zlacker

>>doener+(OP)
If I read that right, they're allowing Intel ME, which sounds like a sad compromise to me. Given that it's a pretty big complex black box that one can't easily disable, would you agree that x86 is doomed when it comes to security? If that's the case, is there any hope we could have a CPU with competitive capabilities? (For example, is there an i7 alternative for ARM?)

What could one do to make it possible to have ME-less x86 in the future?

>>d33+y5
I think the whole point of Qubes OS is t not trust hardware because of potential BIOS or ME backdoors.

Joanna Rutkowska, Qubes founder, is the person who brought up intel ME as a problem in her paper Intel x86 considered harmful (https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf).

>>zer0to+m7
You can't run trusted software on untrusted hardware. If someone has a backdoor in your ME, you can't protect yourself from it.

>>adrian+ti
It should be noted that ME is significantly less powerful than the main CPU cores.

If performance is not a huge concern, one could (in theory of course) design software so cpu/memory-hard that the ME is simply unable to perform meaningful key material recovery for FVEY.