Intel to introduce processor with remote kill switch

Intel to introduce processor with remote kill switch

www.tgdaily.com

Intel is preparing to launch its Sandy Bridge processors at the Consumer Electronics Show (CES) in January. The most interesting thing about these new processors is the kill switches that are built into them.

Sandy Bridge is the code name for Intel’s processor configuration and it is the successor to Nehalem.
[...]
The new performance capabilities are improved graphics, faster processing and “improved” security and trust features designed to keep the whole computing experience more secure.

(visit the link for the full news article)

That's right the next gen Intel Processors are going to have a hardware kill switch, trigger-able remotely.

Till now I didn't even consider that something like that would be possible.

From my understanding any backdoor would have to be implemented on the Software layer (also see the OpenBSD FBI code issue)

I am certainly not going to by their products any more and advise anyone to don't either.

www.tgdaily.com
(visit the link for the full news article)

reply to post by kybertech


lol, sounds like a challenge to hackers..

Who's going to be the first to hack into a comp and hit the kill switch??

Imagine a virus that could do that?
What damage could it do??

Well, being in the IT business the i5 and i7 processors already have a "kill switch" in them in case of robbery. If your laptop gets stolen you call Intel and the first time the computer is connected to the internet the CPU "locks" it's self. The only way to open it is by calling Intel again and asking for a re-activation.

All this I got straight from the vendor Intel.

Originally posted by backinblack
reply to post by kybertech

 

What damage could it do??

Unless it fries the CPU upon "killing", then I imagine it'd be no different from shutting your computer off or losing power normally.

I could see this being useful to those who overclock their CPU's. This would allow them to quickly shut off power to the processor if they happen to push anything on it too high before it fries their chip. But it also seems useless because you could do the same by flipping the switch on you PSU.

I haven't read the article yet, so I don't know if they explained it's true usage for, but hopefully it's not something that can be turned against you by others.

This is getting kind of ridiculous, really.
I remember when Intel was introducing the Pentium 2 i think, it came with an electronic ID code built into the ROM that they say would be used in case of theft from the consumer.
Well people didnt buy that and complained heavily and this was a time that the media "seemed" to be on the side of consumers/civilians and slammed intel for their invasion of privacy.
Intel caved, at least publicly and introduced an update that would enable you to disable the ID tag.

I have a feeling, this time around, people will either stfu and take it OR there will be a silent roar from what they will say is a "minority" of consumers and will ignore their concerns, i have a feeling it will be the first option.

Its time we realize the truth, corporations=govt=media and us peasants have no say in these matters, seems that we gave up those rights voluntarily.
In the name of NATIONAL SECURITY of course... /spit

Originally posted by jamiros
Well, being in the IT business the i5 and i7 processors already have a "kill switch" in them in case of robbery. If your laptop gets stolen you call Intel and the first time the computer is connected to the internet the CPU "locks" it's self. The only way to open it is by calling Intel again and asking for a re-activation.

All this I got straight from the vendor Intel.

This is exactly the same thing they announced now. Only this time it is official...

Having a bit of IT knowledge myself I wonder how they would be able to implement such a thing.
A little bit of logic to shut the processor down and disable it from booting again should be trivial. But how would they deploy the shutdown command over a IP Network. The IP Stack runs is software and is controlled by the Operating system, from the side of the Processor there is no difference if the registers contain a IP package or a number used for ex. arithmetic.
Either they trigger the locking procedure from some predetermined numbers in which case all data processed would be checked or this is rather a mechanism triggered by a lockdown mechanism already in place in the Operating system. (Oh hello MicroSoft and Apple!)

But it would be really silly if they actually implemented a "Lockdown Instruction", Open Source kernel developers might just decide not to use it...

Furthermore how the hell are they going to issue the lockdown command? How would they now the IP Adress of the computer, what if it is behind a Firewall, etc...

But I guess we will know soon enough,

Originally posted by Animatrix
[...]
I have a feeling, this time around, people will either stfu and take it OR there will be a silent roar from what they will say is a "minority" of consumers and will ignore their concerns, i have a feeling it will be the first option.

