> Это их дремучие ноуты? При всём моём уважении к FSF и РМС... Не все так просто:
http://libreboot.org/faq/#intel
> Intel Boot Guard is an ME application introduced in Q2 2013 with ME firmware version 9.0 on 4th Generation Intel Core i3/i5/i7 (Haswell) CPUs. [...] prevent the CPU from executing boot firmware that isn't signed with their private key. This means that coreboot and libreboot are impossible to port to such PCs, without the OEM's private signing key.
> Before version 6.0 (that is, on systems from 2008/2009 and earlier), the ME can be disabled [...] ME firmware versions 6.0 and later, which are found on all systems with an Intel Core i3/i5/i7 CPU and a PCH, include "ME Ingition" firmware that performs some hardware initialization and power management. If the ME's boot ROM does not find in the SPI flash memory an ME firmware manifest with a valid Intel signature, the whole PC will shut down after 30 minutes.
> Due to the signature verification, developing free replacement firmware for the ME is basically impossible. The only entity capable of replacing the ME firmware is Intel. As previously stated, the ME firmware includes proprietary code licensed from third parties, so Intel couldn't release the source code even if they wanted to.
Ну и:
> For years, coreboot has been struggling against Intel. Intel has been shown to be extremely uncooperative in general. Many coreboot developers, and companies, have tried to get Intel to cooperate; namely, releasing source code for the firmware components. Even Google, which sells millions of chromebooks (coreboot preinstalled) have been unable to persuade them.
> ME firmware version 7.0 on PCHs with 2nd Generation Intel Core i3/i5/i7 (Sandy Bridge) CPUs replaces PAVP with a similar DRM application called "Intel Insider". [...] this hardware and its proprietary firmware can access and control everything that is in RAM and even everything that is shown on the screen.