FSP is a binary running on the CPU, unsigned. That can be replaced with a reimplementation (and was for Sandybridge/Ivybridge)
EC/SMC are highly board specific, some even run open source firmware that can be replaced (eg. on Chromebooks)
The issue with the ME is that its firmware is signed with an internal Intel key, combined with its property of having full access to the entire system.
Even with this hack of invalidating most of the firmware, we don't know for sure what is left running on the ME.
EC/SMC are highly board specific, some even run open source firmware that can be replaced (eg. on Chromebooks)
The issue with the ME is that its firmware is signed with an internal Intel key, combined with its property of having full access to the entire system.
Even with this hack of invalidating most of the firmware, we don't know for sure what is left running on the ME.