[tenebrisalietum]

It's not possible to remove, or at least account for all behavior of, the ME entirely until the BUP part is reverse engineered. You can't take that part out yet and have a working CPU as far as I understand.

I'm surprised you didn't mention the FSP which is a binary blob from Intel required to be run by any boot firmware (UEFI, Coreboot, or whatever) very early in the platform initialization process (to my understanding, basically as soon as possible after the reset vector, in the PEI phase) before anything is useable.

Baby steps. Don't let perfect be the enemy of good. Success here could indicate to CPU vendors there are people who care about these things.

[R0b0t1]

I know it isn't possible. Half measures are attractive short term but can serve to normalize failure, as is currently happening. Most people I know view Purism favorably and think it has actually made ME irrelevant. It hasn't, all the hardware is still there and can be enabled. You still are not the de facto owner of the machine.

[kelnos]

> but can serve to normalize failure

I agree, but it's not like they've given up. They're still working on it, and hope to find a way to permanently remove all the software that enables it, and run their own software instead. Whether or not they'll eventually be successful is of course an open question.

The alternative, at least right now, is that Purism doesn't sell any hardware at all, goes out of business, and then there's no one working credibly on this. That would be an even worse failure, IMO.

[zatop]

That's why for the long term they mention:

" We released a petition for, and continue to work with Intel to free it entirely (what Intel is calling a “ME-less” design). "

Do you have a better solution that trying to neutralise it + starting a petition + talking with Intel to remove it ?

If you to want to criticize brands for selling privacy snakeoil, and not making you "the de facto owner of the machine" then we should address your criticism at Apple, not Purism

[tenebrisalietum]

> It hasn't, all the hardware is still there and can be enabled.

Can it be enabled by Intel?

A system that has ME installed with a NIC the ME can't access (non-Intel) seems like it makes the ME irrelevant via suffocation.

I'm not sure of the technical details of this board or if the ME can access non-Intel NICs.

[wizzwizz4]

Well, if ME was activated by the byte sequence PLEASE_ENABLE_ME_42 being present in RAM, which caused it to look for the Firefox / Chrome network stack in memory and use that to send passwords to Intel…

Unlikely? Amazingly so. Technically possible? Yes.

[boring_twenties]

> Success here could indicate to CPU vendors there are people who care about these things.

If the Libreboot FAQ[1] is to be believed, then we are well past this stage. It states:

> Even Google, which sells millions of chromebooks (coreboot preinstalled) have been unable to persuade them.

[1] https://libreboot.org/faq.html