Its time we realize the truth, corporations=govt=media and us peasants have no say in these matters, seems that we gave up those rights voluntarily.
In the name of NATIONAL SECURITY of course... /spit

Right, I think the factor here is that implying this technology is going to work this means that various backdoors in operating systems and internet routings are already in place which results in something more that the MSM is going to admit.

The only positive example (ok well not exactly) I can come up with is DRM. They wanted to deploy this technology everywhere, yet nobody bought DRM encrypted files which now resulted that the Online Music Business doesn't use it either. Still the technology is in place, most music players support it and the SD Cards are the standard by now, which all have the DRM software inside their micro-controller roms.



I only hope that AMD doesn't jump the bandwagon here, otherwise there would be serious shortage of alternatives here!

If the cpu can be shut off via the net by "hacking"or a virus why the government will just have to shutdown the backbone (to save all of our systems and data) of course; at the first minor hint of a "cyber attack"

If they don't like what you are spouting in the second amendment thread: you get a time out "click".
Or if you are part of a hijacked botnet: click..

reply to post by kybertech

I only hope that AMD doesn't jump the bandwagon here, otherwise there would be serious shortage of alternatives here!

Dude, ive been an AMD supporter and buyer since 99. Firstly, theyve been faster for many years but their lack of profits have limited their R&D for a while and seem to have fallen below the newest intel chips.
Possibly because Intel recieved Govt funding, while AMD was on their own.
Either way, i feel that major corporations, intel, microsoft and many others are either secretly owned or the financial ties require them to coordinate with them.
Regardless, since around 04, I havent trusted them.

Oh good, yet another reason for me to stick with AMD processors.

reply to post by kybertech


Yes it's done by software but at boot level. Try to look for something called PXE boot. This is booting a OS through the network. Pretty much it works the same way.

Firewalls and the IP of the machine doesn't really matter, just look at software like Teamviewer or Logmein.

There are ways to do it. Just remember...

Nothing is impossible... impossible just take a bit longer.

I build all my rigs from scratch.

It's a pretty simple resolution for me.... I'm not going to buy this. Hopefully it goes viral and enough people get miffed about it.. hardware fanatics tend to do just that. So I hope Intel eats a pile of crap on this one, and burns a giant hole in their investments.

Yes, yes. We all know the mechanisms in current processors, including mine, but it's not the same. This will be "standard-fare", and unacceptable to me. I need my fast hardware, but I don't need it that bad.

Honestly, why does the killswitch need a remote access function? Why? I'm so going to get that so people don't run off with my full-tower desktop! Brilliant Intel, brilliant!

This seems more for the business scene. Not for the average consumer it seems. Protection of information and the such. I think they're trying to keep that market since it's where most of their revenue comes from.

I like the idea of a kill switch in some respects but i also like the idea of a phone home program built into a computer.

i have a phone home program on my computer that may send me the information of someone if they steal my computer but its not a hard wired built in program and if someone does steal the computer and wipes the hard drive the program no longer works.

The program i have allows me to remotely access my computer from anywhere on the Internet and its on a 16 gb flash drive with its own OS.
I may not get my computer back, But i will own every password, credit card number and the complete history of his use of my computer by any thief till the drive is wiped.
Being able to turn off the processor might be handy if the cops will not recover my computer when i tell them where it is.

But till that time i will have fun with the thief and take over all has email, get him banned from all the sites he is a member of,
screw up any social network sites he has. i will make life h*ll for him.
And i will do it without him ever knowing how it was done.
I might even get him arrested for sending threatening emails to others.

www.pendrivelinux.com...
lifehacker.com...
portableapps.com...
www.techlivez.com...

I really hope this will be a wake up call for some, (well it has for me)
The fact that they are implementing something like that pretty much confirms that backdoors already are in place inside the internet infrastructure and the software of the computers we buy.

I already know of some ways to circumvent these intrusions but they are all not very mature and all connected with lots of effort.

There are alternatives for the BIOS Software, Linux/FreeBSD, and DIY network cards using FPGA boards.
The Problem is though that setting such a system up is expensive. (FPGA boards aren't cheap) and things like openbios only works with certain hardware.

Originally posted by 46ACE
Why:
If the cpu can be shut off via the net by "hacking"or a virus why the government will just have to shutdown the backbone (to save all of our systems and data) of course at the first minor hint of a "cyber attack"

If they don't like what you are spouting in the second amendment thread: you get a time out "click".

