I need a thinkpad libreboot, Me cleaned etc etc. tho i have some concernes & need help.
I got told minifree is not reliable, but ebay would be a pretty good/decent choice to get one. & that the odds of the ROM being malicious are low. Should i get one from there? Also another very important question, the backdoor is there since after 2008 CPUs so. should i get a x200 with a cpu before 2008 OR get a newer one like an t500 or so with the intel CPU being ME cleaned with the Github program??
I never did such things so im worried ill be doing something wrong and that in the end it wont work with the ME for example, so is there a difference between before2008 and after even with ME cleaned?
its a fun project for sure, but what will you use it for? those machines are dated. I've done it to a couple machines thrown out from work
Christian Bennett
i need it as a main laptop for my stuff, fun project for sure still it needs to work as planned. definetly needs to.
Chase Jenkins
this stuff is not magic and those backdoors have yet to be proven. i dont think this is what youre looking for. its more for virtue signalling
Nathaniel Jones
This is actually hard to answer. New machines are backdoor ridden, old ones are old. What I'd do is install libreboot myself on one of them. However, I don't believe this gives you 100% protection from backdoors, afaik there still needs to stay some binary blob related to ME at boot time for the computer to boot. Then, there may be a shit ton of other vulnerabilities in the software you'll run on it. Even if you install OpenBSD, it's still not 100% secure, there have been vulns documented. I think you're better having an always offline computer without any networking to work on your personal projects and not have anyone spy on your stuff. In my book, anything connected to any netword is always somehow vulnerable.
Aaron Jones
The ME backdoors have been proven, there were papers, code and presentations on hacking conferences. If you search for them, you'll find them, so saying this has to be proven is not right. It was proven. What we can say is that we have no idea to what extent these backdoors are used, meaning how common it is.
Leo Hughes
well thats what i mean, the ME is not magic, does the ME still function or can it still do anything that could compromise?? and In my opinion it is or has atleast a high chance of being one, why would the NSA get them without the ME so it can function very well without it yet we dont get the choice. but thats another topic
James Peterson
yes, still there needs to be a *most secured* way of having a computer. and stuff still needs to be done over it, for example communication with others.
Nicholas Morgan
I think this is the open problem. Even Stallman said that there are no new computers that'd allow for free firmware, microcodes etc. My approach would be to have a computer that's not connected to your identity in any way and then even if it has a backdoor, it will be a backdoor to mostly anonymous PC. Anything other than that or always-offline PC will have risks.
Ethan Adams
No they havent
Landon Murphy
Its an enterprise management tool dude. Nobody is targeting you
Dylan Myers
Its almost like the NSA is a target and a Any Forums use isnt
Easton Myers
Not one unsolicited byte has ever been observed from Intel's ME. You're falling for FUD.
Joseph Thomas
>Also another very important question, the backdoor is there since after 2008 CPUs so. Has nothing to do with a specific year or CPU. IME is on the chipset, not the CPU. Some boards between 2006 and 2009 had it, and some didn't. 2009 and onward it had to be there (starting with first gen Core and later).
Michael James
what?
Connor Russell
thanks didnt know that
Cameron Wood
The NSA doesn't want IME on their systems because it's an extra layer of attack surface, that's a security issues, not a privacy issue.
Robert Jenkins
We do not understand ME enough to fully eliminate it You have to use a pre core2duo machine or alternatively, a pre-2012 amd laptop
there are also extremely rare and secure government contracted laptops which sell for thousands to crypto owners if you want true security
Connor Brooks
>You have to use a pre core2duo machine You mean a pre first gen Core, you can completely remove IME on C2D chipsets.
Cameron James
what are you planning on doing with it? to think libreboot and some hacky script from github will overcome all 0days the NSA has or whatever seems naive
Carter Barnes
Just buy ryzen. You can disable the PSP in the BIOS. >it doesn't do anything lol Then neither does your libreboot trash. You can't prove either.
Jackson Torres
still I do not trust this thing anyways. It has backdoors in windows and other applications and things, there is no reason it cannot have and wouldnt want to have on on intel CPUs, it is closed source anyways so i morally do not like it and generally dont trust it. i want to have a computer i can trust and support.
holy shit. but that is illegal right? dont know how to get on these anyways fuck it but damn didnt think that there are such. how do these get out of hand? I mean, the way you explain it these arent just cop computers eh?
Jordan Martin
You need to be 18+ to post here
Jace Young
no I dont think it is 100% secure from the NSA and thats not my goal. I want a computer which respects privacy to the max. level possible and open source/libre level out of principal and moral reasons. I want a computer to trust also
a giant reason is... it is just fucking fun to do all of that stuff/interesting and helps me to learn how computers work.