Get Cape, a no-bullshit mobile provider focused on privacy and security, and get $20 off your monthly bill.

Hardware and firmware threats and potential solutions

"In my estimation, things like CPU microcode and closed versus open BIOSes take a back seat to the presence of remote management systems etched into the CPU layout." -- Wrongthink

Table of Contents

intro

First and foremost i must credit the author of Wrongthink for patching the (many) holes in my own knowledge regarding the subject at hand. The information provided was crucial to forming what i hope is a reasonably coherent overview of the many problems that proprietary hardware and firmware present, as well as some potential solutions.

Even if you use privacy respecting software on your devices, you're still at the mercy of the hardware and firmware that makes it all tick. While there is no shortage of websites that cater to the privacy conscious folks among us, including this one, few of them, relatively speaking, cover the insidious threats associated with proprietary hardware and firmware embedded in the modern CPU and motherboard. Privacy, and thus freedom, is only as strong as the weakest link in the chain and if the hardware is compromised, so too is everything attached to, and running on it, including, of course, all user data. In this article we'll take a look at some of the threats these technologies present and potential solutions for mitigating them.

For a brief, 3 minute introduction of the massive problem at hand, watch the Free Software Foundation's promotional video, User Liberation.

terms

  • AMD Secure Technology / AMD Secure Processor (ASP) / Platform Security Processor (PSP): A low-level subsystem and co-processor consisting of both hardware and firmware that enables remote, out-of-band management of a computer over a network. The system is responsible for securing the boot process and is required to boot the computer.
  • Blob: Proprietary, 'black box' code for which the source is not available, several 'blobs' are generally required in order to boot a computer.
  • High Assurance Platform (HAP): An NSA initiative leveraging Trusted Computing technologies to define a framework for the development of the next generation of secure computing platforms. HAP apparently provides the NSA with the ability to disable the Intel Management Engine, though to what extent is unknown.
  • IBM POWER8 / POWER9 CPU architecture: A Reduced Instruction Set Computer (RISC) CPU architecture developed by IBM with fully open-source firmware.
  • Intel Active Management Technology (AMT) / vPro: A module for the Intel Management Engine that enables remote, out-of-band management of a computer over a network, though it seems unclear whether AMT is required for Management Engine network connectivity from ME version 6+.
  • Intel Converged Security Management Engine (CSME) / Intel Management Engine BIOS Extension (MEBx): A security feature of Intel CPUs which provides cryptographic services for other Intel technologies and firmware, including Enhanced Privacy ID (EPID), Identity Protection, Digital Rights Management (DRM) and Trusted Platform Modules (TPM).
  • Intel Management Engine (ME) / Intel Manageability Engine: A low-level, autonomous subsystem consisting of both hardware and firmware ostensibly responsible for securing the boot process and providing remote, out-of-band management of a computer over a network. ME runs on a separate microprocessor utilizing the MINIX computer operating system and has its own MAC and IP address. The system remains powered as long as the computer has a power source (AC/DC) and regardless of the state of the user-facing OS. ME may contain the following modules: Active Management Technology (AMT), Intel Boot Guard (IBG), Secure Boot, Quiet System Technology (QST) (formerly Advanced Fan Speed Control (AFSC)), Protected Audio Video Path, Intel Anti-Theft Technology (AT) (discontinued in 2015), Serial over LAN (SOL), Intel Platform Trust Technology (PTT), Trusted Platform Module (TPM) and Near Field Communication (NFC).
  • Trusted Platform Module (TPM): TPM is a cryptographic processor used to generate, store and protect cryptographic keys for, among other things, verifying the integrity of both hardware and software during the boot process regardless of the computer user-facing operating system.

threats

All personal computers manufactured by Intel since circa 2006, and AMD since circa 2013, contain multi-component hardware and firmware technologies which allow remote, out-of-band administration of the computer regardless of its powered state. Intel brands their system as the Intel Management Engine (ME) while AMD calls theirs AMD Secure Technology (formerly Platform Security Processor (PSP)). In both cases these powerful, autonomous and low-level sub-systems are deeply embedded within the motherboard and/or the CPU. Disabling these systems can be difficult or impossible, one reason being that they are required to boot the machine and initialize the CPU (release it from a reset state). For a brief overview of some of the threats these systems present, watch Spyware at The Hardware Level - Intel ME & AMD PSP by Mental Outlaw (note that one of the solutions he offers at the end, purchasing a laptop from System76, is not necessarily a complete one).

