Sandy Bridge Desktop Remote Kill-Switches. Non-existent or simply disabled?

[TheDarkKnight]

I have been hearing a lot of great things about Intels new Sandy Bridge CPUs. However, the remote kill-switch is not a feature Im particularly excited about having considering the potential dangers of the technology and the possible abuses.
Anyway, I was excited to learn that the remote kill-switch technology is not in the desktop versions of the new 2nd Generation Core chips. At least this is what I hear.

What I would like to confirm is that the technology is not simply present and disabled. But that it is completely absent from the CPU. I would like to know that the transistors for the technology do not even exists on the die in the desktop versions of the new Sandy Bridge CPUs. Would this be a correct assumption or am I way off base here?

From my understanding, you do need a compatible chipset to enable the Anti-Theft 3.0 technology even if you have a CPU with ATT. However, I would certainly be more than happy to know that the actual technology is absent from all desktop versions of Sandy Bridge versus just being disabled. Does anybody know for sure on this?

 

[IntelUser2000]

Ok, the Anti Theft technology is only for laptops. IMO, its mostly paranoia since it existed for 2 years at least.

 

[AdamK47]

I can't believe some people get their panties in a bunch over this. It's a feature that was twisted mostly by the non-tech tech news sources.

 

[TheDarkKnight]

I can't believe some people get their panties in a bunch over this. It's a feature that was twisted mostly by the non-tech tech news sources.

Well, thanks for the input from both of you. You didn't really answer my question but I can see you prefer security over freedom. That much can be reasoned out from your posts.

I personally like to know that Im in complete control of the devices that I purchase. And not Intel. If the technology exists physically in Sandy Bridge "desktop" chips and is simply lying dormant, that wouldn't make me feel really comfortable. But Im a paranoid sort I guess.

 

[slag]

Well, thanks for the input from both of you. You didn't really answer my question but I can see you prefer security over freedom. That much can be reasoned out from your posts.

I personally like to know that Im in complete control of the devices that I purchase. And not Intel. If the technology exists physically in Sandy Bridge "desktop" chips and is simply lying dormant, that wouldn't make me feel really comfortable. But Im a paranoid sort I guess.

Complete control is a myth. None of us are ever in complete control of anything.
To generalize that we prefer security over freedom is very faulty logic in your way of thinking but simply by making that statement, its obvious your post doesn't belong in this section.

 

[aigomorla]

Well, thanks for the input from both of you. You didn't really answer my question but I can see you prefer security over freedom. That much can be reasoned out from your posts.

I personally like to know that Im in complete control of the devices that I purchase. And not Intel. If the technology exists physically in Sandy Bridge "desktop" chips and is simply lying dormant, that wouldn't make me feel really comfortable. But Im a paranoid sort I guess.

???

ur inflating it way out of proportions.

Better question is do you do something which homeland defense would need to kill your laptop for?

The antitheft feature is there for you, not for intel.
They will not go around and zap people's cpu's for the hell of it.

Its there like the blinking light is on in your car radio.
It tells the theif that if you take this laptop, it will be zap'd and dead.

Unfortunately thief's are neither edjucated nor knowledgeable in this area, so they will end up taking it anyhow.

But when word goes out in the underground that these laptops have close to 0 resell value unless u know how to take them apart, then slowly thefts will disappear.

And this feature is more important then you think.
It may not apply to you, but lets say someone who is working in a corporation or government ends up losing there laptop.

Instead of worrying about all the company's info getting stolen, they can just ZAP the laptop and end it there.

So in the long run, the guys who spend more money in the sector WIN, and get what they want... like how it always is in corporate america.

If you dont like it.. well then dont buy intel.
There's always AMD.

But i bet you they will slowly do it also, as it will probably be a standard in the financial world's laptops, with all the people in the financial industry losing there laptops with corporate files.

 

[TheDarkKnight]

???

ur inflating it way out of proportions.

Better question is do you do something which homeland defense would need to kill your laptop for?

The antitheft feature is there for you, not for intel.
They will not go around and zap people's cpu's for the hell of it.

Its there like the blinking light is on in your car radio.
It tells the theif that if you take this laptop, it will be zap'd and dead.

