[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Intel security hub

> I wonder what government sponsored back doors they plan to include...
> http://www.techweb.com/wire/story/TWB19981214S0008

This has been mentioned before. Only suggested response so far is to fight
tooth and nail to ensure that hub-dependent programs can work transparently
with a software fill-in. Otherwise you could potentially need to break a
tamper-resistant chip, patch the software (fortify^2...), or pull off some such
superhuman feat.

(By the way, the address for letters to the editors of Mobile Computing and
Communications, in case you want to respond to the articles mentioned, is
<[email protected]>) 

More redundant reiterations of senseless nonsense:

I'm not so confident it'd be backdoored, but if it's closed-source (not
unlikely) that is, for obvious reasons, bad. Even if not, it will, with
probability just barely <1, result in Intel as a major CA. I don't think the
hub'd be backdoored because it'd be a risky investment for anybody to backdoor
it; although I'm not sure the hub'd be closed-source, anything trivially and
undetectably compromised is about as bad; Intel'd use the hub to become a CA
just because it makes business sense.

>                 Intel's Security Plans Worry PC Builders
>                 (12/14/98, 3:49 p.m. ET)
>                 By Rick Boyd-Merritt and Mark Carroll, EE Times 
>                 Intel will add new security and software functions to future
>                 chip sets in a move that will boost the profile of its
>                 upcoming Katmai processors as key silicon for multimedia
>                 and e-commerce. But the plan is raising concerns among
>                 software, semiconductor and systems companies that fear
>                 the processor giant could wind up encroaching on their
>                 markets, extending its own reach deeper into the PC
>                 architecture.
>                 Intel's plans center around a so-called firmware hub,
>                 essentially a flash memory with key BIOS functions,
>                 which will be part of its Camino, Carmel, and Whitney chip
>                 sets. Those products will accompany next year's Katmai
>                 processors and are expected to be used in the Merced line,
>                 too. 
>                 "This is an example of Intel taking in one more piece of the
>                 PC architecture," said a senior R&D manager with a major
>                 PC company who asked not to be named. 
>                 Intel would not comment on its unannounced products.
>                 However, the key features of the chip are beginning to
>                 come to light based on reports from multiple sources. The
>                 firmware hub is "basically a flash chip with locks on its
>                 read and write capabilities that can be opened using a
>                 cryptographic protocol," said another source briefed by
>                 Intel. 
>                 Hardware security functions include a cryptographic
>                 engine to authenticate digital certificates Intel or a third
>                 party could load in. The chip could hold multiple
>                 certificates, each with permission to grant specific
>                 features, such as to permit an operating system or an
>                 MPEG player to run. They would also ensure a software
>                 program licensed to one user was not copied and run on
>                 another machine, a common practice. In addition, the
>                 certificates will act like unique serial numbers, identifying a
>                 given machine in any Internet or corporate network
>                 transaction, sources said. 
>                 The hub may also include a random-number generator to
>                 create public keys for encryption and help enable
>                 encrypted transmissions between PCs. That would provide
>                 security for e-commerce and software downloads,
>                 possibly including software modules for host-based
>                 modems, MPEG players, or audio codecs that are
>                 housed in the firmware hub and run on the CPU. 
>                 Another feature sources have mentioned is physical
>                 security, linking sensors to the hub so it may report
>                 problems to a central network administrator if the case is
>                 tampered with or peripherals are removed. 
>                 Even though the firmware -- and the chip sets it is part of
>                 -- are not due for production until at least mid-1999,
>                 samples have been available in Taiwan for some time. 
>                 "We have had samples of the firmware hub for a while,"
>                 said a project manager at First International Computer, in
>                 Taiwan. "We really haven't done too much with it yet. It is
>                 still not quite clear when it will be used and what its 
>                 full functions will be." 
>                 The hub chip is designed to incorporate new features into
>                 the PC upon start-up, the manager said, not to replace the
>                 standard BIOS, the key software that controls system I/O
>                   peripherals software. 
>                 "After a PC is turned on, the firmware hub will be
>                 accessed and then the regular BIOS," said a BIOS
>                 engineer with another Taiwanese company. "The hub will
>                 affect the standard BIOS architecture, but it certainly
>                 won't replace it. That's not its purpose." 
>                 Yet the prospect of a possible Intel incursion into BIOS is
>                 giving some industry observers the willies. Adding to their
>                 concern is the fact that Intel has not provided technical
>                 details about its implementation yet. One analyst said the
>                 hub will act as a BIOS registry, a place from which
>                 software emulation and upgrades can be controlled. 
>                 Sources close to Intel suggested the Santa Clara, Calif.,
>                 company would be leery of entering a new PC-related
>                 market while under the shadow of a Federal Trade
>                 Commission investigation. The company's motive is simply
>                 to bring new features to the PC, enhancing sales for
>                 corporate and consumer users, these sources said. 
>                 Still, "If Intel controls what and how stuff gets put in the
>                 BIOS, that's really significant," said one analyst.
>                 "That's a wonderful control choke point."