Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: PublicNuisanceSo the companies that screw me over with Intel ME and AMD PSP are joining forces ? Consider me wanting to get off X86 to RiscV or Power9 even more than before.

yes it is popular to scare people that have no clue on how things work that these are somehow secret spy things when they in reality are nothing but managing devices for enterprise IT departments (just like how we in the server space have full on BMC cards instead).

ME is also what powers fTPM, bios signing and PlayReady drm.
These are all used to restrict your freedom to use your device how you like right now.
ME has been used by Israelian hackers to hack devices.
The procedure for using it requires you to receive an identification key from Intel based on information Intel generated, there is no indication that you can lock Intel out.
Maybe the American government isn't using it as a back door right here, right now, but the only reason we have to believe that is Intels' word.
ME is the reason modern devices can't install coreboot.

Also if it was just for remote management they would've put not such ridiculous amount of effort to counter all the efforts that have been done to remove it, because this is how it went: first you could simply remove the hardware, than they patched that and you could only remove the software, than they patched that and you couldn't, but someone found the secret government switch to turn it off and than they patched that and now the we have clean room reverse engineer it to turn it off without bricking our devices.

Also I'm not an It department and Intel knows that, because they sell a different bussiness and consumer line.
This is a feature they know I will never need, but they added it anyway.

The PlayReady drm does not use Intel ME, it uses SGX which is a completely different thing. fTPM exists only on AMD so again not Intel ME. Nor does it do bios signing.

Various hackers around the world have used every single piece of hw and sw to hack devices so not sure why Intel ME should be singled out for that reason. And for that matter I cannot find any information at all about anyone having hacked Intel ME, Israeli or otherwise, is this you confusing this with something else again or do you have any links?

You also seem a bit confused about coreboot, there are no Intel ME mechanism to prevent the installation of coreboot. The only connection between Intel ME and coreboot is that since Intel ME have it's firmware stored in the BIOS, Intel ME is disabled by coreboot since coreboot does not contain the necessary firmware.

Intel ME have never been a separate piece of hw, it have always been builtin to the cpu and it really have to be in order for it to function the way it's supposed to work.

I think that you are confusing Intel ME with TPM here since TPM started out as a separate chip and was then moved into the CPU after it was discovered that the connection between the TPM and the CPU could be eavesdropped and manipulated in a way that rendered TPM useless.

Intel ME is builtin to every single cpu since #1 Intel does not know which specific cpu a business tends to purchase for their office machines that their IT department wants to perform remote administration on and #2 it would be extremely expensive to have two separate chip fabs for non-ME and have-ME line of CPU:s of the same core design.

I would hope that people would understand that IF intel decided to put some hidden backdoor into their processors that they would have done that _hidden_ and not in a piece of hw that they openly advertise (and with complete guides on how to use like this one: Getting Started with Intel® Active Management Technology [External Link]. Also to date not a single person have been able to see any Intel ME trying to communicate with the outside world (aka phone home), had this ever occurred you would not have missed it since it would have been screamed from rooftops.

In the modules section of the wikipedia BootGuard(bios signing), Protected Audio Video Path, frimware TPM(fTPM) and Secureboot(os signing) are explicitly mentioned as ME modules together with AMT(remote management feature). [External Link]
You seem to be right about your playready thing though.

I'm not confusing ME with the TPM. That's why I specified it served fTPM(the f stands for firmware).
I was though conflating Coreboot with Libreboot. Libreboot/Canoeboot can't run on modern devices, because it doesn't include the properietary ME code.

The problem with the hacking, is that I can flash a new os when my os is hacked, but not a new ME.

wikipedia explanation of how Intel bootguard prevents coreboot. [External Link]

Intel sells the Xeon line for enterprise applications and the I line for consumer applications they can simply only include it in Xeon processors.

The lack of phoning home is indeed the best proof we have about it not being a backdoor, which to me proofs mostly that they're not listening in on the devices of the kind of people who monitor and publish their web traffic.
Intel publishing it isn't that surprising.
Several researchers pull processors apart for new undocumented features finding something new without an explanation is really suspicious, while "we're trying to compete with openssh" is a lot less suspicious.

ok, had somehow missed that boot guard was part of ME, thanks for pointing that out. Yes XEONS are for server and workstation use but 99% of office machines are not Xeons and remote management is something that large companies use to manage their large fleet of office machines. Myself I only use the server side version (so a full BMC on Xeons and Epycs) since where I work we let every one manage their own pc as they see fit, but the servers we have in a remote location and ssh is not fun when the machine is stuck in bios, powered off or kernel hang.

