bit-tech.net

Intel confirms anti-theft technology for Sandy Bridge

Published on 20th December 2010 by Gareth Halfacree

Intel's Sandy Bridge platform will include upgraded anti-theft capabilities for portable devices.

Intel has confirmed that Sandy Bridge will take aim at corporate computing, introducing upgraded anti-theft technology in the vPro-equipped chips.

While precise details of the improved security features are currently under wraps, Intel's David Allen confirmed that they're set to include the ability to remotely disable Sandy Bridge-based systems from a remote administration console.

Speaking to IT Business, Allen explained that corporate IT departments could configure Sandy Bridge-based laptops to be deactivated on demand, providing a remote 'kill-switch' that enables lost or stolen laptops to be rendered useless remotely.

While the technology is simply an enhancement of anti-theft technologies already available on some corporate Intel platforms, it's an indication that Intel may be targeting Sandy Bridge at large corporations. Sadly, however, there are currently no signs of the technology appearing at the consumer level, where it could mimick Apple's Mobile Me remote management technology on its iPhone and iPad devices.

It's a focus that Allen is keen for Intel's OEM and ODM partners to focus on. 'As we go forward into 2011,' stated Allen, 'Sandy Bridge will deliver the security, connectivity and performance options that businesses need, and we'll rely on our channel to help deliver this to the SMB market.'

Allen also took the opportunity to claim that Intel has nothing to fear from ARM co-founder Hermann Hauser's comments that Intel will be 'obliterated', explaining that the company has long since 'evolved from being a chip company to a computing solutions company with platforms, software and services.'

Do you like the sound of a laptop you can shut down remotely, or are you worried about what could happen if ne'er-do-wells figure out how to maliciously activate the new security protocols in Sandy Bridge systems? Share your thoughts over in the forums.

29 Comments

Discuss in the forums Reply

Neonhalo 20th December 2010, 12:53

Awaiting the code to disable the CPU to be leaked in 3, 2, 1....

Seriously though, it's a good idea, albeit one that throws up a huge amount of questions regarding possible malicious use of this feature. I can already see LAN parties where a competitor simply disables other gamers' PCs to gain the upper hand at SC2..

yakyb 20th December 2010, 13:01

umm how does this stop someone browseing your HDD (or perhaps more importantly one of the governments Lackeys harddrives

that is more important imho

r3loaded 20th December 2010, 13:12

All vPro systems have a TPM, which Windows can use to encrypt the hard drive with BitLocker. Plus I believe there's another technology to lock the hard drive to the motherboard.

StoneyMahoney 20th December 2010, 13:35

I ain't ever letting this tech anywhere near my server rack. Screw data theft, I'm more worried about a permanent denial of service (PDoS?) attack that needs CPU replacements to fix.

I'm not even sure it's a good idea for desktop stuff that might get stolen. let alone laptops. Makes a nice attack vector that shuts down an entire company office for a few days when deployed right. Or you're sitting in a coffee shop using WiFi and next thing you know you're staring at a brick with keys on it.

In the NHS we used Safeboot to do almost exactly the same thing without it being at the hardware level so you could do something about it if it kicks in inappropriately.

billysielu 20th December 2010, 14:06

worst idea ever

schmidtbag 20th December 2010, 14:26

its a good idea in the sense that it buys you more time but once the cpu is dead your hard drive is wide open for anyone to enter. besides, i'd rather put a tracking system on the laptop and have the possibility of getting it back. since intel cpus are so expensive (and their corporate CPUs are ridiculously expensive), i wouldn't like to kill my cpu and buy a new one if i were to ever get it back.

SpAceman 20th December 2010, 14:28

Its just another exploitable dumb idea for attacks by people who want to screw up other people's computers for a lol. Just no.

leveller 20th December 2010, 14:33

If it works, great!

Kyndylan 20th December 2010, 14:53

Have people seen this?

http://www.trustedreviews.com/cpu-memory/news/2010/12/20/Sandy-Bridge-Processors-Go-On-Sale/p1

A shop in Malaysia has put some Sandy Bridge on sale!

"The high end Core i7 clocks in at 3.4GHz and will set you back 939 Malaysian ringgits (RM) or about £190. This is followed by 609RM (£125) for the 3.1GHz 2400, and 585RM (£120) for the 2.8GHz 2300. "

HourBeforeDawn 20th December 2010, 16:10

okay so they disable the computer then what? Im sure a person looking at it from information stand point will just yank the hdd and start nabbing the info that way. Seems a bit pointless, not to mention the risk of non IT guys doing this for fun to peoples systems.