According to Wikipedia:

Critics like the Electronic Frontier Foundation (EFF), Libreboot developers, and security expert Damien Zammit accused the ME of being a backdoor and a privacy concern. Zammit stresses that the ME has full access to memory (without the owner-controlled CPU cores having any knowledge), and has full access to the TCP/IP stack and can send and receive network packets independently of the operating system, thus bypassing its firewall.

[...]

It is normally not possible for the end-user to disable the ME and there is no officially supported method to disable it, but some undocumented methods to do so were discovered. The ME's security architecture is designed to prevent disabling. Intel considers disabling ME to be a security vulnerability, as a malware could abuse it to make the computer lose some of the functionality that the typical user expects, such as the ability to play media with DRM, specifically DRM media that are using HDCP. But on the other hand, it is also possible for malicious actors to use the ME to remotely compromise a system.

Strictly speaking, none of the known methods can disable the ME completely, since it is required for booting the main CPU. The currently known methods merely make the ME go into abnormal states soon after boot, in which it seems not to have any working functionality. The ME is still physically connected to the system and its microprocessor continues to execute code.

While these technologies are advertised as assets for IT professionals, largely for the purpose of maintaining a fleet of corporate workstations, they are proprietary black boxes and thus their capabilities cannot be fully audited by the consumer. Furthermore, the firmware used in these components has been found to contain critical vulnerabilities which cannot be patched through updates to the user-facing operating system and so any vulnerability patches which may be released would need to be explicitly installed.

Even if the full potential of these out-of-band/offline remote administration tools is as benign as manufactures claim, there remains the fact that they are vulnerable to attack, have low-level access to the system including the CPU, GPU, memory and all attached devices, including storage media, and are of highly questionable benefit for virtually anyone with a personal computer. Without the ability to review the source code for these incredibly invasive technologies and know exactly what they do and how they do it, it must be assumed that both businesses and individuals alike are vulnerable to having their sensitive data compromised, or incriminating data planted, and/or being spied upon by unknown actors authorized to access these tools, or anyone else who is able to exploit a vulnerability of which several known exploits have been discovered. While technologies such as Trusted Platform Module arguably may provide some benefit with regard to securing a computer's hardware and boot process, there are far more trustworthy, open-source alternatives which can be used to access and maintain a corporate workstation remotely.

Intel Active Management Technology - Wikipedia

Intel Active Management Technology (AMT) is hardware and firmware for remote out-of-band management of select business computers, running on the Intel Management Engine, a microprocessor subsystem not exposed to the user, intended for monitoring, maintenance, updating, and repairing systems. Out-of-band (OOB) or hardware-based management is different from software-based (or in-band) management and software management agents.

Hardware-based management works at a different level from software applications, and uses a communication channel (through the TCP/IP stack) that is different from software-based communication (which is through the software stack in the operating system). Hardware-based management does not depend on the presence of an OS or a locally installed management agent.

[...]

Intel AMT uses a hardware-based out-of-band (OOB) communication channel that operates regardless of the presence of a working operating system. The communication channel is independent of the PC's power state, the presence of a management agent, and the state of many hardware components such as hard disk drives and memory.

Most AMT features are available OOB, regardless of PC power state. Other features require the PC to be powered up (such as console redirection via serial over LAN (SOL), agent presence checking, and network traffic filtering). Intel AMT has remote power-up capability.

[...]

The Management Engine (ME) is an isolated and protected coprocessor, embedded as a non-optional part in all current (as of 2015) Intel chipsets.

Starting with ME 11, it is based on the Intel Quark x86-based 32-bit CPU and runs the MINIX 3 operating system. The ME state is stored in a partition of the SPI flash, using the Embedded Flash File System (EFFS). Previous versions were based on an ARC core, with the Management Engine running the ThreadX RTOS from Express Logic. Versions 1.x to 5.x of the ME used the ARCTangent-A4 (32-bit only instructions) whereas versions 6.x to 8.x used the newer ARCompact (mixed 32- and 16-bit instruction set architecture). Starting with ME 7.1, the ARC processor could also execute signed Java applets.

