Intel's Sandy Bridge processors have a remote kill switch

By on December 18, 2010, 3:03 PM
Intel's new Sandy Bridge processors have a new feature that the chip giant is calling Anti-Theft 3.0. The processor can be disabled even if the computer has no Internet connection or isn't even turned on, over a 3G network. With Intel anti-theft technology built into Sandy Bridge, David Allen, director of distribution sales at Intel North America, told ITBusiness that users have the option to set up their processor so that if their computer is lost or stolen, it can be shut down remotely.

For those who want to protect their computers from thieves, the ability to remotely disable them sounds great. We're not sure the CPU is the component that should be targeted though. While a given stolen netbook, laptop, or desktop can no longer be turned on if Intel's new kill switch is flipped, there's nothing stopping the thief from taking out the HDD and putting it in another computer. As a result, you've only slightly slowed the criminal down and haven't really managed to ensure your sensitive data is protected.

Furthermore, those wearing tin foil hats will want to know if users have complete control over the feature. Is it enabled by default? If not, could someone else turn it on? Can anyone but the owner of the processor disable it remotely? Those might seem like paranoid questions, but nonetheless Intel needs to guarantee that the answer to all three is a resounding no.





User Comments: 59

Got something to say? Post a comment
hellokitty[hk] hellokitty[hk], I'm a TechSpot Evangelist, said:

Can we just not have one o.o.

Waste IMO.

mattfrompa mattfrompa said:

Yeah I'd rather something like this be implemented in the hard drive instead :/ Which even then. I don;t think there is any way to stop them 100% of the time.

Benny26 Benny26, TechSpot Paladin, said:

ooooh sounds abit ify that...If once it's been tripped and you can't get it back..I think i'de be more likely to stay away for the sake of my wallet, just in case there's a costly accident.

Nima304 said:

Can the processors be turned back on after being disabled? Because if so, hackers can still find a way to enable the processor and remove the script which disables it. Also, what if someone decrypts the disable code and manages to transmit it? They could disable any PC they wanted then. Adding on, are the Mac addresses of the computer, which I assume is going to be what is used to find out which PC is which, going to be stored on Intel's servers? If so, hackers could penetrate that database and kill millions of PCs at once. And finally, even if the processor, and even the hard drive was destroyed, someone could remove those two and replace them, then use the motherboard, RAM, case, and GPU to make a cheap laptop anyway, or sell the PC for parts.

All in all, it's a terrible idea, and I know where Intel got the idea. Microsoft stated that they might work on a feature for Windows that would disallow a computer access to the internet if it was suspected to have a virus installed on it. This would disallow a computer to boot if it was stolen. Pretty much the same thing, right? We can't allow this to happen, Sandy Bridge processors will be several accidents waiting to happen if this feature is implemented.

Cota Cota said:

If the CPU is dead you can still get the HDD, duh!. Also, will it screw the whole PC or just the CPU?

Instead of making this, they should add a stapler to the CPU, it would be more useful *heavy sarcasm*

Guest said:

What could possibly go wrong.

EDO219 said:

Many new cars also have a remote kill-switch in case of theft. Not only are they highly sought after by thieves, but they are immediately stripped down to individual components to conveniently flip for cash with little traceability.

Even if Intel's kill-switch will eventually be capable of also disabling every major compliant component in a PC, then this too could be bypassed. The thief need only remove all power sources (cable, laptop battery, CMOS) and separate each component before the owner has time to report the theft.

This security feature worries me. PCs will still be stolen, but now often parted out.

Guest said:

I call BS - c'mon, not only integrating 3G capability inside the chip (a fair amount of real-estate probably), but integrating a 3G *antenna* ... *inside* the chip? Realistically not likely.

Guest said:

Speaking of tinfoil hats, you could just wrap your stolen pc in tinfoil and bugger up the 3g signal

Guest said:

This would mean that thousands of CPUs (every home, every office) would all constantly be holding open a connection to the local 3G Mast. How can the 3G infrastructure possibly handle that? I simply do not believe it. The 'facts' as published have to be wrong or incomplete.

Guest said:

there is a method to create small on chip atenaas .. its done using fractal Geometry. Saw it on NG SIMBT!

