Revision as of 07:59, 21 April 2025

Pyongyang Night

"A thousand CPUs went dark before dawn."

Pyongyang Night is an open-source OPSEC hardening project focused on disabling known Western surveillance backdoors ("Yankee daemons") in Intel and AMD CPUs. This includes Intel ME, AMD PSP, fTPM, and associated firmware-based threats. It offers guides and tools to permanently neutralize these subsystems and restore sovereignty to your machines.

What Problem Are We Solving?

Modern computers are compromised by design.

Intel and AMD CPUs ship with hidden, closed-source subsystems like the Intel Management Engine (ME) and AMD Platform Security Processor (PSP). These components run independently of the main operating system, have access to all your memory and devices, and can communicate over the network—even when your machine appears to be off.

These subsystems are not optional. They are embedded into the silicon and signed by their manufacturers. You cannot audit, control, or fully disable them using standard settings.

In short: these are built-in backdoors.

Pyongyang Night aims to:

Identify and expose these hidden systems
Provide tools and tutorials to disable or neutralize them
Offer accessible, step-by-step guides even for users with minimal technical background

This project is about regaining digital sovereignty.

How We Solve It

We provide:

Tools like me_cleaner to remove the Intel ME firmware from your computer
BIOS configuration guides to disable AMD’s fTPM and PSP features
Full step-by-step instructions written for beginners
Flashing guides to safely modify your system firmware
Post-removal practices for maintaining a clean and secure system

We use only open-source tools, and explain:

What each step does
Why it matters
What the risks are
How to recover if something goes wrong

Whether you’re a paranoid sysadmin or just a normal user who doesn’t like the idea of a mystery microcontroller spying on you—this guide is for you.

Overview

Modern x86 systems ship with embedded management controllers that run below the OS level. These controllers—Intel ME and AMD PSP—have unrestricted access to memory, peripherals, and network devices. They are proprietary, closed-source, and required for "Secure Boot" and other platform lockdown mechanisms.

Project Pyongyang Night provides the tooling, documentation, and methods to carry out this operation on end-of-life or user-controlled systems.