[...]

PCs with AMT typically provide an option in the BIOS menu to switch off AMT, though OEMs implement BIOS features differently, and therefore the BIOS is not a reliable method to switch off AMT. Intel-based PCs that shipped without AMT are not supposed to be able to have AMT installed later. However, as long as the PC's hardware is potentially capable of running the AMT, it is unclear how effective these protections are. Presently, there are mitigation guides and tools to disable AMT on Windows, but Linux has only received a tool to check whether AMT is enabled and provisioned on Linux systems. The only way to actually fix this vulnerability is to install a firmware update. Intel has made a list of updates available. Unlike for AMT, there is generally no official, documented way to disable the Management Engine (ME); it is always on, unless it is not enabled at all by the OEM.

The forum post, A Semi-Comprehensive Guide to The Intel Management Engine and Circumvention Thereof (+ AMD PSP Notes), on the MacRumors forum offers a deeper insight regarding Intel's ME:

The Intel Management Engine was introduced with the Intel Q965 chipset, and is present in the subsequent Q35 and P/G/GM/Q/X4x (henceforth known as "i4x") chipsets, each introduced in 2006, 2007, and 2008, respectively. It has full access to the processor interface, DRAM controller, internal graphics controller, graphics interfaces, and the I/O Controller Hub, but can only send and receive data over the network if the motherboard supports Intel vPro, or more specifically Intel Active Management Technology (itself a subset of vPro). In order to function, Intel vPro / AMT requires "the platform to have an Intel AMT-enabled chipset, network hardware and software, connection with a power source and an active LAN port." (i965 datasheet)

[...]

Starting with ME version 6.0 in the first Nehalem systems (Core i7, X58 chipset, Nov 2008), the ME is not only more tightly integrated into the rest of the system due to the memory controller having been moved from the southbridge directly into the central processor, but coupled with the complete lack of any documentation that Intel has provided, it is not fully known what the ME itself can do without AMT.

[...]

AMD Platform Security Processor Notes

o The PSP has full access to all hardware components, as with the ME.
o The PSP is located exclusively on the CPU die, whereas the ME is located on the motherboard southbridge.
o Last safe CPUs are anything in the FX (Bulldozer) family using the AM3+ CPU socket.

Libreboot states the following regarding Intel's ME on their Frequently Asked Questions page:

NOTE: The information below is slightly out of date. Nowadays, Intel ME does not run on an ARC coprocessor, but instead runs on a modified Intel 486 based architecture, with the ME firmware written for x86 based on the Minix operating system. However, the overall design philosophy and operation is mostly the same.

[...]

Introduced in June 2006 in Intel's 965 Express Chipset Family of (Graphics and) Memory Controller Hubs, or (G)MCHs, and the ICH8 I/O Controller Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip. In Q3 2009, the first generation of Intel Core i3/i5/i7 (Nehalem) CPUs and the 5 Series Chipset family of Platform Controller Hubs, or PCHs, brought a more tightly integrated ME (now at version 6.0) inside the PCH chip, which itself replaced the ICH. Thus, the ME is present on all Intel desktop, mobile (laptop), and server systems since mid 2006.

The ME consists of an ARC processor core (replaced with other processor cores in later generations of the ME), code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system's memory as well as to reserve a region of protected external memory to supplement the ME's limited internal RAM. The ME also has network access with its own MAC address through an Intel Gigabit Ethernet Controller. Its boot program, stored on the internal ROM, loads a firmware "manifest" from the PC's SPI flash chip. This manifest is signed with a strong cryptographic key, which differs between versions of the ME firmware. If the manifest isn't signed by a specific Intel key, the boot ROM won't load and execute the firmware and the ME processor core will be halted.

[...]

The Active Management Technology (AMT) application, part of the Intel "vPro" brand, is a Web server and application code that enables remote users to power on, power off, view information about, and otherwise manage the PC. It can be used remotely even while the PC is powered off (via Wake-on-Lan). Traffic is encrypted using SSL/TLS libraries, but recall that all of the major SSL/TLS implementations have had highly publicized vulnerabilities. The AMT application itself has known vulnerabilities, which have been exploited to develop rootkits and keyloggers and covertly gain encrypted access to the management features of a PC. Remember that the ME has full access to the PC's RAM. This means that an attacker exploiting any of these vulnerabilities may gain access to everything on the PC as it runs: all open files, all running applications, all keys pressed, and more.