99% of office machines are not Xeons

: extra reason for Intel not to include enterprise specific features in them. A Xeon is an upsell(more expensive), you want those precious enterprise features, pay for them.
On the SSH point:
A. SSH is only not fun in those situations when it's not on a separate already booted controller(just like intel AMT), but that is actually quite easy to build.
Most server racks already have separate controllers.
B. Well, yes that's why they can argue it to be an attempt at competing with SSH. SSH might be free as in freedom and free beer and have more features, but it requires to set up your own separate microcontroller to manage ring 0 crashes.

Also a more generic reason I have against, "but it's for enterprise IT".
In enterprise IT the users don't own their time and/or devices any limitation of software freedoms makes sense in such a situation, because it would directly cost the one who does own these things the software freedom they get from owning these assets.
As a private buyer I do own my time/devices as such I want to control them.

Office desktops outsells consumer desktops by orders of magnitude and is where the money is for companies like Intel. Them removing ME from their consumer grade CPU:s and trying to get companies to upgrade to Xeons would only lead to one outcome: every single company would switch to AMD.

View this comment - View article - View full comments

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: PublicNuisanceSo the companies that screw me over with Intel ME and AMD PSP are joining forces ? Consider me wanting to get off X86 to RiscV or Power9 even more than before.

yes it is popular to scare people that have no clue on how things work that these are somehow secret spy things when they in reality are nothing but managing devices for enterprise IT departments (just like how we in the server space have full on BMC cards instead).

ME is also what powers fTPM, bios signing and PlayReady drm.
These are all used to restrict your freedom to use your device how you like right now.
ME has been used by Israelian hackers to hack devices.
The procedure for using it requires you to receive an identification key from Intel based on information Intel generated, there is no indication that you can lock Intel out.
Maybe the American government isn't using it as a back door right here, right now, but the only reason we have to believe that is Intels' word.
ME is the reason modern devices can't install coreboot.

Also if it was just for remote management they would've put not such ridiculous amount of effort to counter all the efforts that have been done to remove it, because this is how it went: first you could simply remove the hardware, than they patched that and you could only remove the software, than they patched that and you couldn't, but someone found the secret government switch to turn it off and than they patched that and now the we have clean room reverse engineer it to turn it off without bricking our devices.

Also I'm not an It department and Intel knows that, because they sell a different bussiness and consumer line.
This is a feature they know I will never need, but they added it anyway.

The PlayReady drm does not use Intel ME, it uses SGX which is a completely different thing. fTPM exists only on AMD so again not Intel ME. Nor does it do bios signing.

Various hackers around the world have used every single piece of hw and sw to hack devices so not sure why Intel ME should be singled out for that reason. And for that matter I cannot find any information at all about anyone having hacked Intel ME, Israeli or otherwise, is this you confusing this with something else again or do you have any links?

You also seem a bit confused about coreboot, there are no Intel ME mechanism to prevent the installation of coreboot. The only connection between Intel ME and coreboot is that since Intel ME have it's firmware stored in the BIOS, Intel ME is disabled by coreboot since coreboot does not contain the necessary firmware.

Intel ME have never been a separate piece of hw, it have always been builtin to the cpu and it really have to be in order for it to function the way it's supposed to work.

I think that you are confusing Intel ME with TPM here since TPM started out as a separate chip and was then moved into the CPU after it was discovered that the connection between the TPM and the CPU could be eavesdropped and manipulated in a way that rendered TPM useless.

Intel ME is builtin to every single cpu since #1 Intel does not know which specific cpu a business tends to purchase for their office machines that their IT department wants to perform remote administration on and #2 it would be extremely expensive to have two separate chip fabs for non-ME and have-ME line of CPU:s of the same core design.

I would hope that people would understand that IF intel decided to put some hidden backdoor into their processors that they would have done that _hidden_ and not in a piece of hw that they openly advertise (and with complete guides on how to use like this one: Getting Started with Intel® Active Management Technology [External Link]. Also to date not a single person have been able to see any Intel ME trying to communicate with the outside world (aka phone home), had this ever occurred you would not have missed it since it would have been screamed from rooftops.