This does stink of BS, tho as wattage is a great concern for all new chips and R-fi is a big power hog. Plus as others have pointed out .. the chip is **** ... its teh data that needs protecting AND HAS VALUE.

Guest said:

So aside from the additional cost and power budget of integrating a 3G radio onto a CPU die, I can think of about a million ways in which this can (and will) go horribly wrong. Some things that hackers can and probably will do with this scheme:

1: Disable it - I guarantee there will be a hack to disable this mechanism within days of its release.

2: Fake it - remotely turn off processors for anyone you like.

3: Steal 3G service - If the CPU has a 3G radio, what's to stop you from using that radio for other purposes?

4: Hide malware in the new "remote update and patching" capabilities.

5: Steal PC, buy new CPU, swap "killed" CPU for legit CPU, sell stolen PC. Easy peasy.

6: Steal the data from the HDD, then sell any non-killed parts separately.

Not least among my concerns here is how the 3G radio will authenticate. UMTS uses a SIM card (a USIM, to be specific) for authentication; are they going to add a SIM socket to the mobo (in which case you can disable the mechanism by just removing the SIM) or integrate a software-based SIM into the CPU (which will be quickly cloned to steal 3G service)? Alternatively, will it be CDMA-based (no SIM cards) in which case you now have to integrate some kind of secret key onto the CPU - and what do you do in countries that have no cellular networks other than GSM/UMTS?

Has nobody noticed that PCs tend to be big, heavy, metal boxes? That are grounded? You know, just like a Faraday Cage? How much 3G signal do you really think the CPU will get _inside a faraday cage_, and if it's using an external antenna what's to stop you just breaking that off so it gets no signal?

This is a horrible idea from the perspectives of security, power consumption, CPU die and overall system cost, user experience, functionality, and potential for abuse - it's such a bad idea that I'm having a hard time even believing this is legit. The black hats are going to have a field day with it...

Mizzou Mizzou said:

Looks like this has already been implemented on other processor families ... corporate IT organizations appear to be the primary market segment.

http://www.intel.com/technology/anti-theft/

Guest said:

Computers have enough holes that a 900Mhz-3GHz signal can get in.

It sounds like the computer would have to be plugged in because there is no way to power the radio otherwise.

Guest said:

Some of you are missing the point. The tech isn't meant to prevent data theft, its meant to deter theft by making Sandy Bridge laptops worth dramatically less once disabled.

Guest said:

Read the Intel White Paper at the above link: The chip can accept an encrypted SMS message IF the computer is equipped with a 3G card. The radio receiver is not in the chip itself, only the ability to accept and act on the encrypted SMS message of an external 3G card receives the message.

Quick fix? Immediately pull the battery, remove the 3G card, re-power and use the laptop, sans 3G.

EDO219 said:

Perhaps relevant to this topic is the fact that any device which connects to a cellular tower (or satellite for that matter) can be physically located via two separate signals in conjunction. Iran has repeatedly used this tactic to pinpoint the location of rebel forces along the shared border with Iraq. So now the rebels can not use cellular devices. heh

If one ignores the rather Orwellian implications of this practice, then it could be a great way to recover stolen laptops and cell phones.

gwailo247, TechSpot Chancellor, said:

I don't think that you have to be grouped with tin foil hat wearers in order to find the concept of a remote kill switch troubling.

While I understand the need for a government to have the ability to turn off all the computers at once when the Kuang Grade Mark 11 hits and begins the Cyber War of 2017, I don't have to like it.

Guest said:

omfi, i feeling insecure its just me?

errrrr......

Guest said:

most thiefs steal computers to use/sell and not for hard drive data, if I can remotely turn my laptop into a brick that will be a pretty good deterrent, I think all laptops should have these CPUs and all thiefs should know about it!

Guest said:

this technology is a part of Intel v pro

http://en.wikipedia.org/wiki/Intel_vPro

Here's an article discussing the "Big Brother" implications of this technology:

http://www.tgdaily.com/hardware-opinion/39455-big-brother-po
entially-exists-right-now-in-our-pcs-compliments-of-intels
vpr

Also note that Intel (an Intel IP) was caught editing the wikipedia vPro article, they removed the information in the privacy concerns section of the article:

http://en.wikipedia.org/wiki/Intel_vPro#Intel_vPro_Privacy_C
ncerns

Guest said:

I'd use the tinfoil in my hat to make a nice little Faraday cage for the CPU. Just sayin'.