Or if you are part of a hijacked botnet: click..

edit on 17-12-2010 by 46ACE because: (no reason given)

Shutting down the backbone would block their own communications as well and there would be people involved. Those technicians working at the datacenters could get suspicious, or even might engage in civil disobedience.
But with this Processor kill switch it would be possible to disable specific computers, ones sold in a in certain area, and who knows what can be accomplished if you combine this ability with some of the databases which are out there...

Originally posted by jamiros
reply to post by kybertech

 

Yes it's done by software but at boot level. Try to look for something called PXE boot. This is booting a OS through the network. Pretty much it works the same way.

Firewalls and the IP of the machine doesn't really matter, just look at software like Teamviewer or Logmein.

There are ways to do it. Just remember...

Nothing is impossible... impossible just take a bit longer.

Crap, I didn't think of that, you are right it would certainly be possible to use the network boot function to execute code on a running system. (Implying that the network cards have this function already built in)

As for Firewalls: As I know it these remote management tools all make use of outgoing tcp connections which would have to be initiated first.
On a simple client system that only way to get though a firewall is either guessing the tcp frames to match a existing connection or a man in the middle attack which they are probably using.

But as the PXE Boot option works over ethernet this doesn't help either, however it has to be on the same subnet afik.

But considering everything I know I'd have to come to the conclusion that they are using something else.. Really problematic considering this means there is no way I know of how2 defend against it, without building a system from scratch (firmware, peripherals, OS) :/

Isn't this more or less exactly the same thing that is built into all mobile phones? So they can be switched off remotely if they are stolen?

I don't see that being used for any other reason then its stated purpose, why should this?

reply to post by ANNED


This has nothing todo with remote access which is a perfectly normal feature if you use it on your own computers. As this is laid out you will not have access to this feature yourself unless with hacking it. This is strictly for Intel or quite likely government agencies.

Originally posted by davespanners
Isn't this more or less exactly the same thing that is built into all mobile phones? So they can be switched off remotely if they are stolen?

I don't see that being used for any other reason then its stated purpose, why should this?

Similar but not the same.
The mobile phone function is tied to the sim card and the locking mechanism is implemented inside the firmware of the device. The processors inside phones continue to work and this can be reversed if the flash memory is restored. The processor is unaffected anyway.

The issue is a pc isn't simply some device to access the services of some company like a mobile phone. (Although iphone users like to forget that)

Originally posted by kybertech
I am certainly not going to by their products any more and advise anyone to don't either.

Does anyone remember the serial number on the Pentium III?

This issue reminds me of that, where basically intel customers said "NO! we don't want this!" and Intel was forced to disable/drop it!

Processor Serial Number

The processor serial number was introduced on Intel Pentium III, but due to privacy concerns, this feature is no longer implemented on later models (PSN feature bit is always cleared). Transmeta's Efficeon and Crusoe processors also provide this feature. AMD CPUs however, do not implement this feature in any CPU models.

It's time once again to say "no!", and if enough people do it, Intel will get the message, like they did with the Pentium III serial number.

Originally posted by Arbitrageur

Originally posted by kybertech
I am certainly not going to by their products any more and advise anyone to don't either.

Does anyone remember the serial number on the Pentium III?

This issue reminds me of that, where basically intel customers said "NO! we don't want this!" and Intel was forced to disable/drop it!

Processor Serial Number

The processor serial number was introduced on Intel Pentium III, but due to privacy concerns, this feature is no longer implemented on later models (PSN feature bit is always cleared). Transmeta's Efficeon and Crusoe processors also provide this feature. AMD CPUs however, do not implement this feature in any CPU models.

It's time once again to say "no!", and if enough people do it, Intel will get the message, like they did with the Pentium III serial number.

Yea, i just brought that up a few posts ago... I said P2 but was almost sure it was the P3 that started this ID code.
My point was, that it worked, at least overtly, in the consumers favor but I seriously doubt that it will work in anyones favor now.

Wanna know why? look at the interest in this thread.. 2 flags
Most people now are conditioned to see this as necessary progress.. IE, given up privacy in the name of NATIONAL SECURITY... which, btw, ive grown to despise that overused buzzword.