prefer desktop you have two decent options that I have seen
You could use the MSI PRO Z690-A (DDR4/DDR5) which is a motherboard with an open source bios that supports intel 12th gen. All you have to do is follow the guide on their wiki and plug in a USB to flash your bios. No external tools are needed for flashing like flashing thinkpads. Inside the bios options there is an option to disable intel’s management engine using soft disable, or HAP bit.
Another option is to use the ASRock Z370/Z390 Taichi which can be disabled through a special method on that motherboard. I haven’t experimented with this one.
Neither of these will give you the level of freedom that older hardware will. Intel’s core 2 duos don’t have it at all, up to ivy bridge (3rd gen) you will be able to remove a decent amount of code from the bios effectively removing it using me_cleaner, but past that it is not as effective.
If you don’t want the Intel ME or AMD variant, just disable them, and overwrite them.
To do this, just download the updaters for them, then insert your own image into the updater. Done.
That’s what I did. Works like a charm.
Just BE WARE… Don’t do it unless you know what you are doing.
Another option is to just disable it physically on the chip. Just cut the power line to the IME or variant.
That permanently disables it.
I overwrote mine with a custom variation so I have removed the “backdoor”.
No, they don’t. LOL. You already knew the sky was blue before you ever ran into that wikipedia page, and you had a solid understanding of how time works long before you ever questioned why it exists. It’s nice to know why the sky is blue, but it was never a necessity to know that it is blue.
If you know it’s a problem then I guess we just disagree about how to best convey the information to the newly initiated. I believe this backdoor stuff can be the line between life and death for many, and it should be treated as such. I think it’s better for OP to get freaked out and walk out of here thinking the government is watching everything he does and then find out it’s an unproven claim, rather than walking out of here thinking he’s free to do as he pleases on his AMD CPU because it’s “not backdoored” and then end up rotting in a prison cell wondering day after day and night after night which aspect of his otherwise top-notch security got compromised. Priorities, my brother in Qubes, priorities priorities priorities.
Looks neat on the surface, but then I looked over their “What is Dasharo binary blob policy?” on their FAQ and I’m not too impressed:
“Integrate only the necessary amount of blobs required for proper platform operation and minimize the amount of blobs that are optional whenever possible by providing open equivalent implementations or removing them if there is no functional impact on the platform operation. Ultimately the blobs should be attested and properly documented. Dasharo Team is trying to achieve it by working on firmware SBOMs.”
As you can see, it doesn’t mention the backdoor blobs specifically, nor whether they are part of the “required for proper platform operation” group or not. If I were a betting boy I would bet it is. What am I missing here?
Amen. More people need to know this.
I’m sorry but I’m gonna have to wait for some sort of community confirmation before I take this seriously. It cannot possibly be that simple. Where do I go to get these updaters? intel dot com slash backdoor slash update…?
“Cut the power line”? What power line…? And where do they sell pliers small enough to cut wires inside a CPU? I sure need me a pair of them
It is that simple. Ever get updates for the IME when running Intel? I have, many times… Just wait for that and do it then. but if you use “Automatic Updates” then you may never see it happen becausae you get the update from Microsoft that put in their own code for it and do the same thing essentially. Just like EFI… Originally was good, then MicroSoft made it crap and full of holes. UEFI, the worst thing to exist. but that’s why I don’t use UEFI, and I remove it from the BIOS if I can. I dont’ mean DISABLE… I mean ERASE or REMOVE or REPLACE with open source non-UEFI but compatible processing of commands. Which is why I choose to OVERWRITE not just eradicate things.
Since sometimes functionality is required, you can get open source variants, and re-code them and add in and remove whatever you want to to make it more secure.
They also do that with IME. They have their own installer, have had since 2008 I think it was. So you can easily get and use that.
Use whatever you want… I can use a craft knife to do it. not that hard. Just find out the one that powers the IME and remove the Cap, done.
I’d like to point out that due to limited resource and architectural designing, Qubes OS relies on Xen and linux kernel’s hardware compatibility. And Intel is more active than AMD in sending hardware compatibility patches to xen and kernel devel mailing lists. That’s probably the answer to your original question: why does QubesOS support mostly intel computers.
1 Like
What about RISC-V? Does it also have something like PSP/IME baked in?
I use AMD so I wouldn’t know.
Sounds like you have one of those motherboards supported by one of the open source BIOS listed earlier, because I can’t just inject random code into my motherboard and expect my system to boot.
I still find it hard to believe it’s this easy. One would think IME checks its own updates for integrity before installing them. One would think Intel made the CPU unable to boot without IME (as alluded to in the Dasharo homepage I quoted earlier).
Can someone else please confirm @AWhite’s claims?
I don’t know much about RISC-V but from what I do know it’s an open source platform, so I guess it’s up to the individual manufacturers to get in bed with the feds or not.
Good morning everyone, about the backdoors discourse in the processors, I would like to point out this interesting opinion:
[Introduction to Apple Silicon · AsahiLinux/docs Wiki · GitHub] (in particular in the paragraph "on secure boot, user control, and licensing ").
I am following with great interest and trust the development of this project and I would like to know your opinion on the subject: Apple Silicon, through an Open Source operating system, could become a valid alternative for a privacy and security oriented system?
It would be fantastic if one day there was an ARM version of Qubes that can run on Apple Silicon.
Thanks for your welcome and authoritative opinions.
1 Like
Have you found any good research about possible backdoors in Apple silicon?
1 Like
Apple hardware? For “privacy” and “security”? 
Go back to your iPad. We do serious computing here.
ARM is spyware garbage, as is modern x86 and pretty much everything else made in the past 10-15 years. I recommend you look into RISC-V and OpenPower instead; that’s the closest we have to “clean” hardware right now although both are still far from ideal.
2 Likes
The Triangulation malware was using a suspicious “hidden feature”
If we try to describe this feature and how the attackers took advantage of it, it all comes down to this: they are able to write data to a certain physical address while bypassing the hardware-based memory protection by writing the data, destination address, and data hash to unknown hardware registers of the chip unused by the firmware.
Our guess is that this unknown hardware feature was most likely intended to be used for debugging or testing purposes by Apple engineers or the factory, or that it was included by mistake. Because this feature is not used by the firmware, we have no idea how attackers would know how to use it.
https://securelist.com/operation-triangulation-the-last-hardware-mystery/111669/
1 Like