@@ Line 6: / Line 6: @@
 '''Pyongyang Night''' is an open-source OPSEC hardening project focused on disabling known Western surveillance backdoors ("Yankee daemons") in Intel and AMD CPUs. This includes Intel ME, AMD PSP, fTPM, and associated firmware-based threats. It offers guides and tools to permanently neutralize these subsystems and restore sovereignty to your machines.
-== Table of Contents ==
+== What Problem Are We Solving? ==
-* [[#Overview|Overview]]
-* [[#Intel: Removing the Management Engine (ME)|Intel: Removing the Management Engine (ME)]]
-* [[#AMD: Disabling the Platform Security Processor (PSP)|AMD: Disabling the Platform Security Processor (PSP)]]
-* [[#Recommended Tools|Recommended Tools]]
-* [[#Post-Cleanup OPSEC Practices|Post-Cleanup OPSEC Practices]]
-* [[#Contributions|Contributions]]
-----
+Modern computers are compromised by design.
-== Overview ==
+Intel and AMD CPUs ship with hidden, closed-source subsystems like the Intel Management Engine (ME) and AMD Platform Security Processor (PSP). These components run independently of the main operating system, have access to all your memory and devices, and can communicate over the network—even when your machine appears to be off.
-Modern x86 systems ship with embedded management controllers that run below the OS level. These controllers—Intel ME and AMD PSP—have unrestricted access to memory, peripherals, and network devices. They are proprietary, closed-source, and required for "Secure Boot" and other platform lockdown mechanisms.
+These subsystems are not optional. They are embedded into the silicon and signed by their manufacturers. You cannot audit, control, or fully disable them using standard settings.
-== Intel: Removing the Management Engine (ME) ==
+In short: these are built-in backdoors.
-'''Step 1:''' Check if your system is vulnerable
+'''Pyongyang Night''' aims to:
-* Target systems: Intel platforms from 2008–2017 (Core 2 through Skylake/Kaby Lake)
+# Identify and expose these hidden systems
-* Look for ME version 6.x – 11.x
+# Provide tools and tutorials to disable or neutralize them
+# Offer accessible, step-by-step guides even for users with minimal technical background
-'''Step 2:''' Install dependencies:
+This project is about regaining digital sovereignty.
-<syntaxhighlight lang="bash">
-sudo apt install flashrom python3 git build-essential
-</syntaxhighlight>
-'''Step 3:''' Dump firmware:
+== How We Solve It ==
-<syntaxhighlight lang="bash">
-flashrom -p internal -r backup.rom
-</syntaxhighlight>
-'''Step 4:''' Clean ME using me_cleaner:
+We provide:
-<syntaxhighlight lang="bash">
+* Tools like '''me_cleaner''' to remove the Intel ME firmware from your computer
-git clone https://github.com/corna/me_cleaner.git
+* BIOS configuration guides to disable AMD’s fTPM and PSP features
-cd me_cleaner
+* Full step-by-step instructions written for beginners
-python3 me_cleaner.py -S ../backup.rom -o cleaned.rom
+* Flashing guides to safely modify your system firmware
-</syntaxhighlight>
+* Post-removal practices for maintaining a clean and secure system
-'''Step 5:''' Flash cleaned firmware:
+We use only open-source tools, and explain:
-<syntaxhighlight lang="bash">
+* What each step does
-flashrom -p internal -w cleaned.rom
+* Why it matters
-</syntaxhighlight>
+* What the risks are
+* How to recover if something goes wrong
-== AMD: Disabling the Platform Security Processor (PSP) ==
+Whether you’re a paranoid sysadmin or just a normal user who doesn’t like the idea of a mystery microcontroller spying on you—this guide is for you.
-'''Step 1:''' Disable fTPM in BIOS
+== Table of Contents ==
-'''Step 2:''' Disable Secure Boot
+* [[#Overview|Overview]]
-'''Step 3:''' Monitor PSP activity (Linux):
+* [[#Intel: Removing the Management Engine (ME)|Intel: Removing the Management Engine (ME)]]
-<syntaxhighlight lang="bash">
+* [[#AMD: Disabling the Platform Security Processor (PSP)|AMD: Disabling the Platform Security Processor (PSP)]]
-dmesg | grep -i psp
+* [[#Recommended Tools|Recommended Tools]]
-</syntaxhighlight>
+* [[#Post-Cleanup OPSEC Practices|Post-Cleanup OPSEC Practices]]
+* [[#Contributions|Contributions]]
-Follow community projects:
+== Overview ==
-* [https://github.com/Cr4sh/psp-tool psp-tool (WIP)]
-* [https://github.com/amd/blobs-openSIL openSIL (AMD's open firmware project)]
-== Recommended Tools ==
+Modern x86 systems ship with embedded management controllers that run below the OS level. These controllers—Intel ME and AMD PSP—have unrestricted access to memory, peripherals, and network devices. They are proprietary, closed-source, and required for "Secure Boot" and other platform lockdown mechanisms.
-* [https://flashrom.org/Flashrom flashrom]
-* [https://github.com/corna/me_cleaner me_cleaner]
-* [https://libreboot.org/ Libreboot]
-* [https://coreboot.org/status/board-status.html Coreboot Supported Boards]
-== Post-Cleanup OPSEC Practices ==
-* Use Qubes, Tails, or Whonix for ops
-* Use air-gapped systems where possible
-* Avoid fTPM/Secure Boot systems
-== Contributions ==
-We welcome new methods to disable Yankee Daemons. Submit tools, firmware dumps, or testing results via pull request.
-''"The boot ROM is the only God I fear."''
+'''Project Pyongyang Night''' provides the tooling, documentation, and methods to carry out this operation on end-of-life or user-controlled systems.

Difference between revisions of "Pyongyang night"

Revision as of 07:59, 21 April 2025

Contents

Pyongyang Night

What Problem Are We Solving?

How We Solve It

Table of Contents

Overview

Navigation menu

Search