[...]

ME firmware versions 4.0 and later (Intel 4 Series and later chipsets) include an ME application for audio and video DRM called "Protected Audio Video Path" (PAVP). The ME receives from the host operating system an encrypted media stream and encrypted key, decrypts the key, and sends the encrypted media decrypted key to the GPU, which then decrypts the media. PAVP is also used by another ME application to draw an authentication PIN pad directly onto the screen. In this usage, the PAVP application directly controls the graphics that appear on the PC's screen in a way that the host OS cannot detect. ME firmware version 7.0 on PCHs with 2nd Generation Intel Core i3/i5/i7 (Sandy Bridge) CPUs replaces PAVP with a similar DRM application called "Intel Insider". Like the AMT application, these DRM applications, which in themselves are defective by design, demonstrate the omnipotent capabilities of the ME: this hardware and its proprietary firmware can access and control everything that is in RAM and even everything that is shown on the screen.

The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that can't be ignored.

[...]

In summary, the Intel Management Engine and its applications are a backdoor with total access to and control over the rest of the PC. The ME is a threat to freedom, security, and privacy, and the libreboot project strongly recommends avoiding it entirely.

The Wikipedia page, AMD Platform Security Processor, states the following regarding AMD's Secure Technology/PSP:

The AMD Platform Security Processor (PSP), officially known as AMD Secure Technology, is a trusted execution environment subsystem incorporated since about 2013 into AMD microprocessors. According to an AMD developer's guide, the subsystem is "responsible for creating, monitoring and maintaining the security environment" and "its functions include managing the boot process, initializing various security related mechanisms, and monitoring the system for any suspicious activity or events and implementing an appropriate response". Critics worry it can be used as a backdoor and is a security concern. AMD has denied requests to open source the code that runs on the PSP.

Details

The PSP itself represents an ARM core with the TrustZone extension which is inserted into the main CPU die as a coprocessor. The PSP contains on-chip firmware which is responsible for verifying the SPI ROM and loading off-chip firmware from it. In 2019, a Berlin-based security group discovered the off-chip firmware in ordinary UEFI image files (the code that boots up the operating system), which meant that it could be easily analyzed. By using a few hand-written Python-based tools, they found that the off-chip firmware from the SPI ROM contained an application resembling an entire micro operating system. Investigation of a Lenovo ThinkPad A285 notebook's motherboard flash chip (stores UEFI firmware) revealed that the PSP core itself (as a device) is run before the main CPU and that its firmware bootstrapping process starts just before basic UEFI gets loaded. They discovered that the firmware is run inside in the same system's memory space that user's applications do with unrestricted access to it (including MMIO) raising concerns over data safety. Because PSP is the chip that decides whenever the x86 cores will run or not, it is used to implement hardware downcoring, specific cores on the system can be made permanently inaccessible during manufacturing. The PSP also provides a random number generator for the RDRAND instruction and provides TPM services.

A forum post by 'Specter' on dayzerosec.com, Reversing the AMD Secure Processor (PSP) - Part 1: Design and Overview, offers a much deeper insight into AMD's Secure Technology/PSP.

Modern versions of the PSP utilize an on-die ARMv7 Cortex-A5 core, which starts before x86 cores are taken out of reset. Each Core Chiplet Die (CCD) contains a PSP core, with CCD-0 being the master PSP. To keep things simple, everything we talk about will be on the master PSP, there is some synchronization and communication that happens between dies, but we'll ignore that here.

Among other things, one of the PSP's prime responsibilities is to initialize the environment for x86, including initializing Dynamic RAM (DRAM) and loading the x86 BIOS. It also has its own private Static RAM (SRAM). As all of this stuff is so early in the boot process and runs at the near-silicon level, there's little documentation on it (or at least not public documentation), as most vendors don't need to know about the internals and can treat the PSP as a black-box.

[...]

