sravan/system76-firmware-open
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
system76-firmware-open/docs/intel-me.md
Tim Crawford aa482271fd docs: Move Intel ME note to separate file
2020-08-31 11:19:27 -06:00

913 B
Raw Blame History

Intel Management Engine

Intel-based machines by System76 come with the Intel Management Engine disabled. It is a proprietary, mostly undocumented, system that provides many extraneous features that are generally not usable or useful to our users, with multiple known vulnerabilities that compromise the entire system.

The Intel ME is required (since Nehalem, 2008), so cannot be removed. The me_cleaner project is able to remove non-essential components, but currently does not support the ME version used on many of our systems. Instead, we send a HECI command to tell the Intel ME to disable runtime components during early boot.