Unfortunately thief's are neither edjucated nor knowledgeable in this area, so they will end up taking it anyhow.

But when word goes out in the underground that these laptops have close to 0 resell value unless u know how to take them apart, then slowly thefts will disappear.

And this feature is more important then you think.
It may not apply to you, but lets say someone who is working in a corporation or government ends up losing there laptop.

Instead of worrying about all the company's info getting stolen, they can just ZAP the laptop and end it there.

So in the long run, the guys who spend more money in the sector WIN, and get what they want... like how it always is in corporate america.

If you dont like it.. well then dont buy intel.
There's always AMD, because Apple is INTEL.

Some people think this technology is the greatest thing to come along since sliced bread and some "dont".

Give people a "choice". How hard is that? I, personally, dont want it in my desktop. For people who do want it in their laptop, wonderful. They can have it. Give people a "choice".

I realize that Intel isn't zapping CPUs for the hell of it. I don't think people at Intel have that much free time on their hands. I dont mind have reasonable debate about the pros and cons of this technology if you wish but lets keep it reasonable. There are a few situations in which I can see this technology being abused. Government would be the biggest abuser of this technology if it decided it wanted to do something with it because they are the only ones who could threaten Intel to do things against their will.

Whats wrong with "choice"? Thats all I ask.

 

[aigomorla]

Government would be the biggest abuser of this technology if it decided it wanted to do something with it because they are the only ones who could threaten Intel to do things against their will.

Whats wrong with "choice"? Thats all I ask.

are you viraling AMD?

Im sorry when did intel do something the governemt wanted?

Infact isnt intel paying the government a ton of money in Trust Issues because intel wont listen to the government?

If there's 2 institutions that give the Government a "middle finger" and say fine us, its Intel and Microsoft.

Once again.. just cuz YOU dont like it, doesnt mean the rest who it applies to doesnt.

If I could have my way, intel's 990X would be priced at 250 so no one would buy sandy bridge on desktop, and we can skip directly to 2011, but like everything else in the world, things dont go the way 1 person wants.

 

[TheDarkKnight]

are you viraling AMD?

Im sorry when did intel do something the governemt wanted?

Infact isnt intel paying the government a ton of money in Trust Issues because intel wont listen to the government?

If there's 2 institutions that give the Government a "middle finger" and say fine us, its Intel and Microsoft.

Once again.. just cuz YOU dont like it, doesnt mean the rest who it applies to doesnt.

If I could have my way, intel's 990X would be priced at 250 so no one would buy sandy bridge on desktop, and we can skip directly to 2011, but like everything else in the world, things dont go the way 1 person wants.

So in spite of the fact that I used the word 'choice" at least 3 times in my last post it went completely over your head. :biggrin::biggrin:

I think Intel understands the word choice to a degree. Thats why there are currently multiple different Sandy Bridge CPUs available for purchase and not just one. Why are "you" so upset that not "everybody" wants the remote kill-switch in their CPU? Is it because you are one those who think its the greatest thing since sliced bread? Great. Knock yourself out. Stop taking this as a personal attack on your wants and needs. Its not.

And as for the comment about AMD "viraling"? No, the reason Im concerned about this matter is because of what I know about Sandy Bridge CPUs. From what I read the technology is amazing, superior to AMD. I want to purchase a Sandy Bridge CPU so bad but this ATT technology concerns me. Thats all.
So you can place your conspiracy theories aside. Believe it or not, Im not an AMD employee. Yes, this will probably come as a shock to most reading this forum. Wish I was though. I would be smart and rich.

How come I can reasonoably understand where people are coming from who want this technology without accusing them of Intel "viraling" but it seems its completely impossible for the same people to see the "other side" of the issue. Geez. You would think I threatened to steal your lunch money or something. "Intel traitor. Burn him at the stake, Burn!!!"

 

[Nintendesert]

TheDarkKnight is right, the plans right now are to remotely zap your CPU before the FBI execute a search warrant on any sort of computer related crimes in order to prevent the suspect from destroying incriminating evidence.


:|

 

[Mark R]

Lol.

The security features in Intel 'Core' processors (not just Sandy Bridge) only work when turned on in the BIOS, and you have installed the security management OS drivers.

The main use for the security features is not to 'kill' the CPU - as that isn't what it does.