The PSP consists of five major components. The BootROM (aka. the "On-Chip Bootloader"), the Initial Program Loader/IPL (aka. the "Off-Chip Bootloader"), the AMD Generic Encapsulated Software Architecture (AGESA) bootloader, the secure OS, and the Cryptographic Co-Processor (CCP).

[...]

Binding all of this together is the Crypto Co-Processor (CCPv5). The CCP is an on-die proprietary Intellectual Property (IP) block that can perform AES, SHA, RSA, ECC, true RNG, and zlib inflate operations.

[...]

The PSP is an essential piece of technology in AMD CPUs, and many are blissfully unaware of its existence. It's not something most people need to care about for using their PCs or writing software. However, because of the undocumented nature and encryption being utilized on the firmware, it's also been scare mongered about as some kind of super backdoor. Without a doubt, the PSP has extremely powerful capabilities, with the ability to talk to any device sitting on the SMN and virtually arbitrary access to DRAM.

A compromised PSP can be an intriguing target. Access to basically all memory and the ability to DMA over everything with the CCP can be incredibly useful, especially if you're trying to bypass something like secure virtualization (SEV) and virtualization-based security (VBS). Keys and other secrets can also be leaked or exfiltrated via something like PSPReverse's SP glitch attack.

The Libreboot team has the following to say regarding AMD's Secure Technology:

The Platform Security Processor (PSP) is built in on the AMD CPUs whose architecture is Late Family 16h (Puma), Zen 17h or later (and also on the AMD GPUs which are GCN 5th gen (Vega) or later). On the CPUs, a PSP controls the main x86 core startup. PSP firmware is cryptographically signed with a strong key similar to the Intel ME. If the PSP firmware is not present, or if the AMD signing key is not present, the x86 cores will not be released from reset, rendering the system inoperable.

The PSP is an ARM core with TrustZone technology, built onto the main CPU die. As such, it has the ability to hide its own program code, scratch RAM, and any data it may have taken and stored from the lesser-privileged x86 system RAM (kernel encryption keys, login data, browsing history, keystrokes, who knows!). To make matters worse, the PSP theoretically has access to the entire system memory space (AMD either will not or cannot deny this, and it would seem to be required to allow the DRM "features" to work as intended), which means that it has at minimum MMIO-based access to the network controllers and any other PCI/PCIe peripherals installed on the system.

In theory any malicious entity with access to the AMD signing key would be able to install persistent malware that could not be eradicated without an external flasher and a known good PSP image. Furthermore, multiple security vulnerabilities have been demonstrated in AMD firmware in the past, and there is every reason to assume one or more zero day vulnerabilities are lurking in the PSP firmware. Given the extreme privilege level (ring -2 or ring -3) of the PSP, said vulnerabilities would have the ability to remotely monitor and control any PSP enabled machine completely outside of the user's knowledge.

Much like with the Intel Boot Guard (an application of the Intel Management Engine), AMD's PSP can also act as a tyrant by checking signatures on any boot firmware that you flash, making replacement boot firmware (e.g. libreboot, coreboot) impossible on some boards. Early anecdotal reports indicate that AMD's boot guard counterpart will be used on most OEM hardware, disabled only on so-called "enthusiast" CPUs.

In summary, i think the evidence strongly suggests that the primary reason for forcing these black-box technologies upon all users of modern hardware and making them essentially impossible to disable or remove, has little to do with security and ease of maintenance and more to do with creating back doors for use by, presumably, the intelligence community and possibly other nefarious actors. I think the entire "security" argument for these systems falls flat on its face when one considers that customers participating in Intel's High Assurance Platform Program (HAP), such as the National Security Agency, have the option to disable ME (though to what extent is apparently not known). What does it suggest when the NSA, who has an insatiable appetite for your data and the security thereof, doesn't seem to trust Intel's Management Engine?

Researchers say Intel's Management Engine feature can be switched off | ZDNET

Positive Technologies researchers Mark Ermolov and Maxim Goryachy discovered that Intel ME can be disabled by setting a 'HAP mode activation bit' found in the ME firmware code. The researchers found a field in ME's firmware files called 'reserve_hap' with a comment next to it stating 'High Assurance Platform enable'.

HAP refers to the US government's High Assurance Platform Program, a secure computing program run by the NSA in collaboration with the tech industry. According to Bleeping Computer, disabling ME requires setting the relevant bit to '1'.

