I’m already familiar with it. On the systems I buy and intall, if they are Intel based, ME gets disabled since I haven’t found a reasonable use for it.
Oh yeah, ARM also has something similar.
Since this is more relevant to me (numerically, most of the systems that I install are Raspberry Pi based robots), I’m happy to announce that TrustZone is not supported on Pi 4 (I haven’t checked about other models). I haven’t tested, however - don’t trust my word.
Who would you buy from in this case?
From the Raspberry Pi Foundation, who are doubtless ordering silicon from TSMC for the Pico series and ready-made CPUs for their bigger products, and various other services from other companies. If they didn’t exist, I would likely fall back on RockChip based products from China.
I didn’t know you could disable it. I figured it was very impractical or near impossible to do. how did you do it?
Raspberry Pi Foundation
I’m not going to lie, raspberry pis are a good candidate for a desktop but they’re still very underpowered compared to modern computers. That’s my only critcism. But yes, i’m not sure if there’s any spookware on any of the raspberry pis.
In the BIOS options of that specific server (nothing fancy, a generic Dell with some Xeon processor) the option to enable/disable ME was just plainly offered.
Chipset features > Intel AMT (active management technology) > disable (or something similar, my memory is a bit fuzzy). I researched the option, got worried about the outcomes if someone learned to exploit it, and made it a policy of turning it off. It was about 2 years ago.
P.S.
I’m sure there exist tools for the really security-conscious folks to verify whether ME has become disabled, but I was installing a boring warehouse system, so I didn’t check.
I’m already familiar with it. On the systems I buy and intall, if they are Intel based, ME gets disabled since I haven’t found a reasonable use for it.
Since this is more relevant to me (numerically, most of the systems that I install are Raspberry Pi based robots), I’m happy to announce that TrustZone is not supported on Pi 4 (I haven’t checked about other models). I haven’t tested, however - don’t trust my word.
From the Raspberry Pi Foundation, who are doubtless ordering silicon from TSMC for the Pico series and ready-made CPUs for their bigger products, and various other services from other companies. If they didn’t exist, I would likely fall back on RockChip based products from China.
Wow. :) Neat trick. (Would be revealed in competent hands, though. Snap an X-ray photo and find excess electronics in the socket.)
However, a radio transceiver is an extremely poor candidate for embedding on a chip. It’s good for bugging boards, not chips.
I didn’t know you could disable it. I figured it was very impractical or near impossible to do. how did you do it?
I’m not going to lie, raspberry pis are a good candidate for a desktop but they’re still very underpowered compared to modern computers. That’s my only critcism. But yes, i’m not sure if there’s any spookware on any of the raspberry pis.
In the BIOS options of that specific server (nothing fancy, a generic Dell with some Xeon processor) the option to enable/disable ME was just plainly offered.
Chipset features > Intel AMT (active management technology) > disable (or something similar, my memory is a bit fuzzy). I researched the option, got worried about the outcomes if someone learned to exploit it, and made it a policy of turning it off. It was about 2 years ago.
P.S.
I’m sure there exist tools for the really security-conscious folks to verify whether ME has become disabled, but I was installing a boring warehouse system, so I didn’t check.