Does Intel chip have Intel's management engine?

Does Intel chip have Intel’s management engine?

From my reading, I see complaints about lack of security in laptops having Intel chips with their “management engine” or some such term. Meaning external parties can activate and control/read/intercept computer content. Framework seems to intend to produce a secure product with switches for camera and microphone. I don’t think I have seen mention of a method to avoid Intel’s built in backdoor “management engine” designed to spy on computer owners. Will Framework offer Libreboot or some similar solution? Since Intel is part of the plan, how will their intrusion be avoided? Thanks in advance for responses.

4 Likes

From what I’ve read so far sadly it seems we are stuck with the Intel Management Engine

No way to escape it! There are going to be community efforts to reduce the ME and reduce such risks, however this will be rather complex and depends on some elements of cooperation from Frame.Work. Further, I’m reasonably sure that even if we were to have a technical breakthrough where we could fully remove the ME, doing so in the 11xxxx series of Intel CPUs would still be impossible as the responsibility for managing some stuff that is critical for CPU sleep has been shifted to the ME. That would mean we’d also need to reimplement a secure and free core ME replacement. Considering we can’t even neuter the ME in 11xxxx CPUs yet (only “disable”), I wouldn’t hold my breath.

I’m also interested in this, so I dug around a little bit.

For this first iteration of the Laptop, you are indeed stuck with Intel. You can always use the regular approaches to disable the ME as much as possible, and coreboot is being explored:

Additionally, Framework is hoping to release other versions of the motherboard in the future with ARM64 and maybe even RISC-V processors:

We architected the mainboard to maximize adaptability to future generations of x86 and ARM (and we hope eventually RISC-V!) CPUs.
(From https://frame.work/blog/the-upgradeable-mainboard)

So I guess right now it’s not much better than any regular Intel laptops in that regard, but there’s a lot of potential for privacy-conscious upgrades in the future.