The 'kill switch' is designed to erase the secure encryption module in the chipset. The provides hardware-based hard drive encryption, so if you hold confidential data on your laptop, you can use hardware full disk encryption. When the 'kill switch' is triggered, the encryption module is erased, and the data on the hard drive is unreadable.

The 'kill switch' can optionally cause the BIOS to halt at POST, with a 'stolen property' message. So that the computer (or motherboard) cannot be resold.

 

[aigomorla]

How come I can reasonoably understand where people are coming from who want this technology without accusing them of Intel "viraling" but it seems its completely impossible for the same people to see the "other side" of the issue. Geez. You would think I threatened to steal your lunch money or something. "Intel traitor. Burn him at the stake, Burn!!!"

its because you are picking at a tiny tiny aspect in the whole chain.

And then blowing it up to size which arent even comparable.

Your ranting about it.. when the financial industry and everyone who uses laptops more have been screaming for it.

 

[TheDarkKnight]

TheDarkKnight is right, the plans right now are to remotely zap your CPU before the FBI execute a search warrant on any sort of computer related crimes in order to prevent the suspect from destroying incriminating evidence.


:|

An attempt to make me sound crazy, nice. You miss the whole point also it seems. Wow. I didn't ever think getting a simple point across would be this difficult. A plan doesn't have to exist for me to be against the "ability" to shut down my CPU remotely. How hard is that point to understand? I would rather not give up a small amount of freedom for a small amount of security. If you want to thats fine. I dont. Is there anyone here who has a rational counter-argument against "choice"? I never realized everyone was so anti-choice.

 

[aigomorla]

I never realized everyone was so anti-choice.

im sorry sometimes its very difficult to express what you want via words.

We arent here to pick at ya, were here to tell ya, what u heard might be wrong and not the way you think it is.

This feature is not out there to blind the general public in forcing us to go socialistic ways on our laptops.

The feature was meant more for people who hold critical and highly confidental data in our laptops.

Look at the news in the past 3 yrs alone.
How many government laptops in general were stolen?
And how many of those laptops made news because of the amount of information they carried?

Now if they had a kill switch in the laptop, i dont think the government would of been worried about that lost laptop or any corporate CEO who stupidly left his highly confidential laptop unattended.

 

[TheDarkKnight]

its because you are picking at a tiny tiny aspect in the whole chain.

And then blowing it up to size which arent even comparable.

Your ranting about it.. when the financial industry and everyone who uses laptops more have been screaming for it.

Im not ranting about the technology per se my friend. Im ranting about having the choice to accept it or reject it. To use it, or not use it. Read my words.

 

[Nintendesert]

Im not ranting about the technology per se my friend. Im ranting about having the choice to accept it or reject it. To use it, or not use it. Read my words.

Read what Mark posted above, if the feature needs to be enabled in bios, then that is your choice. To enable or not to. I fail to see the problem with this.

 

[TheDarkKnight]

im sorry sometimes its very difficult to express what you want via words.

We arent here to pick at ya, were here to tell ya, what u heard might be wrong and not the way you think it is.

This feature is not out there to blind the general public in forcing us to go socialistic ways on our laptops.

The feature was meant more for people who hold critical and highly confidental data in our laptops.

Look at the news in the past 3 yrs alone.
How many government laptops in general were stolen?
And how many of those laptops made news because of the amount of information they carried?

Now if they had a kill switch in the laptop, i dont think the government would of been worried about that lost laptop or any corporate CEO who stupidly left his highly confidential laptop unattended.

Okay, whats wrong with using Windows 7 Ultimate bitlocker encryption to protect data? If a thief steals a laptop thats relies solely on the remote kill-switch technology he potentially has a time window in which to extract all the information he needs before the laptop is "reported" as stolen. A stolen laptop must be "reported" as stolen and the theft may not be realized right away. Even if its a time window of 1 hour it provides more opportunity than a hard drive encrypted with Windows 7 bitlocker protection. That is if, the bitlocker encrypted partition is setup to require entering a password upon an initial boot of the Operating System.
So the success of Intels ATT 3.0 relies heavily upon realizing the theft as soon as possible versus having an infinite "safe" window of time using bitlocker encryption. Just some observations to think about.