Archean Archean, TechSpot Paladin, said:

Why not they build something like where as soon as the thief tries to unscrew anything on the notebook or turns it on the notebook just burns itself to ashes? Now that can be a total solution to your theft worries.

Guest said:

this is just so stupid. Well, another strategy to push the price up from Intel. :thumbs up:

Guest said:

So question,, Is it only the user who has this control? What about the government? Misuse of this by any agency say RIAA. you download an MP3 or what not so they kill the CPU. they have done worse off before. Also would this not be a perfect trick to shutdown the publics ability to share there voice?

Guest said:

On a standard metal PC case form a faraday cage protecting the chip from external radio signals.

Guest said:

Hmm, getting customers to willingly destroy your product so they can buy a replacement from you?

I think this idea originated in the marketing department.

Guest said:

This is for military and espionage use. Can you imagine turning off the opposing armies or a competitors computers? Who needs a nuke EMP when you can shut down a country with a 3G signal?

They already put this stuff in everything they sell to foreign countries. All those missiles and airplanes and everything else have this capability so they cannot be used against US forces.

Guest said:

I would rather have a homing signal sent out on receipt of the text message.

Guest said:

Stupidest idea I have ever heard of. Whats the gain of turning off a computer that has been stolen? This sounds like something the government would be in on.

If people are afraid of sensitive information ending up in the hands of the wrong person they simply need to encrypt that information before the computer is stolen. Then it will be worthless in the hands of anybody without a password to the encrypted information. Bitlocker which is built-in to Windows 7 Ultimate edition is more than adequate for this task. Or if you want a free option to encrypt all your sensitive information, TrueCrypt is a wonderful alternative.

The assinine ways people approach some problems are just so puzzling to me. They must have given this idea all of fifteen minutes of deep thought.

I'll have to research this more but if its true but I may have to pass on any Sandy Bridge processors when considering a CPU upgrade in the future.

I can't help but think that the government is somehow involved with this CPU. They are hell bent on controlling everything and everybody now days. First healthcare, next the internet, lastly everybodys personal computer.

Saintnsinner said:

It also notifies the authorities if your looking at porn on the internet in the UK.

Saintnsinner said:

AMD if your reading this we don't want this in your next generation of APUs.

fpsgamerJR62 said:

While they're looking into disabling just the CPU, why not go all the way with a remotely triggered self-destruct code or even an auto-wipe code for the HDD ?

edison5do said:

And then what? will them Stick Mircophones or Micro cameras to a Feakin PC Ship.!! Damm what a waste of money, that makes me think aboyt something hiding inside, some shit that send thme report abour your usage or any other thing.... Worried..

Guest said:

We all known your CPU won't stop a thief from getting your info from your Hard Drive.

I guess Intel figured a CPU shutdown would be pretty safe while using Trusted Computing (Intel TXT). If your data are sealed with the CPU info, a thief wouldn't be able to access it unless they use the same CPU (which would not be feasible if disabled). Spoofing CPU info is somewhat pretty hard.

--

Danny Fullerton

Mantor Organization

Archean Archean, TechSpot Paladin, said:

But that will bring us to another problem, what if the CPU fails due to hardware issues, such CPU hardware level data protection (if it can be made to work) may result in locking you out of your HDD for good (or atleast may make it lot harder).

Benny26 Benny26, TechSpot Paladin, said:

@ Archean

Don't people use backup anymore though?. What happened to that "Cloud" thingy?, that didn't sound too bad for small companys and the like.

It is obvious though, the HDD is the place for stopping data theft. Something viable will come in the future you'de think.

Archean Archean, TechSpot Paladin, said:

Cloud is more like a 'pipe dream' for the likes of Google, I've talked to several small/medium size businesses and one large size organization (involved in well over two dozen industries) about it in last year or so, and frankly not one of them believe they can trust any one with their data.

Beside, just think for a moment, if you put everything in one basket, you make one very BIG target for the rest who want to get their dirty hands on it ....... I am sure there are enough smart people out their who can pull this off, causing a constant headache for everyone involved.

