System76 to disable Intel Management Engine on its notebooks
Intel has recently confirmed the earlier findings of third parties who revealed that its Management Engine firmware has some serious security issues. Since we talked about this recently, we should now move to System76's approach in handling this situation.
In case you missed them in the past, you should know that System76 is a rather small company that makes custom notebooks and desktops with Linux. In a blog post that was published earlier today, they revealed that "System76 will automatically deliver updated firmware with a disabled ME on Intel 6th, 7th, and 8th Gen laptops. The ME provides no functionality for System76 laptop customers and is safe to disable." Obviously, this will not happen without sending a notification to the users of those laptops first.
System76 desktops that use Intel processors will not get the same update, so the Intel Management Engine will not be disabled on those machines. As it happens with the devices from brands like Lenovo or Asus, the System76 desktops should also receive updated firmware that patches the ME vulnerabilities.
One last thing that System76 chose to highlight in the blog post mentioned earlier is that Intel could change how the device functions in the future and the whole story might repeat itself over and over after that. They also wrote the following: "We implore Intel to retain the ability for device manufactures and consumers to disable the ME." Now, we can only hope that Intel chooses to play it safe and does the right thing.