 

[aigomorla]

Okay, whats wrong with using Windows 7 Ultimate bitlocker encryption to protect data?

Hardware encryption >>>>>>>>>>>> software encryption.

I think we proved that enough in the gaming industry and every time a software maker tries to get smart and introduce a NEW DRM.

which btw i see the new DRM in games being a USB Zip drive (seeing how cheap they got) which cant be copied on a completely hidden file format.

 

[Phynaz]

TheDarkKnight is right, the plans right now are to remotely zap your CPU before the FBI execute a search warrant on any sort of computer related crimes in order to prevent the suspect from destroying incriminating evidence.


:|

I don't suppose you have a link to back up this statement?

 

[Phynaz]

Okay, whats wrong with using Windows 7 Ultimate bitlocker encryption to protect data? If a thief steals a laptop thats relies solely on the remote kill-switch technology he potentially has a time window in which to extract all the information he needs before the laptop is "reported" as stolen. A stolen laptop must be "reported" as stolen and the theft may not be realized right away. Even if its a time window of 1 hour it provides more opportunity than a hard drive encrypted with Windows 7 bitlocker protection. That is if, the bitlocker encrypted partition is setup to require entering a password upon an initial boot of the Operating System.
So the success of Intels ATT 3.0 relies heavily upon realizing the theft as soon as possible versus having an infinite "safe" window of time using bitlocker encryption. Just some observations to think about.

How did you plan on booting a stolen machine without the pre-boot login?

Your misconception is that the machine must be reported stolen to be protected. It's all about layered security.

 

[Mark R]

So the success of Intels ATT 3.0 relies heavily upon realizing the theft as soon as possible versus having an infinite "safe" window of time using bitlocker encryption. Just some observations to think about.

Intel ATT is designed to work together with encryption - it's not an alternative to encryption. Bitlocker can use the hardware secure key storage modules embedded in modern PCs. This is more secure than simply using a password/passphrase.

When Intel ATT is activated, the key storage is securely erased, leaving the data unreadable. It permits a password to be revoked in the field.

E.g. you have an employee who has an encrypted laptop. However, you find out that they are a security risk. However, the employee is not at work at the time. You send the 'kill' signal, which erases the bitlocker encryption keys, and the data on the hard drive is no longer accessible.

 

[TheDarkKnight]

How did you plan on booting a stolen machine without the pre-boot login?

Your misconception is that the machine must be reported stolen to be protected. It's all about layered security.

Okay, so how do thieves circumvent computers that have been setup in the BIOS to require a password to even boot the computer? ATT 3.0 technology is the only technology that requires a password to boot a computer? I think I have password-protected booting on my computer right now. Why do I need ATT 3.0? Whats to stop a thief from removing the hard drive from the laptop and putting it in a different laptop? If a computer requires a "pre-boot" login isn't that enough to stop the thief from booting the operating system and getting access to the data? Why have the ability to shut down the CPU remotely? In case he bypasses the pre-boot login security, right?

Oh, the hard drive won't work you say because its been encrypted using ATT 3.0? Ok, so why isn't bitlocker capable of the same type of security? Remotely kill the cpu to protect data? Come on.
But as I stated before, choice should reign supreme. If this technology makes some people feel secure, let them have it. I just dont think it should be forced upon people as a whole. And as I said before, the fact that it lies dormant in the technology of the chip isn't a real comfortable feeling considering that BIOS chips have been hacked before.

 

[Nintendesert]

I don't suppose you have a link to back up this statement?

I apologize, I forget sarcasm doesn't always translate quite that well in words on the internet. I was just extending out a little bit more on TDN's self described paranoia with the government and drawing out a possible though at this time improbable conclusion to his fears over this technology.

 

[TheDarkKnight]

I apologize, I forget sarcasm doesn't always translate quite that well in words on the internet. I was just extending out a little bit more on TDN's self described paranoia with the government and drawing out a possible though at this time improbable conclusion to his fears over this technology.

Its true. I am paranoid when it comes to the government stealing my freedoms. And its not like they have ever given me a reason to think this way. I will definitely give some thought to calling a psychiatrist.

 

[AdamK47]

Won't somebody please think of the children?!