In the modules section of the wikipedia BootGuard(bios signing), Protected Audio Video Path, frimware TPM(fTPM) and Secureboot(os signing) are explicitly mentioned as ME modules together with AMT(remote management feature). [External Link]
You seem to be right about your playready thing though.

I'm not confusing ME with the TPM. That's why I specified it served fTPM(the f stands for firmware).
I was though conflating Coreboot with Libreboot. Libreboot/Canoeboot can't run on modern devices, because it doesn't include the properietary ME code.

The problem with the hacking, is that I can flash a new os when my os is hacked, but not a new ME.

wikipedia explanation of how Intel bootguard prevents coreboot. [External Link]

Intel sells the Xeon line for enterprise applications and the I line for consumer applications they can simply only include it in Xeon processors.

The lack of phoning home is indeed the best proof we have about it not being a backdoor, which to me proofs mostly that they're not listening in on the devices of the kind of people who monitor and publish their web traffic.
Intel publishing it isn't that surprising.
Several researchers pull processors apart for new undocumented features finding something new without an explanation is really suspicious, while "we're trying to compete with openssh" is a lot less suspicious.

ok, had somehow missed that boot guard was part of ME, thanks for pointing that out. Yes XEONS are for server and workstation use but 99% of office machines are not Xeons and remote management is something that large companies use to manage their large fleet of office machines. Myself I only use the server side version (so a full BMC on Xeons and Epycs) since where I work we let every one manage their own pc as they see fit, but the servers we have in a remote location and ssh is not fun when the machine is stuck in bios, powered off or kernel hang.

View this comment - View article - View full comments

Quoting: LoudTechie

Quoting: F.Ultra

Quoting: PublicNuisanceSo the companies that screw me over with Intel ME and AMD PSP are joining forces ? Consider me wanting to get off X86 to RiscV or Power9 even more than before.

yes it is popular to scare people that have no clue on how things work that these are somehow secret spy things when they in reality are nothing but managing devices for enterprise IT departments (just like how we in the server space have full on BMC cards instead).

ME is also what powers fTPM, bios signing and PlayReady drm.
These are all used to restrict your freedom to use your device how you like right now.
ME has been used by Israelian hackers to hack devices.
The procedure for using it requires you to receive an identification key from Intel based on information Intel generated, there is no indication that you can lock Intel out.
Maybe the American government isn't using it as a back door right here, right now, but the only reason we have to believe that is Intels' word.
ME is the reason modern devices can't install coreboot.

Also if it was just for remote management they would've put not such ridiculous amount of effort to counter all the efforts that have been done to remove it, because this is how it went: first you could simply remove the hardware, than they patched that and you could only remove the software, than they patched that and you couldn't, but someone found the secret government switch to turn it off and than they patched that and now the we have clean room reverse engineer it to turn it off without bricking our devices.

Also I'm not an It department and Intel knows that, because they sell a different bussiness and consumer line.
This is a feature they know I will never need, but they added it anyway.

The PlayReady drm does not use Intel ME, it uses SGX which is a completely different thing. fTPM exists only on AMD so again not Intel ME. Nor does it do bios signing.

Various hackers around the world have used every single piece of hw and sw to hack devices so not sure why Intel ME should be singled out for that reason. And for that matter I cannot find any information at all about anyone having hacked Intel ME, Israeli or otherwise, is this you confusing this with something else again or do you have any links?

You also seem a bit confused about coreboot, there are no Intel ME mechanism to prevent the installation of coreboot. The only connection between Intel ME and coreboot is that since Intel ME have it's firmware stored in the BIOS, Intel ME is disabled by coreboot since coreboot does not contain the necessary firmware.

Intel ME have never been a separate piece of hw, it have always been builtin to the cpu and it really have to be in order for it to function the way it's supposed to work.

I think that you are confusing Intel ME with TPM here since TPM started out as a separate chip and was then moved into the CPU after it was discovered that the connection between the TPM and the CPU could be eavesdropped and manipulated in a way that rendered TPM useless.

Intel ME is builtin to every single cpu since #1 Intel does not know which specific cpu a business tends to purchase for their office machines that their IT department wants to perform remote administration on and #2 it would be extremely expensive to have two separate chip fabs for non-ME and have-ME line of CPU:s of the same core design.

