Hacker News

Complete Removal of Intel Me Possible on Certain Intel HEDT/Server Platforms

(Reposted from Reddit)

Intro:

Recently, Github user nkht removed the entire Intel ME firmware from his Asus R4E. Apparently, the ME Watchdog is inactive in the PCH and thus the PC does not turn off every 30 mins. I successfully verified this on my Asus R4G.

The findings:

https://github.com/corna/me_cleaner/issues/278

https://github.com/nkht/me_removal

What is removed:

The entire "ME region" in the BIOS is blanked. Also, the MEI controller can be stopped by modding MEPlatformPEI.

VS ME_Cleaner:

ME_Cleaner erases most modules in Intel ME, and/or set the HAP bit.

In this case, the entire ME region is removed, halting ME functions even earlier than ME_Cleaner.

Potentially working platforms:

LGA2011-0, LGA2011-1, LGA1356: X79/C600 PCH

Untested platforms:

LGA1366: X58/5000 IOH

LGA1567: 7500 IOH

LGA2011-3: X99/C612 PCH

Likely won't work:

Mobo for ≥SKL CPUs, as ME 11.x changed a lot

LGA115X/mobile platforms (esp. using iGPU)

Mobo with Intel Boot Guard

Potential downsides:

If your PCH has an active watchdog, the PC will turn off after 30 minutes/stop booting. Intel vPro will not be available after modding. Like all tests/mods, your system may become unstable/have broken features.

Testing this yourself:

If you wish to try this, you may proceed to the links above. You might need a SPI flasher for recovery. You should also backup your current BIOS to save the UUID, Serial Number and MAC address. For Asus mobos with USB Flashback, you may rename the new image to ERALL.CAP and flash using a USB Drive. You have to add your mobo UUID, Serial Number and MAC address to ERALL.CAP via FD44.

Conclusion:

It seems like some Intel chipsets could have inactive ME watchdog timers, allowing Intel ME to be removed. However, the exact chipsets that have this is currently still relatively unknown.

8 pointsweareanomalous posted 14 days ago