Intel beefs up online security with two-step logins [sponsored]

By Jos
Oct 13, 2011
Post New Reply
  1. Follow up on this and other innovations at Intel's Cloud Computing Technology portal and learn about the emergence of new cloud-based solutions.

    Read the whole story
  2. Rick

    Rick TechSpot Staff Posts: 6,304   +52 Staff Member

    Maybe I just don't fully grasp IPT, but simplified, it sounds like it registers a physical device (ie. your PC) to a website.

    So the question is, who wants to restrict a website to a specific computer? Not everyone, that's for sure.

    As a result, there must be (and possibly always be) ways to access your accounts without an IPT-enabled computer. For as long as methods exist to serve the lowest common denominator, I don't see this IPT stuff as being any more secure.

    The weakest link in a chain determines its strength. That weak link here is that many people still want access to websites from ANY Internet-capable device... It's what makes the web awesome. You can opt to give that away by relegating your usage of certain sites to a particular set of devices, but there's still a registration process and possibly some sort of leniency (eg. similar to resetting your password with a security code) which can probably be abused as well... not to mention physical access or user impersonation (remote access to the physical machine) remain viable avenues for unpleasant activities as well.

    I'm not sure I'm seeing the value yet, although perhaps it does lay a framework for accountability. If everyone's chips carry a unique ID that cannot be altered, then we have ourselves a reasonable foundation to build an identification system which could possibly tie you (or at least your computer) to your electronic alter ego...
  3. Does this prevent a user from login to the web site from a different device or only from purchasing items from a different device? If the user's PC is compromised then game over. Can a man in the middle attack still work, seems like it. They mentioned Intel, Symantec and E-Bay, so do you need Symantec on other security software to hook into this? Still have questions and I'm not sure what this really solves, other than the DB dumps of username/password as they would now need your physical machine to do something. I guess it's a step in the right direction however it seems like a better solution is out there.
  4. Cota

    Cota TechSpot Enthusiast Posts: 521   +8

    Finally! *deletes idea from his book*

    This is a nice step on security (tho im sure the ID can be easily read using some API), but once again the REAL security really comes from the quality of the user. ;)
  5. mevans336

    mevans336 TechSpot Enthusiast Posts: 163   +11

    You're right. If you're away from your PC, you can't access the site. (Without some other mechanism to allow access.)

    This is relevant to business users, not home users.

    Intel is trying to put RSA out of business while possibly extending a "good-enough" type system to home users.
  6. Night Hacker

    Night Hacker TechSpot Enthusiast Posts: 112   +12

    I'll stick to my AMD CPU and some common sense.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.