Intel confirmed to Positive Technologies that the undocumented HAP mode activation bit is present to support customers participating in the HAP program.

The threats extend beyond Intel's ME and AMD's PSP. For more information, see the Libreboot FAQ section and Canoeboot - Frequently Asked Questions.

detection

GitHub - mjg59/mei-amt-check: Check whether AMT is enabled and provisioned under Linux

solutions

port blocking

While it may be possible to mitigate some of these remote administration threats on mainstream hardware by simply blocking the ports they use to communicate with a device positioned between the computer and the modem/ONT, such as a router (assuming the router is free of ME/PSP), one must keep in mind that these tools are proprietary and therefore it is possible they may communicate using ports or protocols other than those which have been officially disclosed.

NIC replacement

ME/PSP threats may be able to be mitigated to some extent by simply removing or disabling the OEM Ethernet and WiFi network adapters and replacing them with those that do not contain an Intel chipset, however this cannot be relied upon since it isn't known what NIC drivers are packaged with ME/PSP. Furthermore, given that Intel's ME and AMD's Secure Technology have low-level access to the CPU and other components, i think the question must be asked as to whether these tools are capable of communicating over the network by utilizing software at the user OS level, irrespective of the network card.

firmware

When flashing firmware on any device the usual warnings must be realized; if you don't know what you're doing, or choose the wrong firmware, or interrupt the installation, or the planets aren't aligned quite right, doom may result, so be very careful to read any and all applicable documentation and, if possible, have a recovery plan in place prior to flashing.

While firmware and software solutions alone cannot provide the same degree of protection as a complete open-hardware/open-firmware solution, they do offer a much less costly, albeit less effective alternative. There are several groups working on open firmware projects for the PC and other systems, the most well known of which is probably coreboot which describes itself as "a replacement for your BIOS / UEFI with a strong focus on boot speed, security and flexibility. It is designed to boot your operating system as fast as possible without any compromise to security, with no back doors, and without any cruft from the 80s. It was originally designed for large super-computers with thousands of nodes, but it will run on your desktop, headless internet server, laptop, tablet or your favorite IoT device.". You can read more about coreboot on their coreboot for end users page, including a list of devices which come preinstalled with the firmware. Also see their Distributions page.

One of the shortcomings of coreboot is that it is compatible with only a small number of motherboards. Another issue is that it isn't a complete solution, for example the project allows for proprietary components for initializing RAM. Raptor Computing Systems has this to say:

Q: Wait, so even coreboot won't help me? Why haven't I heard about this?

A: The management firmware in question--the "Management Engine" (ME) on Intel and the "Platform Security Processor" (PSP) on AMD--is a somewhat poorly kept secret, but only a small percentage of users, executives, and organizations are aware of its existence, let alone the danger that the associated centralized control actually poses. coreboot is unable to boot modern x86 without at least two blobs involved, one of which is mandatory per the hardware-enforced signature checks; while coreboot may be a step in the right direction, it is far from a fully auditable solution on x86. Unfortunately, this situation is permanent, given the current hardware available; it is one of the main reasons for our switch from x86 to OpenPOWER.

Canoeboot "provides free, open source (libre) boot firmware based on coreboot, replacing proprietary BIOS/UEFI firmware on specific Intel/AMD x86 and ARM based motherboards, including laptop and desktop computers. It initialises the hardware (e.g. memory controller, CPU, peripherals) and starts a bootloader for your operating system. GNU+Linux and BSD are well-supported."

coreboot is "an extended firmware platform that delivers a lightning fast and secure boot experience on modern computers and embedded systems. As an Open Source project it provides auditability and maximum control over technology.".

DD-WRT is an open-sourced, graphical firmware that can be installed on a huge variety of network routers. DD-WRT is probably the easiest to install and configure out of the 3 options addressed here. The project is described as "a Linux based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. The main emphasis lies on providing the easiest possible handling while at the same time supporting a great number of functionalities within the framework of the respective hardware platform used.". DD-WRT allows both proprietary firmware and driver software in their images, but is otherwise open source. The DD-WRT source code is hosted on their own domain.

