-2

I have a HP PC bought less than four years ago.

I had several annoying issues with Linux due to this "Secure Boot" junk, so I disabled it in the BIOS/UEFI settings. Then I was able to install Nvidia GPU drivers and VMware on Linux without blocking error messages. However, it also altered the look of how my computer starts.

Previously, with Secure Boot enabled, it showed a graphical HP logo and then high-resolution text after the bootloader, when Linux was booting up prior to the GUI loading.

After I had disabled Secure Boot, it now shows a lot of low-resolution text, with no graphical HP logo, reminding me of what PCs used to look like when you booted them in the 1990s. Once Linux has kicked in after the bootloader, its text looks far more low-res and ugly (but not quite like the "native" font displayed prior to the bootloader). I find this odd, although it isn't a practical problem.

The question I have is this briefly displayed message (prior to the bootloader):

Soft Temporary Disable. To enable ME, check Active Management (AMT) option in F10 Setup.

Yes, literally, exactly like that. "Soft Temporary Disable". What does that mean? It's not English, and I can't guess what they refer to. "Soft"? Software? Temporary disabled? Huh? Don't they really mean "Secure Boot is turned off."? What is "temporarily" disabled exactly?

Even if their English isn't the best (which alone is worrying...), it just doesn't "add up".

And what do they mean by "enable ME"? The "Management Engine" is an unremovable hardware backdoor, isn't it? Are they suggesting that I have somehow disabled it by disabling Secure Boot? None of this makes any sense.

I get zero relevant results when searching online.

Improve this question
4
  • Intel Management Engine can be disabled. It just often isn't disabled by default. In my research, it appears that on Dell hardware, Intel ME requires Secure Boot to be enabled. I was able to find hundreds of helpful resources when I searched for that notification message.
    – Ramhound
    Commented Jul 22, 2023 at 15:54
  • I should clarify that when I say IME can be disabled, I mean it can be made useable since it's not configured and/or no services respond. The chip itself will still exist. Booting into Legacy Mode effectively disables IME.
    – Ramhound
    Commented Jul 22, 2023 at 16:16
  • "Hundreds of helpful resources"? What? Literally FIVE total unrelated search results.
    – Stan
    Commented Jul 22, 2023 at 16:16
  • Yes; As I looked further into the results i discovered that, but certainly more than zero. At least one video that explained, but it wasn't in English, so I can't confirm
    – Ramhound
    Commented Jul 22, 2023 at 16:18

1 Answer 1

Reset to default
1

This message relates to the Intel Management Engine (ME) :

The Intel Management Engine (ME), also known as the Intel Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel's processor chipsets since 2008. It is located in the Platform Controller Hub of modern Intel motherboards.

Secure Boot itself is, according to this Wikipedia article, one of the modules of ME.

It is normally not possible for the end-user to disable the ME and there is no officially supported method for doing this. However, it seems that for your computer module and BIOS/UEFI version, with your BIOS settings you have found a method of doing so.

I would guess that the "Soft Temporary Disable" will last until the next boot, when the BIOS/UEFI will disable it again (unless you enable the right BIOS settings such as Secure Boot).

Improve this answer
10
  • What do you mean by "I would guess that the "Soft Temporary Disable" will last until the next boot, when the BIOS/UEFI will disable it again (unless you enable the right BIOS settings such as Secure Boot)."? This has lasted numerous reboots.
    – Stan
    Commented Jul 22, 2023 at 16:18
  • I mean it's called "temporary" because the BIOS will start from an initial state in which ME is enabled, then find out that this is impossible and disable it. However, the initial boot state will always have it enabled. So this is temporary until reboot.
    – harrymc
    Commented Jul 22, 2023 at 16:21
  • I don't follow at all. Sorry.
    – Stan
    Commented Jul 22, 2023 at 21:15
  • ME is always enabled. Disabling it is only temporary until the next boot. I don't know of another way of stating that.
    – harrymc
    Commented Jul 22, 2023 at 21:22
  • As I've said, it says this every single boot. Not just once. What are you talking about?
    – Stan
    Commented Jul 23, 2023 at 8:41

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .