From my reading, I see complaints about lack of security in laptops having Intel chips with their “management engine” or some such term. Meaning external parties can activate and control/read/intercept computer content. Framework seems to intend to produce a secure product with switches for camera and microphone. I don’t think I have seen mention of a method to avoid Intel’s built in backdoor “management engine” designed to spy on computer owners. Will Framework offer Libreboot or some similar solution? Since Intel is part of the plan, how will their intrusion be avoided? Thanks in advance for responses.
No way to escape it! There are going to be community efforts to reduce the ME and reduce such risks, however this will be rather complex and depends on some elements of cooperation from Frame.Work. Further, I’m reasonably sure that even if we were to have a technical breakthrough where we could fully remove the ME, doing so in the 11xxxx series of Intel CPUs would still be impossible as the responsibility for managing some stuff that is critical for CPU sleep has been shifted to the ME. That would mean we’d also need to reimplement a secure and free core ME replacement. Considering we can’t even neuter the ME in 11xxxx CPUs yet (only “disable”), I wouldn’t hold my breath.
@iFreilicht , I would say the hardware cut off switches for camera and mic are step in the right direction though! The purism laptops take this approach, although I’m sure everyone knows that they have managed to “neutralize” the Intel ME. Much more expensive for worse hardware though.
Personally I prefer the ME removed over battery life, but that’s totally subjective.
Removing the ME will also remove functionality like Intel SGX (which is used for DRM content (streaming e.g. netflix) ).
Probably some costumers will complain, when they lose this functionality. So probably a BIOS option would be a nice trade-of for both sites.