I’m already familiar with it. On the systems I buy and intall, if they are Intel based, ME gets disabled since I haven’t found a reasonable use for it.
Oh yeah, ARM also has something similar.
Since this is more relevant to me (numerically, most of the systems that I install are Raspberry Pi based robots), I’m happy to announce that TrustZone is not supported on Pi 4 (I haven’t checked about other models). I haven’t tested, however - don’t trust my word.
Who would you buy from in this case?
From the Raspberry Pi Foundation, who are doubtless ordering silicon from TSMC for the Pico series and ready-made CPUs for their bigger products, and various other services from other companies. If they didn’t exist, I would likely fall back on RockChip based products from China.
In the BIOS options of that specific server (nothing fancy, a generic Dell with some Xeon processor) the option to enable/disable ME was just plainly offered.
Chipset features > Intel AMT (active management technology) > disable (or something similar, my memory is a bit fuzzy). I researched the option, got worried about the outcomes if someone learned to exploit it, and made it a policy of turning it off. It was about 2 years ago.
P.S.
I’m sure there exist tools for the really security-conscious folks to verify whether ME has become disabled, but I was installing a boring warehouse system, so I didn’t check.
deleted by creator
I’m already familiar with it. On the systems I buy and intall, if they are Intel based, ME gets disabled since I haven’t found a reasonable use for it.
Since this is more relevant to me (numerically, most of the systems that I install are Raspberry Pi based robots), I’m happy to announce that TrustZone is not supported on Pi 4 (I haven’t checked about other models). I haven’t tested, however - don’t trust my word.
From the Raspberry Pi Foundation, who are doubtless ordering silicon from TSMC for the Pico series and ready-made CPUs for their bigger products, and various other services from other companies. If they didn’t exist, I would likely fall back on RockChip based products from China.
Wow. :) Neat trick. (Would be revealed in competent hands, though. Snap an X-ray photo and find excess electronics in the socket.)
However, a radio transceiver is an extremely poor candidate for embedding on a chip. It’s good for bugging boards, not chips.
deleted by creator
In the BIOS options of that specific server (nothing fancy, a generic Dell with some Xeon processor) the option to enable/disable ME was just plainly offered.
Chipset features > Intel AMT (active management technology) > disable (or something similar, my memory is a bit fuzzy). I researched the option, got worried about the outcomes if someone learned to exploit it, and made it a policy of turning it off. It was about 2 years ago.
P.S.
I’m sure there exist tools for the really security-conscious folks to verify whether ME has become disabled, but I was installing a boring warehouse system, so I didn’t check.
deleted by creator