Guest said:

Yeah, that's not how it works. No script, no MAC addresses, no database at Intel.

Also, laptops aren't built that way. If you kill the chipset, then it will cost more to revive than to replace. These components are typically surface mount, meaning either expensive equipment or über skills to replace. A good laptop that is stolen is worth a couple hundred at most. Practically, the only generic components are RAM, HDD, optical drive, and some wifi cards.

Yeah, your data is unprotected, but that's your fault for not encrypting, lol.

Guest said:

It's a big step in the right direction. Development still needed.

Benny26 Benny26, TechSpot Paladin, said:

It's a big step in the right direction. Development still needed.

Well, judging on the vast majority of comments in this thread, it's more of a big step in the pointless waste of money direction.

Guest said:

What ***** thought up this brilliant idea?

Guest said:

You can't say m o r o n on this stupid site?

Guest said:

Excuse the shameless plug, but I would be foolish not to point out that this technology would be a great compliment to our software that locates, locks down, and protects the sensitive data on Windows/Mac/Linux based notebooks, tablets, and desktop computers as well as smartphones. Check it out here: http://www.i-contain.com/icnet.php

Guest said:

who ever believes hey have a 3G radio on board is obviously on crack.

Guest said:

This is all about limiting Free Speech. After all, censorship is everywhere. The gov't (and their big business cronies) censor free speech, shut down dissent and ban the book "America Deceived II". Free speech for all.

Last link (before Google Books bans it also]:

http://www.iuniverse.com/Bookstore/BookDetail.aspx?BookId=SK
-000190526

Guest said:

<strong>Fortunately for all of us</strong> AMD is currently leading the pack in bang for the buck, leading the pack in ultimate computing power (the 12 core Opteron), leading the pack with the most powerful web server on the planet (a 48 core opteron) and leading the pack with advanced applications that can actually branch processes and truly compute on independent cores. Even the I7, intel's best, is not a true multi core CPU. It only scores high in benchmarks and with applications that run well on a single core which actually make up the bulk of consumer and even professional software most often seen. Even when an AMD CPU is not properly utilized by software, AMD STILL beats intel performance across the board dollar on dollar because the cpu's they make are SO MUCH more advanced than Intel's that they perform respectably despite being stifled by antiquated apps and code not up to AMD's futuristic standards.<br> <p> The proof is in the pudding folks, it is a fact that the top 3 supercomputers in the world use AMD opteron processors because REAL engineers know what is advanced and what will do the job. Intel is a no show in the supercomputer world, the next two slots below AMD use Nvidia processors. Intel makes toys, that is all. Marketing really is their forte.<br><p> Ok, so perhaps I am a little harsh here, but this whole remote disable thing really fractals my behind; I was happy with my last Intel CPU but this remote disable thing will FOREVER prevent me from buying another Intel processor, even if they say it is not on the chip I bought. For them to even go to this idea intellectually proves they are brain dead and morally bankrupt. Think Y2K was a potential problem? Folks, you have seen NOTHING compared to the threat posed by having a "feature" like this embedded in a large number of computers. I truthfully hope AMD succeeds with its soon to be released (in response to Sandy Bridge) Bulldozer platform; I would laugh if Intel got buried by it.

Guest said:

This 3G technology is an extension to already existing intel V pro technology that allows the PC to communicate over ethernet/internet even when the OS is not active or even loaded. There is background hardware/firmware that allows V pro to communicate over ethernet without the OS being able to know about it. This is how the V pro technology works, 3G is an extension to the technology, so it now can work over ethernet, wifi, 3G etc. All without the user being able to monitor the communication as it is hardware/firmware based. Look it up on wikipedia V pro:

http://en.wikipedia.org/wiki/Intel_vPro

http://www.tgdaily.com/hardware-opinion/39455-big-brother-po
entially-exists-right-now-in-our-pcs-compliments-of-intels
vpr

Guest said:

This isn't about computer theft. They have disk encryption to cover that.

No it's about shoving your nose in it. More control by them of your affairs.

Hasn't anyone seen the abusive adverts on TV where they say they know who you are, where you are and how they can come get you if you don't conform?

Guest said:

gives me reason to NOT buy Intel. I'm so tired of this "guilty until proven innocent" society the US has become.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.