Intel Management Engine equivalent on Pixels?

krayo Sort of. While GrapheneOS is running on some of the ARM cores, other cores (ARM and/or RISC-V) are running other code bases, some of which (e.g., the "baseband", meaning the radio(s)) are closed-source.

Luckily those are credibly believed to be more partitioned on a Pixel than the Management Engine (etc.) on a PC.

This is not a simple topic.

krayo Since it's more partitioned, would you believe it's better than PC or then you saying it isn't a simple topic is related to that?

Quick start:

• https://discuss.grapheneos.org/d/2286-is-baseband-isolation-a-software-thing-or-a-hardware-thing
• https://discuss.grapheneos.org/d/7126-baseband-questions
• https://grapheneos.org/faq#baseband-isolation

It is probably worthwhile to read the "Features", "Usage" and "FAQ" parts of the GrapheneOS web site slowly at leisure. Because there is a lot of information there, the pages are long and complicated, and it may well make sense to go through them twice, because each one may raise or answer questions you might have about the others.

@krayo Avoid posting your question in multiple places. You asked here in your own thread and what you've posted in other threads is going to be removed.

krayo Your post is based on a misconception. Intel CPUs are proprietary hardware and firmware as a whole. Intel ME is not more proprietary than the rest on the CPU. Intel ME is not uniquely proprietary and doesn't have a unique level of access. Intel CPUs not having Intel ME wouldn't make Intel any less trusted. Many people baselessly claim that Intel ME is a backdoor or has a backdoor while ignoring the rest of the CPU which is also proprietary and also places full trust in them. The information you're reading about this topic is inaccurate. Even if a device used an entirely open source SoC design with open source RISC-V cores (the most widely deployed RISC-V cores are not open source), open source caches, an open source memory controller and all of the other CPU components, you would be placing just as much trust in the manufacturer as with a proprietary CPU. Having an open source SoC would not mean the manufacturer of the SoC isn't trusted. You have no way to confirm that an open source chip has hardware matching the chip design. The manufacturing processes are also closed source even for an open source SoC.

It's also simply not the case that having open source code gets rid of vulnerabilities and backdoors, which is trivially shown by how the Linux kernel has a huge number of serious vulnerabilities fixed monthly with many of them have persisted in it for years or even decades. The Linux kernel has a policy against obtaining CVE assignments for these issues and it would be completely impractical with how many are discovered and fixed.

de0u Every ARM SoC is proprietary. They can have open source components but the ARM CPUs will be closed source, and in practice most of the hardware and firmware is closed source. There's no alternative available.

On the Pixel 6 and later, the SoC doesn't include any radios but rather there's a separate Broadcom Wi-Fi/Bluetooth SoC, a separate Samsung cellular SoC and a separate Broadcom GNSS (GPS, GLONASS, etc.) SoC. On both the Pixel 6 and later with this design and the earlier Snapdragon Pixels with a single baseband for each of those radios included on the SoC, those components are isolated. GPU and other similar components are also isolated.

Pixels use Trusty OS as their TrustZone firmware implementation, meaning it's based on an open source project. They also run Trusty OS on their secure core, which exists mainly to communicate with the separate secure element SoC. The secure element is a separate RISC-V SoC based on OpenTitan much more hardened against both software and hardware attacks than TrustZone can be, since TrustZone is only a standard ARM CPU mode on the regular CPU cores rather than dedicated hardware hardened against attacks. TrustZone has been largely replaced by the secure element functionality and other functionality is in the process of being replaced with virtualization. The main remaining use for TrustZone is that due to being a CPU mode, it's a lot faster to use it than communicating with a separate chip. There are still 2 separate hardware keystore implementations: StrongBox HSM provided by the secure element chip and the traditional keystore provided by TrustZone. The TrustZone implementation is much lower latency and higher throughput since it runs on the main CPU cores, and it doesn't have limited data since it stores the data encrypted with a hardware bound key via an OS service with a system for rollback protection.

krayo Pixel phones are far more secure than normal laptops/desktops, that's not a complex topic. There are no laptops or desktops coming close to meeting our security standards. See https://grapheneos.org/faq#future-devices for the list of requirements for GrapheneOS, which are largely not provided by a normal laptop or desktop.

Apple's ARM laptops more of the requirements than others, at least on paper, but there's no clear path for an alternate OS to use all the security features and some aren't provided in the way that's required. Memory tagging is missing but that's a new requirement.

I'd also guess there's maybe not a known way currently to remove that issue since even for computers it's not feasible, unless old models, or ones made specifically to circumvent it in the first place

Old models have known, unpatched vulnerabilities and are still proprietary hardware. You've been misled about Intel ME, AMD PSP and other topics through misinformation published by people with an agenda such as selling scam products.

GrapheneOS Thanks for the detailed summary! Security in a modern system has a lot of moving parts, but meanwhile there are people trying to sell things based on simple slogans.

raccoondad The [Intel Management Engine] does a lot of important things, from what I understand it handles device initialization. Its privacy effect is debatable, however it has had a few CVEs in the past (including a remote execution attack) if memory serves correctly.

https://arstechnica.com/information-technology/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/

User2288 Is there an equivalent to Intel ME on pixel 6+ ?

I think the answer is "not as designed".

1. The external world (Wi-Fi, Bluetooth, cellular modem, USB, NFC, GPU) are isolated via IOMMUs.
2. Some of the security implementation runs in TrustZone, which is ARM's enclave system. My (non-expert) understanding is that TrustZone splits all of the hardware on the system, including memory and I/O devices, into two compartments, and that code running in either compartment can't access hardware in the other compartment. If I have that right, the Linux kernel can't access the TrustZone compartment and the TrustyOS code in the TrustZone compartment can't access the Linux kernel's compartment, though there is some facility for sending messages between them.

Note, however, that everything contains bugs. I believe people have uncovered bugs in older implementations of TrustZone, though I am not familiar with the details. And IOMMU isolation doesn't stop a situation where the network hardware delivers a genuine packet to the shared packet-buffer space and then a bug in the Linux kernel's interpretation of that packet results in an exploit.

Overall, my (non-expert) sense is that on Intel platforms the Management Engine is designed to be powerful, so it can implement things like remote tracking and remote wipe for stolen laptops, whereas modern ARM platforms found in phones are designed not to have these features.

raccoondad Intel ME is a piece of firmware that handles device initialization.

But Intel says it's a processor:

What is Intel® Management Engine?

The Intel® Management Engine is an embedded microcontroller (integrated on some Intel chipsets) running a lightweight microkernel operating system that provides a variety of features and services for Intel® processor–based computer systems. [...]

That processor is indeed running closed-source firmware (typically it's encrypted), but I don't think "Management Engine" means "firmware". And, while device initialization firmware might be expected to run once and then not any more, I think it's pretty clear that ME runs all the time.