Certain "Special Purpose Systems" Variants of Windows 11 Ship Without the TPM 2.0 Requirement

[ncrs]

Actually, that is possible admitedly because the Minux binaries are single threaded. But they also are x64, and I guess the core contention I have is that I find it unlikely they could stuff that in the chipset without a thermal envelope that is unacceptably large. Maybe atom is way better than the old day, I am not really as up to date on architectures as I once was.

Also, spectre style exploits work on protected enclaves, suggesting what is running them indeed is an out of order cpu, at least. Are atoms out of order? I thought they weren't.

I guess I'll back off a little and admit this: anything is possible but I don't find it likely.


My only guess is if they are lying, they don't see it as lying. The firmware itself lives in the bios chip which connects directly to the PCH. Maybe they consider that when they say the ME "lives" there. But it's just speculation.

The presentation I linked shows very clearly that the chipset hosts ME.
The x64 parts of the Minix firmware could be explained by slide 9 which shows that during bring-up, more specifically DRAM init, there is a part of ME running on the host CPU called ACM. But even after the host OS is started, ME services keep living on the embedded i486.

Security enclaves, as in SGX? That indeed does live in the CPU, as in the code runs there (the SDK and public info confirms this), but is managed by ME from the chipset. I am not aware of any speculative execution exploit that managed to break into the ME part. If you are I'd appreciate some links or even keywords.

Edit: the entire presentation is very technical, I'll have to watch the recording of it later on, but I'm surprised Intel shared this much publicly.

 

[R-T-B]

The presentation I linked shows very clearly that the chipset hosts ME.

I just went through your pdf. Yes, you are correct. It also says the cpu is 486. Interesting.

Security enclaves, as in SGX? That indeed does live in the CPU, as in the code runs there (the SDK and public info confirms this)

I guess I'm not as up to speed as I used to be, my hats off to you. That would explain the behavior yes and the fact that it's a 486 core for the rest now makes sense that it could live in the chipset.

The binaries were x86_64, interestingly. If so an x86_64 486 is kind of interesting in it's own right but very possible to fit in the PCH since it is not speculative/large.

I need to appologize. I let my pride get ahead of me. My work was mainly dissecting the me partitions from the firmware, unpacking them, and trying to figure out what they did. Clearly I was otherwise unqualified for the level of certainity I presented on this matter. Thanks for the educational pdfs and discourse.

speculative execution exploit that managed to break into the ME part.

I do not believe anyone managed more than extraction of SGX secrets. Except maybe on X58. It's old PCH arc core can do some funny things.

Edit: the entire presentation is very technical, I'll have to watch the recording of it later on, but I'm surprised Intel shared this much publicly.

To be frank, I am too. Aparently sometimes you just have to ask in the right way, I guess.

 

[ncrs]

I just went through your pdf. Yes, you are correct. It also says the cpu is 486. Interesting.

I guess I'm not as up to speed as I used to be, my hats off to you. That would explain the behavior yes and the fact that it's a 486 core for the rest now makes sense that it could live in the chipset.

The binaries were x86_64, interestingly. If so an x86_64 486 is kind of interesting in it's own right but very possible to fit in the PCH since it is not speculative/large.

I need to appologize. I let my pride get ahead of me. My work was mainly dissecting the me partitions from the firmware, unpacking them, and trying to figure out what they did. Clearly I was otherwise unqualified for the level of certainity I presented on this matter. Thanks for the educational pdfs and discourse.

To be completely honest I was not expecting this type of reply, and I am positively surprised (such a rare thing nowadays, sadly). Apology is of course accepted. I am glad we had this discussion as it pushed me to challenge my own state of knowledge as well.

 

[Minus Infinity]

Well we know which versions will eventually flood the warez sites LOL.

 

[c2DDragon]

Freak off Microsoft...
/me using Windows 10 and using Microsoft apps on my android smartphone x) )

To be honest I did write to the Asus support to know if I could have a tool or a bios including an option to deal with the PTT because my Asus Maximus Hero VIII doesn't have this option. I'm sad and still waiting for an answer from Asus. I hope they could do something, they are not MSI after all.

 

[R-T-B]

Freak off Microsoft...
/me using Windows 10 and using Microsoft apps on my android smartphone x) )

To be honest I did write to the Asus support to know if I could have a tool or a bios including an option to deal with the PTT because my Asus Maximus Hero VIII doesn't have this option. I'm sad and still waiting for an answer from Asus. I hope they could do something, they are not MSI after all.

I might be able to help you if that falls through. That board is from an era I am familiar enough with. PM me if all else fails and though I can't promise more than a small looksie timewise, that may be all you need.