What about a new generation of viruses able to brick your computer using this technology?
It also could be a way for Intel to kill old computers in order to make people buy new ones (Most people would think that their machines were simply too old and died) if wikileaks is still alive then, we might get confirmations about such nasty tactics.
I just hate when efforts and money goes into disabling : I get mad when I can't read an original DVD because of DRM protections (happened three times last month). I hate it when clients money pay for efforts against them. It reminds me of the Sony rootkit. All this is so wrong.
It's not in the best interest of the usually seen computer viruses to brick a computer this way. A bricked computer cannot be turned into a spam zombie or a node in a botnet.
However, considering the implications of Stuxnet, I can see a lot of uses for processor kill switches. Imagine not only having to replace all your centrifuges, you also have to replace all desktop computers in your government offices, as well as the servers running your supply chains. To make it more interesting, try to do that during an invasion.
To be fair, you may want to brick a stolen computer, but that only guarantees it will never show up on any authorized dealer who can check the serial number against a list of stolen computers.
Why would they add this feature? Are they going to sell more chips because of it? Do they see a person who's on the fence about whether to buy a computer with Intel inside, and have this be the thing that pushes them to decide to buy? I find that extremely unlikely.
Instead, it seems like Steve Jobs has shown the world that you can sell somebody a product but still maintain control of the product after the transaction. Intel is apparently saying "We gotta get us some of that"
I don't get the bad angle. Remote kill-switches would be very useful for corporate devices.
A problem would arise if Intel could also surreptitiously do firmware changes via this mechanism. On the positive side, however, companies could push updates automagically.
As long as a customer knows what he's buying and can disable the feature, it's a great addition for people or companies needing extra security.
It's mature enough that it's known there cannot be a "robust" system like you seem to be hoping for.
At some point down the chain, you trust someone else with your computer's off switch. If they give it away/sell it/have it stolen, a stronger system merely means you're more assuredly screwed because there's less they can do to prevent it from working as advertised.
And this is all aside from cryptographic weaknesses. Sure, there are strong / robust systems, but at some point the ultimate authority lies somewhere, somehow, and it can be taken. Even something like BitCoin, a nigh-authority-free system, is vulnerable to this; if enough malicious computers perform enough malicious calculations, they can convince everyone that their transaction history is the correct history. Or a virus could do their work for them.
1) you have to assume that the implementation is correct so that only somebody with the key can preform the remote kill, and ensure that the attacker can't reset the key. If you get this even slightly wrong, somebody will figure it out. How confident are you that this will be implemented without error? Would you bet all your companies hardware on it?
2) If the attacker gets you're key, you're screwed. And not just "somebody is signing shit with your key without your approval, time to revoke the key" kind of screwed, but rather "time to toss all your hardware into the dumpster" kind of screwed.
So how exactly does killing the cpu keep hard drive contents from being read? I'm sure there's a piece of technology I'm missing here. Is the computer hardware somehow involved in the hd bit encryption (on encrypted hard drives)?
I've not seen anything saying it can be disabled. And given the recent way US companies have reacted to Wikileaks, say, could you imagine running Tor on a computer with a chip like this...?
Edit: Or, say, the RIAA automatically disabling anything exposing a torrent.
I don't see how this helps in a corporate environment. If it's a laptop you can just remove the hard drive and you have access to all that juicy data. The real solution would be an encrypted hard drive, I don't see how the kill switch enhances the security at all.
Personally given the choice I would buy the computer w/o the kill switch.
How can you implement a remote kill switch without also creating a permanent unblockable remote code execution vulnerability? The only way I see to do it would be to have the chipset monitor all network interfaces for the packet of death, and give the chipset the ability to inject packets for the purpose of authentication before it actually kills the system.
This article is a pure spin! This technology (or similar) is already in the processors today. But:
1) it has to be activated
2) it has to be paid for (subscription)
3) the laptop can be enabled again if you recover it from the thief
4) it is only in the Q or QM chipsets
Seriously, I'm all for being paranoid when it makes sense. But you already have to trust Intel if you buy a processor from them. And I believe the technology can implemented securely (unique RSA key pair for each processor?)
There should also be lots of ways to permanently brick a computer with software.
In the good old CGA/MDA days all you had to do was to program the wrong scan rate in your CRT controller and watch as your monitor exploded, fireworks included.
Intel had better make this an opt-in, and then opt-in again option. AMD will clean house otherwise.
The number of use cases where this can go horribly wrong, either due to malice, or indeed because of an Intel software update error far outweighs the potential benefits to me as an individual.
My principal worries if my laptop gets stolen are.
a. that I can recover my work --> backups
b. that my data remains protected --> encryption
Bricking a stolen laptop does not do much for either. The only way I can see this being a good thing, is if sufficient numbers of stolen laptops get bricked, and this in turn lowers the overall laptop theft rate.
Not sure that this will happen though. Many mobile phones have had this option for a while, and still phones get stolen.
If this sort of thing were ubiquitous on the market for years, it would eventually become common knowledge that laptops brick themselves after being stolen. In which case it would very probably reduce laptop theft.
That's an awfully long haul down the road from here, though, and quite a few concerns to deal with along the way.
None of this is carved in stone, of course. Intel's software-readable CPU serial numbering raised privacy concerns and was retired, for example.
It also could be a way for Intel to kill old computers in order to make people buy new ones (Most people would think that their machines were simply too old and died) if wikileaks is still alive then, we might get confirmations about such nasty tactics.
I just hate when efforts and money goes into disabling : I get mad when I can't read an original DVD because of DRM protections (happened three times last month). I hate it when clients money pay for efforts against them. It reminds me of the Sony rootkit. All this is so wrong.