GNU Boot, forked from Libreboot before that project began incorporating proprietary blobs, is "a free software project aimed at replacing the proprietary boot firmware that comes with computers with free boot software.".

Libreboot is a distribution of coreboot with a focus on ease of installation. The project is described as "a coreboot distribution, in the same way that Debian is a Linux distribution. Libreboot makes coreboot easy to use for non-technical users, by providing a fully automated build system, automated build process and user-friendly installation instructions, in addition to regular binary releases that provide pre-compiled ROM images for installation on supported hardware. Without automation such as that provided by Libreboot, coreboot would be inaccessible for most users; you can also still reconfigure Libreboot however you wish.". Libreboot allows limited bits of proprietary code where necessary in order to support a wider array of hardware. The Libreboot source code is hosted on Codeberg.

LibreCMC is completely open-source (liberated) firmware for network devices. Unlike DD-WRT and OpenWRT, the project does not allow any proprietary components (blobs), however this results in a significantly smaller range of hardware compatibility.

OpenWRT, which allows only proprietary firmware on router models which necessitate it, is very similar to DD-WRT. I have used both and prefer the latter. OpenWRT describes itself as "a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned.". The source code for the project is hosted on their own domain and is mirrored on GitHub.

hardware

Complete hardware and firmware solutions which eliminate the ME/PSP systems, unlike firmware solutions alone, can be extraordinarily expensive since this is a very niche market and product runs are small. On the other hand, there are firmware-only solutions which are very affordable and though they may provide an acceptable degree or sanity, they are not complete solutions since these products use Intel or AMD processors and compatible motherboards. Here we will take a look at both types of products which are reasonably mature, including PC and network devices.

Libre Silicon develops a "free (as in freedom, not as in free of charge) and open source semiconductor manufacturing process standard".

Minifree Ltd sells Libreboot based laptops with a GNU Linux or BSD OS preinstalled.

Pine64 sells various products utilizing the ARM processor architecture which is free of ME and PSP. Their product includes phones, laptops, tablets and single-board computers.

Purism sells various products including a phone, a tablet, a laptop, a mini computer and a server, all with Intel Management Engine neutralized. With the exception of their server, all their devices run PureOS, a "fully free, ethical and open-source operating system that is not based on Android or iOS". Their phone and laptop feature external hardware switches that physically control power to their applicable radios and devices such as WiFi, Bluetooth, cellular, GPS, microphone and camera. I assume their tablet also has hardware switches.

Raptor Computing Systems appears to be the pinnacle of PC hardware vendors for those who are serious about mitigating the threats posed by Intel, AMD and the like. Raptor products use the IBM POWER9 processor for which the firmware is fully open-sourced. Their flagship product, the Tallos II, starts at close to $6,000 US as of this writing. The mainboard alone is over $4,000 US, though they also offer their Blackbird model which is substantially less expensive. Owner 'Borley' has outlined a build with this board for the DIY enthusiast and more information is available over at Wrongthink regarding a Blackbird build, including both some of the pros and cons regarding this system.

Star Labs sells very nice looking laptops, a convertible tablet and a reasonably powerful, passively cooled mini-PC, all of which use their own distribution of coreboot.

System76 sells attractive desktops, laptops, and mini-computers, as well as servers, at very reasonable prices. Note that Intel ME is neutralized only for selected models in their their laptop line. None of their desktop PCs use their custom coreboot distribution, though apparently they plan to address this in the future.For an overview of the features offered by their firmware, see the System76 Open Firmware Feature Matrix page on their GitHub repository.

Technoethical sells GNU Boot based laptops with the GNU Trisquel OS preinstalled, as well as phones with the Replicant OS preinstalled and some other accessories.

Turris sells some open source network devices including the Omina router and the MOX which is an interesting networking device with a modular architecture.

Vikings is apparently affiliated with Raptor. I know little about this company other than they sell some Raptor products in addition to their own and they offer a service for installing coreboot. They also sell some refurbished laptops with coreboot.

More hardware vendors can be found on the coreboot distributions page.

resources

information

vulnerabilities

tools

history

4-Dec-2023

  • corrected definition for AMT
  • edited definition for ME
  • clarified definition for IBM POWER architecture
  • correct a typo
  • additions to the 'tools' section
  • add history section
  • minor edits