Hi Nitro community. I’m considering buying a Nitro PC Pro 2 with the i9-14900K processor. One of my requirements for a new PC is the ability to disable or deactivate the intel ME, in a way that any remote-access features are disabled. I don’t necessarily need to overwrite any firmware code - just setting the HAP bit would be sufficient. If it’s good enough for the NSA it’s good enough for me.
The Nitro PC product page claims this is possible but I haven’t found any instructions or tutorials. I found old forum threads covering this question but none contained satisfying full answers.
- support[dot]nitrokey[dot]com/t/nitropc-pro-2-gpu-and-bios-question/6819
- support[dot]nitrokey[dot]com/t/deactivated-intel-me-on-nitropc-and-nitropad/4230
- support[dot]nitrokey[dot]com/t/intel-management-engine-how-to-deactivate/3563
- support[dot]nitrokey[dot]com/t/regarding-all-nitropads-and-intel-me/5038
From reading those threads, I can see people are suggesting to use me_cleaner but their coverage tracking issue me_cleaner status · Issue #3 · corna/me_cleaner · GitHub shows no references I could find to the Raptor Lake CPU series (the i9-14900K’s lineup) so I have no idea if this would work or not. I would much prefer not to risk bricking a brand new computer.
I found this documentation from Dasharo which seems to suggest the ME can be disabled from the firmware control menu. Is this applicable to a Nitro PC Pro 2 with TianoCore firmware?
Any advice would be much appreciated.