Image of RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302) (Certification Press)
Image of XSLT 2.0 and XPath 2.0 Programmer's Reference (Programmer to Programmer)
Image of Operating System Concepts
Image of Beginning Google Maps API 3

Has Intel ME Analysis Tool Development Petered Out?

Recently I decided to upgrade the Intel Management Engine (ME) firmware on my Lenovo T450 laptop as Lenovo had released a new version of the firmware ( in May 2017. The ME firmware upgrade went smoothly and no problems were encountered. After the upgrade was completed, I decided to review my knowledge of ME firmware internals using the ME firmware binary that I had just installed as I had last looked at ME firmware in early 2015. For readers who are not familiar with the Intel Management Engine, I suggest you first read this Wikipedia article on Intel Active Management

UEFI Utility to Read TPM 2.0 PCRs

In a previous post, I discussed how to retrieve Platform Configuration Register (PCR) values from a discrete TPM (Trusted Platform Module) 1.2 chip (dTPM 1.2) and provided source code for a UEFI shell utility to display the digests from the first 16 PCRs. In this post, I discuss a number of key TPM 2.0 features and provide the source code for a UEFI shell utility to display the digests from the first 24 PCRs of a TPM 2.0 implementation. What is driving the move to TPM 2.0? Simple, TPM 1.2 ((ISO/IEC 11889) only supports one hash algorithm, i.e. SHA1, and

Decrypt PROLiNK ADSL Modem Configuration File To Reveal Backdoor

I was recently asked by a friend to examine the settings on a PROLiNK ADSL2 router modem, model PRS1241B, to see if the performance of the modem could be improved as he was having trouble using it for video conferencing. PROLiNK is a brand of Fida International (S) Pte Ltd, a Singapore-based company founded in 1991, that produces a wide range of consumer technology products including a range of ADSL modems and routers. As usual, I wished to make a backup of the current user-configurable settings before modifying any user configurable settings. PROLiNK makes this an easy task to accomplish

Utilities for Parsing Intel Microcode

A recent issue on a Linux platform with an Intel CPU prompted me to check to see if there was a microcode patch available from Intel to fix the issue. This blog post provides the source code for some of the Python utilities I wrote to assist me in determining if a microcode update was available for my particular issue or not. Intel distributes microcode updates in the form of a text file consisting of groups of big endian 32-bit integers represented as hexadecimals. As an example, here is a portion of one such file: /* Fri Nov 4 16:09:13

Use 010 Editor to Obtain Header Fields From Intel Microcode Binary Files

In my last blog post, I used the well-known 010 text and hex editor (010 Editor) to examine both the documented and the undocumented header of individual Intel microcode binary blobs which I extracted from a Lenovo T450 firmware update file. I decided to see how easy or difficult it was to use the 010 Editor to output a single of header information for a group of Intel microcode blobs, i.e. all five binary blobs extracted from the Lenovo firmware update using UEFItool. This post describes my experience. Originally I hoped to be able to just write a simple 010