From cd40428d5c3cd6c45f7adb7f6f3c3cc4a3b6a0cb Mon Sep 17 00:00:00 2001 From: Tom Schlenkhoff Date: Tue, 22 Jan 2019 18:08:09 +0100 Subject: [PATCH 1/2] Added info on Intel TXT requirement --- security/anti-evil-maid.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/security/anti-evil-maid.md b/security/anti-evil-maid.md index f70dcbfb..bd3ab5d3 100644 --- a/security/anti-evil-maid.md +++ b/security/anti-evil-maid.md @@ -16,6 +16,16 @@ Background Please read [this blog article](https://blog.invisiblethings.org/2011/09/07/anti-evil-maid.html). +Prerequsites +---------- + +The current package requires a TPM 1.2 interface and a working Intel TXT engine. +If you neutered your Intel Management Engine with e.g. [me_cleaner](https://github.com/corna/me_cleaner) +while installing [CoreBoot](https://www.coreboot.org/) then you are out of luck. +So, for now, you have to choose between deblobbing your BIOS and Anti Evil Maid. + +[Discussion](https://groups.google.com/d/msg/qubes-users/sEmZfOZqYXM/j5rHeex1BAAJ) + Installing ---------- From 7e447917c7b55cbc9d2a500bbb6b6cdf652093fe Mon Sep 17 00:00:00 2001 From: Tom Schlenkhoff Date: Wed, 23 Jan 2019 11:01:56 +0100 Subject: [PATCH 2/2] Clarify/fix typo in - now - Requirements --- security/anti-evil-maid.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/security/anti-evil-maid.md b/security/anti-evil-maid.md index bd3ab5d3..97bb1da3 100644 --- a/security/anti-evil-maid.md +++ b/security/anti-evil-maid.md @@ -16,13 +16,13 @@ Background Please read [this blog article](https://blog.invisiblethings.org/2011/09/07/anti-evil-maid.html). -Prerequsites +Requirements ---------- The current package requires a TPM 1.2 interface and a working Intel TXT engine. -If you neutered your Intel Management Engine with e.g. [me_cleaner](https://github.com/corna/me_cleaner) +If you cleaned your Intel Management Engine with e.g. [me_cleaner](https://github.com/corna/me_cleaner) while installing [CoreBoot](https://www.coreboot.org/) then you are out of luck. -So, for now, you have to choose between deblobbing your BIOS and Anti Evil Maid. +For now you have to choose between cleaning your BIOS and deploying Anti Evil Maid. [Discussion](https://groups.google.com/d/msg/qubes-users/sEmZfOZqYXM/j5rHeex1BAAJ)