
Intel to introduce processor with remote kill switch - zoowar
http://www.tgdaily.com/opinion-features/53108-analysis-intel-to-introduce-processor-with-remote-kill-switch?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tgdaily_all_sections+%28TG+Daily+-+All+News%29
======
mlok
What about a new generation of viruses able to brick your computer using this
technology?

It also could be a way for Intel to kill old computers in order to make people
buy new ones (Most people would think that their machines were simply too old
and died) if wikileaks is still alive then, we might get confirmations about
such nasty tactics.

I just hate when efforts and money goes into disabling : I get mad when I
can't read an original DVD because of DRM protections (happened three times
last month). I hate it when clients money pay for efforts against them. It
reminds me of the Sony rootkit. All this is so wrong.

~~~
rbanffy
It's not in the best interest of the usually seen computer viruses to brick a
computer this way. A bricked computer cannot be turned into a spam zombie or a
node in a botnet.

However, considering the implications of Stuxnet, I can see a lot of uses for
processor kill switches. Imagine not only having to replace all your
centrifuges, you also have to replace all desktop computers in your government
offices, as well as the servers running your supply chains. To make it more
interesting, try to do that during an invasion.

To be fair, you may want to brick a stolen computer, but that only guarantees
it will never show up on any authorized dealer who can check the serial number
against a list of stolen computers.

------
pdx
Why would they add this feature? Are they going to sell more chips because of
it? Do they see a person who's on the fence about whether to buy a computer
with Intel inside, and have this be the thing that pushes them to decide to
buy? I find that extremely unlikely.

Instead, it seems like Steve Jobs has shown the world that you can sell
somebody a product but still maintain control of the product after the
transaction. Intel is apparently saying "We gotta get us some of that"

------
iwwr
I don't get the bad angle. Remote kill-switches would be very useful for
corporate devices.

A problem would arise if Intel could also surreptitiously do firmware changes
via this mechanism. On the positive side, however, companies could push
updates automagically.

As long as a customer knows what he's buying and can disable the feature, it's
a great addition for people or companies needing extra security.

~~~
Groxx
It's definitely there, though it would be mitigated if the buyer can disable
it (though how would you know it worked until it didn't?):

If _they_ can kill it, others can too. Be they script kiddies, bored geniuses,
or businesses or governments that would like to see your computer die.

The trick is that if there is such a desirable off button, it _will_ be
discovered, reverse engineered, or leaked. There's no "if", only "when".

~~~
iwwr
"If they can kill it, others can too."

Cryptographic science is mature enough to provide a robust solution to that
problem.

~~~
Groxx
It's mature enough that it's known there cannot _be_ a "robust" system like
you seem to be hoping for.

At some point down the chain, you trust someone else with your computer's off
switch. If they give it away/sell it/have it stolen, a stronger system merely
means you're _more_ assuredly screwed because there's less they can do to
prevent it from working as advertised.

And this is all aside from cryptographic weaknesses. Sure, there are strong /
robust systems, but at some point the ultimate authority lies somewhere,
somehow, and it can be taken. Even something like BitCoin, a nigh-authority-
free system, is vulnerable to this; if enough malicious computers perform
enough malicious calculations, they can convince everyone that _their_
transaction history is the correct history. Or a virus could do their work for
them.

------
wtallis
How can you implement a remote kill switch without also creating a permanent
unblockable remote code execution vulnerability? The only way I see to do it
would be to have the chipset monitor all network interfaces for the packet of
death, and give the chipset the ability to inject packets for the purpose of
authentication before it actually kills the system.

------
yread
This article is a pure spin! This technology (or similar) is already in the
processors today. But:

1) it has to be activated

2) it has to be paid for (subscription)

3) the laptop can be enabled again if you recover it from the thief

4) it is only in the Q or QM chipsets

Seriously, I'm all for being paranoid when it makes sense. But you already
have to trust Intel if you buy a processor from them. And I believe the
technology can implemented securely (unique RSA key pair for each processor?)

see
[http://www.techzone360.com//topics/techzone/articles/127365-...](http://www.techzone360.com//topics/techzone/articles/127365-remote-
kill-switch-added-new-intel-processor.htm)

Edit: also it's apparently old news: [http://www.eweek.com/c/a/Desktops-and-
Notebooks/Intel-vPro-E...](http://www.eweek.com/c/a/Desktops-and-
Notebooks/Intel-vPro-Enhancements-Coming-with-Sandy-Bridge-551570/)

~~~
rbanffy
There should also be lots of ways to permanently brick a computer with
software.

In the good old CGA/MDA days all you had to do was to program the wrong scan
rate in your CRT controller and watch as your monitor exploded, fireworks
included.

------
paulgerhardt

        Instead of a kill switch Intel could have went with a Lo-Jack type system.
    

Nearly all laptops these days come with the LoJack bios agent pre-installed:
<http://www.absolute.com/en/products/bios-compatibility.aspx>

Notable exceptions include Apple, Sony, and the Lemote Yeeloong (of Richard
Stallman fame).

Interestingly, Absolute Software has no formal connection with the LoJack
corporation other than licensing their name for the software.

~~~
swolchok
Did some digging, and LoJack security vulnerabilities were detailed at
BlackHat 2009:

[https://www.blackhat.com/presentations/bh-
usa-09/ORTEGA/BHUS...](https://www.blackhat.com/presentations/bh-
usa-09/ORTEGA/BHUSA09-Ortega-DeactivateRootkit-SLIDES.pdf)
[https://www.blackhat.com/presentations/bh-
usa-09/ORTEGA/BHUS...](https://www.blackhat.com/presentations/bh-
usa-09/ORTEGA/BHUSA09-Ortega-DeactivateRootkit-PAPER.pdf)

------
pjscott
In related news, I hear that AMD has some nice processors coming up.

~~~
tapiwa
Intel had better make this an opt-in, and then opt-in again option. AMD will
clean house otherwise.

The number of use cases where this can go horribly wrong, either due to
malice, or indeed because of an Intel software update error far outweighs the
potential benefits to me as an individual.

My principal worries if my laptop gets stolen are. a. that I can recover my
work --> backups b. that my data remains protected --> encryption

Bricking a stolen laptop does not do much for either. The only way I can see
this being a good thing, is if sufficient numbers of stolen laptops get
bricked, and this in turn lowers the overall laptop theft rate.

Not sure that this will happen though. Many mobile phones have had this option
for a while, and still phones get stolen.

------
Lagged2Death
If this sort of thing were ubiquitous on the market for years, it would
eventually become common knowledge that laptops brick themselves after being
stolen. In which case it would very probably reduce laptop theft.

That's an awfully long haul down the road from here, though, and quite a few
concerns to deal with along the way.

None of this is carved in stone, of course. Intel's software-readable CPU
serial numbering raised privacy concerns and was retired, for example.

~~~
rbanffy
> In which case it would very probably reduce laptop theft.

Or just increase the availability of used parts...

~~~
mike463
Except for processors of course. (Intel wins there)

~~~
rbanffy
_Very_ good point...

------
anonymous246
The first fruits of the "synergy" from the Symantec acquisition? Snicker.

