Intel Management Engine: Difference between revisions
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
== Uses of the Management Engine == | == Uses of the Management Engine == | ||
The management engine(Often abreviated ME) is a CPU which permits [https://en.wikipedia.org/wiki/Out-of-band_management Out of band] management of the computer. See the [https://en.wikipedia.org/wiki/Intel_Active_Management_Technology Wikipedia AMT article] for example use cases. | The management engine(Often abreviated ME) is a CPU which permits [https://en.wikipedia.org/wiki/Out-of-band_management Out of band] management of the computer. See the [https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Using_Intel_AMT Wikipedia AMT article] for example use cases. | ||
== Freedom and security issues == | == Freedom and security issues == | ||
Revision as of 18:38, 13 August 2014
Uses of the Management Engine
The management engine(Often abreviated ME) is a CPU which permits Out of band management of the computer. See the Wikipedia AMT article for example use cases.
Freedom and security issues
- The code that is running inside the management engine is proprietary and signed
- The management engine CPU has access to a lot of things, see "ME physical capabilities" for more details.
Where
| Board | Firmware | Microarchitecture | ME location and physical capabilities | ME restrictions |
|---|---|---|---|---|
| Lenovo x201 | AMT | Nehalem |
The ME is inside the PCH, it:
|
|
| Packard Bell EasyNote LM85 (MS2290) | AMT? | |||
| Samsung Series 5 550 Chromebook | me.bin | Sandy Bridge |
The ME is inside the PCH, it:
|
|
| Samsung Series 3 Chromebox | me.bin | |||
| Lenovo t520 | AMT | |||
| Google/HP Pavilion Chromebook 14 | me.bin | Ivy Bridge |
The ME is inside the PCH, it:
|
|
| Google Chromebook Pixel | me.bin | |||
| Google/Acer C7 Chromebook | me.bin | |||
| Google/Lenovo Thinkpad X131e Chromebook | me.bin | |||
| Lenovo t530 | AMT | |||
| Lenovo x230 | AMT | |||
| Kotron KTQM77/mITX | AMT? | |||
| Google/Acer C720 Chromebook | ? | Haswell |
The ME is inside the PCH, it:
|
|
| Google/HP Chromebook 14 | ? |
Why there is no replacement for it yet
Replacing the ME firmware is not that easy because:
- Its firmware is signed and the ME has a bootrom.
- On recent chipset its RAM reagion is locked while it is allocated.
So even if some people partially documented some ME firmware format, there is very few probability of having a free software replacement for it one day.