I would hope that people would understand that IF intel decided to put some hidden backdoor into their processors that they would have done that _hidden_ and not in a piece of hw that they openly advertise (and with complete guides on how to use like this one: Getting Started with Intel® Active Management Technology [External Link]. Also to date not a single person have been able to see any Intel ME trying to communicate with the outside world (aka phone home), had this ever occurred you would not have missed it since it would have been screamed from rooftops.

View this comment - View article - View full comments

Quoting: PublicNuisanceSo the companies that screw me over with Intel ME and AMD PSP are joining forces ? Consider me wanting to get off X86 to RiscV or Power9 even more than before.

yes it is popular to scare people that have no clue on how things work that these are somehow secret spy things when they in reality are nothing but managing devices for enterprise IT departments (just like how we in the server space have full on BMC cards instead).

View this comment - View article - View full comments

Quoting: Stella

Quoting: Xpander

Quoting: StellaI don't use Razer personally because I'm not convinced of the quality of their products. But this does seem really nice, wish there was something similar for Logitech and Asus

Its not very nice. openrazer only supports RGB stuff, DPI settings, Polling rate and some other fluff, but the main feature is missing. Custom keybinds, layers etc.

I own a razer basilisk v2, its decent mouse, but build quality isn't the greatest, the rubber on it started to fade quite fast and scrollbar rubber grip is sometimes slipping a bit, but i can at least adjust the resistance of the scrollwheel and mouse is quite comfortable in hand.

Ah, I see. That kind of sucks. Do Razer peripherals have onboard memory at least? My logitech mouse has this, I can configure it on LGHUB and it will persist on Linux devices. If it didn't have this the mouse would be much less usable

Cannot say that they all do, but the DeathAdder v3 PRO that I replaced my Logitech G703 with does. It also have much higher build quality than the Logitech one where the mouse wheel started to act weird and I found it to be a common problem.

View this comment - View article - View full comments

Quoting: iodI wonder if Wine will ever recognize the correct locale for non-english apps.. People keep telling me it's not Wine's job to do so but Windows does it somehow no problem.

Also waiting for generally better Wayland support because old XWayland games set the fullscreen resolution incorrectly.

I wonder if this can be locale specific, aka in that there is a problem with some locales, because when running applications in Wine apps picks up that my Linux is configured in Swedish with zero issues (or I'm mistaken about what the issue is).

View this comment - View article - View full comments

Quoting: bonkmaykrThey will decriminalize child pornography like a bunch of sick fucks (yes, the German government seriously got away with that)

They haven't. What they have done is gone back to the same minimum sentencing for distribution as they had before June 2021 when they increased it (and this is due to them having seen negative consequences of that increase).

View this comment - View article - View full comments

Quoting: Purple Library Guy

Quoting: Woodlandor

Quoting: ShmerlAnd Tim Sweeney can move to Canada and get lost.

If you do that we will send you Justin Bieber!

I'm starting to see the possibilities here. Can we throw in Pierre Poilievre?

I can prepare a place at that bottom of the Baltic Sea for him, IF as payment we would get Skinny Puppy and Front Line Asembly.

View this comment - View article - View full comments

Quoting: Mountain Man

Quoting: kuhpunkt

Quoting: Mountain ManSo no Half-Life 3. :sad:

Why not? They can work on multiple games at the same time. Remember the Orange Box?

There were rumors that Valve was working on a new game. Everybody was hoping it was Half-Life 3, but apparently it was this instead.

No the rumor was that they besides Deadlock also was working on something that internally was refereed to as Project White Sands. And since that is the name of a park in New Mexico where Black Mesa was...

View this comment - View article - View full comments

Quoting: Klaas

Quoting: F.UltraIn essence I'm still kinda pissed that they killed him off

I think that all three endings of The Following are bad, since they all destroy everything that you've worked for in the base game. I'm not sure what they were thinking, since this is clearly the worst thing that they could have done. Making the player feel that everything that happened before was pointless.

The game's writing is generally confused and rather bad which isn't that surprising when you read about the development process.

Kyle is weird – who would burn important medicine because a (crazy) person on the outside gives that order via radio!?

Kadir Suleiman is so over the top that he's basically a psychopathic parody of a parody of a psychopath. He kills his minions for fun although it is obvious that he will never be able to get replacements, which is unbelievably stupid even for someone that does not have any empathy.

yes that initial "burn the medicine" confused me as well. Why bother when it is via radio and you not only know that you are going to need it but also can use it as a viable resource to trade inside the quarantine zone.

View this comment - View article - View full comments