DragunovHUN 20th December 2010, 16:39

I'm assuming that the HDDs will be encrypted somehow. What i'm curious about is the method with which this remote panel can communicate the disable command to the laptop, for example if it's not connected to the internet.

shanky887614 20th December 2010, 16:46

lol, im never going to buy anything with a sandy-bridge chip in it

this would make an amusing virus,

seriously though how hard would it be to create a virus that auto destroys these chips

bobwya 20th December 2010, 17:44

Sounds like a "feature" - in the same way that DRM is...

pendragon 20th December 2010, 17:54

if this tech shows up in consumer chips, Intel can kiss my business goodbye!

Picarro 20th December 2010, 19:13

+1 to the CPU-virus-locking-idea

Showerhead 20th December 2010, 19:46

So how long before a virus is developed for it?

Picarro 20th December 2010, 19:52

Quote:

Originally Posted by Showerhead
So how long before a virus is developed for it?

Normally it takes them about a week to crack the DRM for a game. Since this is a bit more hardware based I would say two weeks? Three at the top.

bogie170 20th December 2010, 21:38

What if someone steals the anti theft technonolgy and kills your computer? I don't tust this from intel.

Cthippo 20th December 2010, 23:08

Sounds like we could see a return to the days of holding computers for ransom with a virus. Besides which, what's the keep the thief from switching out the processor before starting in on the data. From a data theft point of view, especially in the corporate world, you're looking at some pretty serious and capable professional hackers.

enciem 20th December 2010, 23:40

Quote:

Originally Posted by Cthippo
Sounds like we could see a return to the days of holding computers for ransom with a virus. Besides which, what's the keep the thief from switching out the processor before starting in on the data. From a data theft point of view, especially in the corporate world, you're looking at some pretty serious and capable professional hackers.

To be fair, the most likely person to pick up your lost laptop is the person sitting near you on the train. If it's stolen, it's more likely that's it going to be your resident hoodie thief than some professional hacker, they probably don't need your laptop to begin with.

My work laptop's got drive encryption on it, not sure how good it is but it sounds more useful than being able to shut off the processor. The only thing this is useful for is to stop people who can't use a screw driver. Abu Hamzer must be kicking himself for taking those hacking night classes.

sesmith3 21st December 2010, 00:02

While Intel Anti-Theft 3G capability will be new on the 2011 Intel Core Intel vPro processors, it will disable and re-enable the PC just as the Internet-based version does now. Currently a similar approach is taken with encryption keys. There's a lot explained here: http://www.intel.com/technology/anti-theft/

LordPyrinc 21st December 2010, 00:39

This sounds like a horrible idea. Once the remote shut-off has been hacked, there is little to stop someone to set up a iterative program that could continue to "dial-up" CPUs and shut them down. Even if it takes 1 in every 1000 iterations to find and disable a valid CPU's "address", that can do major damage. Set multiple computers to the task and then one can multiply their target saturation.

What moron thought up this idea?

leexgx 21st December 2010, 03:14

if the cpu has the lock enabled its most likely going to be tied in with an hard drive lock that al laptops have an standard as well rendering it useless even if its not encrypted the hdd will be useless unless an pro has an go at it (most of the time its an found or lifted laptop)

do not see how different this is to how currant TPM implementations is with Vpro

love the comments in here know do not seem well thought out
there is nothing stopping you from Enabling it never mind disabling it (like when dell laptops come with that computer trace its set to disable by default), note i did say enable first before disable as its default state would be disable

Bindibadgi 21st December 2010, 03:41

Quote:

Originally Posted by sesmith3
While Intel Anti-Theft 3G capability will be new on the 2011 Intel Core Intel vPro processors, it will disable and re-enable the PC just as the Internet-based version does now. Currently a similar approach is taken with encryption keys. There's a lot explained here: http://www.intel.com/technology/anti-theft/

Welcome Scott :)

(To everyone else: he is an Intel employee, so direct questions his way on here ;) )

kosch 21st December 2010, 12:42

Quote:

Welcome Scott :)

(To everyone else: he is an Intel employee, so direct questions his way on here ;) )

I'm imagning his PM box getting flooded with messages now!

sleepygamer 21st December 2010, 15:46

Destruct Sequence: 1-A, 2-B, 3-

*BOOM*

Thanks a lot Takei, now everybody knows!

frontline 22nd December 2010, 00:07

I suspect it is in there to disable the PC if it detects you browsing www.amd.com or googling 'bulldozer' (would catch out unsuspecting building contractors as a side effect).

blink 22nd December 2010, 01:58

Probably be useful backdoor for the U.S. government to shut down whatever computers they can, whenever they want to. I mean, after the destruction of Net Neutrality and Joe Lieberman's demand for an "off switch" for the internet.

azrael- 22nd December 2010, 10:47

Hmm... I keep reading Sandy Bridge CPUs. I'm pretty certain (most of) this tech resides in the chipset (since they're vPro-enabled, while to my knowledge CPUs aren't) )and works in conjunction with other tech in the PC. As long as the shutdown is reversible it might actually be beneficial. Although I find it has TCPA written all over it...