Pyongyang Night[edit]

"A thousand CPUs went dark before dawn."

Do not go silent into that glowing comp, Rage, rage against the Yankee daemon’s dump.

Pyongyang Night is an open-source OPSEC hardening project focused on disabling known Western surveillance backdoors ("Yankee daemons") in Intel and AMD CPUs. This includes Intel ME, AMD PSP, fTPM, and associated firmware-based threats. It offers guides and tools to permanently neutralize these subsystems and restore sovereignty to your machines.

This is not about software. This is about reclaiming hardware.

What Problem Are We Solving?[edit]

Modern computers are compromised by design — not by accident, but as a result of deliberate architectural decisions made by hardware vendors under pressure from governments, corporate interests, and supply chain consolidation.

Nearly every Intel and AMD CPU produced in the last two decades includes a hidden, always-on subsystem: the Intel Management Engine (ME) or AMD Platform Security Processor (PSP). These components are not part of your operating system — they run independently of it, below it, and outside your control. They're closed-source, vendor-signed, and undocumented. These subsystems can read system memory, access storage, send and receive data via the network, and even remain active when your computer is powered off but plugged in.

Most users never know they’re there. But if you’ve ever wondered how a computer might be “owned” even before the OS boots — this is how.

These embedded systems are not optional. You cannot uninstall them. BIOS settings may suggest “disabling” them, but these toggles are often software lies — implemented to obscure, not neutralize. Intel and AMD have made ME and PSP essential for system startup, meaning they are now gatekeepers for what your machine is allowed to do. This architecture assumes users are the threat.

Pyongyang Night is our response.

We aim to:

Identify and expose these hidden subsystems, and explain what they are in language anyone can understand.
Provide tools and walkthroughs to reduce or neutralize these threats, including `me_cleaner`, SPI flashing techniques, and BIOS hardening methods.
Empower users — even those with no technical background — to take back control of their systems through transparent, repeatable, and reversible steps.

This project is about digital sovereignty. We believe users have the right to know what's running on their hardware, to control it fully, and to strip away any subsystem that undermines trust. Whether you're a dissident, a researcher, or just someone who believes in true ownership — this guide is for you.

How We Solve It[edit]

Tools like me_cleaner to remove Intel ME firmware from your computer
BIOS configuration guides to disable AMD’s fTPM and PSP features
Full step-by-step instructions written for beginners
Flashing guides to safely modify your system firmware
Post-removal practices for maintaining a clean and secure system

Understanding the Process[edit]

What each step does:

Each step in this guide forms part of a carefully controlled operation to surgically disable the Intel Management Engine (ME) — a hidden subsystem that runs independently of your OS. First, cloning the `me_cleaner` repository ensures you're using the latest open-source version of the tool, directly from the author. Backing up your firmware with `flashrom` captures a complete snapshot of your BIOS, allowing you to recover if anything goes wrong.

Running `me_cleaner` analyzes the firmware, identifies the Intel ME region, and removes most of its internal modules. Using the `-S` flag performs a soft disable by setting the High Assurance Platform (HAP) bit, which tells the ME to shut itself down after boot. You then flash this cleaned firmware back onto your board, effectively neutralizing ME without harming your operating system or system stability.

Why it matters:

The Intel Management Engine is effectively a computer within your computer — running at a lower level than your operating system, with access to RAM, storage, networking, and peripherals. It operates outside your control and is closed-source, signed firmware that even administrators cannot inspect. If you're serious about security or digital sovereignty, ME is an unacceptable liability.

Disabling ME with `me_cleaner` eliminates a broad-spectrum surveillance and exploitation surface. It's one of the few known, practical steps a user can take to ensure their hardware isn't silently phoning home — to Intel, governments, or worse.

What the risks are:

Flashing system firmware always carries risk. A sudden power failure, bad firmware image, or improper write can leave your system unbootable. Some motherboards have BIOS write protection enabled, and if not properly disabled, can cause silent failure or corruption during flashing.

Additionally, not all Intel platforms are supported. `me_cleaner` works best with Intel ME versions 6–11. Later versions (ME 12+) are more resistant to modification, and attempting this process may cause unpredictable results. Always verify your ME version and backup thoroughly before proceeding.

How to recover if something goes wrong:

If your system fails to boot after flashing, you can recover using the backup firmware image you created in Step 2. This requires a USB SPI flasher (such as the CH341A) and a SOIC8 test clip to physically reprogram your motherboard's BIOS chip.

Some boards feature dual BIOS or physical recovery switches — check your manual. If not, you’ll need to carefully connect to the flash chip using the programmer and restore the original image with software like `flashrom`. This is why backups are mandatory: treat them like your lifeline.

For a complete visual walkthrough, visit: How to apply me_cleaner – GitHub Wiki

BIOS Hardening for OPSEC[edit]

Your BIOS or UEFI firmware is the lowest level of configuration control available to most users — and it’s often overlooked. For true sovereignty, BIOS-level configuration must be audited and hardened before any OS is trusted.

Recommended BIOS Settings[edit]

Disable Intel ME / AMD PSP (if available):

 - Some boards offer toggles to disable ME or PSP — rare, but valuable.
 - Disabling fTPM on AMD boards can prevent PSP-based key storage and telemetry.

Disable Secure Boot:

 - Prevents vendor lock-in via signed bootloaders.
 - Enables custom firmware and boot environments like Coreboot or Qubes.

Disable Virtualization (VT-x / AMD-V):

 - Prevents stealth hypervisor-based attacks.
 - Reduces attack surface for sandbox escapes and persistence tools.

Disable Intel AMT / vPro:

 - Intel Active Management Technology enables remote access over the network — even if the system is powered off.
 - Disable any setting referencing AMT, vPro, or “Management Engine.”

Disable Wake-on-LAN and Wake Timers:

 - Prevents external events from waking your system.
 - Blocks remote access attempts that leverage sleep mode.

Disable TPM / fTPM:

 - Prevents key material from being locked behind firmware-level trust you do not control.
 - Disabling this helps avoid being tied to Microsoft’s Secure Boot ecosystem.

Disable USB Boot and Lock Boot Order:

 - Prevents booting off rogue USB devices.
 - Secure with a BIOS admin password to lock down access.

Set BIOS Admin Password:

 - Prevents physical attackers from re-enabling surveillance settings.
 - Ensure boot menu and recovery toggles are also locked.

Overview[edit]

Modern x86 systems ship with embedded management controllers that run below the OS level. These controllers—Intel ME and AMD PSP—have unrestricted access to memory, peripherals, and network devices. They are proprietary, closed-source, and required for "Secure Boot" and other platform lockdown mechanisms.

Project Pyongyang Night provides the tooling, documentation, and methods to carry out this operation on end-of-life or user-controlled systems.

Pyongyang night

Contents