Sandy Bridge CPUs (Core i3, i5, i7 etc) kill privacy and anonymity

Sandy Bridge CPUs (Core i3, i5, i7 etc) kill privacy and anonymity
Great reasons why one should stick to AMD, Core, Core 2 Duo and other models.

Includes Core i3, i5, i7, some variants of Xeon and Pentium
https://secure.wikimedia.org/wikipedia/en/wiki/Sandy_Bridge

Latest Sandy Bridge CPUs have built-in GPU memory I/O controller and DRM.
Bad news for full disk encryption - cold boot attack double trouble - memory remnants now reside inside your CPU in addition to RAM.
Bad news for anonymity - once your computer is powered up and online, your presence is traceable and the feds can remotely disable your CPU. It's not impossible hackers can do the same too. Whatever VPN, proxies and SOCKS will be less effective.

Some interesting Facts!

1) Sandy Bridge's killswitch works even without the PC being powered on (over a 3G network)! All future Intel CPU's will be equipped with one.(Your chip could theoretically be compromised and turned off by a would be attacker, though unlikely)

2) Killswitch renders the cpu useless.

3) The new Sandy Bridge have DRM built inside the chip. It cannot be removed through software. As long as you have a Sandy Bridge CPU, you automatically have DRM that can't be removed.

4) DRM is an acronym for Digital Rights Management, a broad term used to describe a number of techniques for restricting the free use and transfer of digital content. DRM is used in a number of media, but is most commonly found in video and music files.

5) Many PC enthusiasts dislike DRM due to the problems associated in the past with software DRM. Many reports of issues with DRM in games, etc. have been reported, and the majority of consumers dislike it.

6) There is a debate about the KillSwitch and some security vulnerabilities. Taken from the 2nd link: "Definitely, this new feature is something to pay attention to, as potential vulnerabilities in the implementation can open the door to new remote attacks, starting with DoS."


Please read related articles/discussions:
http://www.bit-tech.net/news/hardware/2010/12/20/intel-confirms-anti-theft/1
http://www.overclock.net/intel-cpus/910972-sandy-bridge-intel-insider-killswitch-technology.html
http://www.overclock.net/intel-cpus/906568-warning-sandy-bridge-contains-hardware-level.html
http://www.dshield.org/diary.html?storyid=10111
http://www.technewsworld.com/rsstory/71568.html

 

These are facts, not fear-mongering as you implied. Intel confirmed its anti-theft technology in Sandy Bridge http://www.bit-tech.net/news/hardware/2010/12/20/intel-confirms-anti-theft/1

Put it simply, they claimed it's for business assets in case of being stolen.. they could remotely disable CPU of a computer.

 

The thing about facts is that they aren't mutually exclusive with fear-mongering.

Let me give you an example...

"Thousands of people around the world get injured and die in road accidents every day. This is why you need to stay away from the streets."

 

Yeah thanks for the layman advise. Same for the millions of people who died from smoking-related diseases. The difference is whether a person takes steps and measures to reduce or avoid the risk entirely.

 

You're starting off with the assumption that there is a non-negligible risk in the first place. Again, fear-mongering.

I deleted my previous post because, on second thought, I felt I didn't need to be bogged down in another exchange with tinfoil-hat theorists who present sensationalist and emotionally-fueled claims instead of sound technical findings. But oh well.

 

Please refrain from picking up fight with me. Be constructive or stay away from my thread.

My intention is to alert users of privacy and anonymity concerns, substantiated with factual articles.

 

Sandy Bridge just shares its CPU cache with the GPU. I see no increased risk because it is the SAME cache as without the GPU having access to it.

IMO, DRM handling by CPU just gives an increase in performance. DRM can always be handled by software as well. Sandy Bridge just accelerates.

I really would like to see how this is ACTUALLY working. I have not seen any specification. To me it sounds like a marketing thing to attract companies. Also, I think you need to 'register' your CPU first in order for this to work. The feature is for businesses only and not for home users, I think.

 

I'll try to explain. I've been in the full disk encryption thing and the cold boot attack made use of data remnants inside RAM. Sandy Bridge CPU has built-in memory and thus giving lower latency when starting up - it's faster. Now I have to worry about RAM and CPU.

Intel was actually giving one part of the story. They already confirmed they could disable CPU remotely in case of theft. I believe the complication goes beyond that.
1. Online political activists will get silenced.
2. Hackers will soon be able to disable target CPU. It's only a matter of time - just as remote trojan and malware being circulated.

 

Trust me, the RAM in Sandy Bridge is ONLY cache memory that is shared between CPU and GPU. There is NO additional memory in Sandy Bridge that you should be worried about. The GPU still needs to access main memory for its textures and stuff (= no extra RAM in chip). The embedded I/O controller (both used by GPU and CPU) facilitate that.

See this image that outlines this:
http://images.bit-tech.net/content_...andy-bridge-review/sandy-bridge-die-map-w.jpg

See L3 cache and I/O controller at the bottom.

I sincerely doubt the CPU can be disabled remotely without the owner (= company) marking the CPU as kill-able! I also think it would need to be enabled in the BIOS.

I assume the kill feature is just a processor register that can be set. If so, I also think the CPU can be unkilled.

Either way:

1. When the PC is turned off there MUST be a additional hardware component (like 3G card) in order to kill the CPU

2. When the PC is turned on there MUST be software (driver) that facilitates the killing of the CPU.

In other words: the CPU CANNOT be killed without additional hardware or without software drivers!

Supplemental: I don't see HOW the kill-feature makes you traceable. It is the additional software on the computer that makes you traceable, not the kill-feature.

I have a university degree in computer hardware and I have broad experience in programming device drivers. Still I could be wrong, I am just human

 

You honestly think that Intel would tell the world that feds can remotely disable your CPU?!?

Good marketing. Intel sales would plummet.

 

While I am not as tin-foil-hattish as OP, I think people should stay away from Intel CPU's, even if it's just out of protest on a philosophical level. Putting DRM into hardware is every freedom loving geek's worst nightmare, and it is becoming more and more common. This latest incarnation from Intel takes it a step further; they have started us down a slippery slope of backroom deals with content owners. It seems Richard Stallman's fears about our computers working on behalf of other people is coming true. Sure, right now Intel tries to spin this as "helping the consumer be able to stream 1080p content," but fails to mention that such streaming is already possible without their DRM. Netflix, for instance, already offers this and only requires software DRM. Intel's excuse is flimsy at best and ostensibly is just a way to force DRM onto people who otherwise would not use DRM'ed software (now since it's in the hardware, we're forced to comply).

One must ask, in what way does Intel benefit from this? Why take the time to design and implement DRM tech when it offers the consumer zero benefit? It's pretty clear that the only people that benefit from this are a small consortium of content owners. Ergo, it's rather obvious that Intel got some sort of pay-off from someone here.

Today it's about 1080p movies. Tomorrow it will be about stopping pirated software from running on the machine. Next week it will be about stopping people from running anything but Microsoft OS's. Next year it will be about allowing the government access to our machines -- you know, all of us "patriots" must do our duty and help stop "the terrorists." Don't worry, they still will need a warrant, which makes it all OK.

This is a very slippery slope indeed, and it will only get worse.

 

Yah, cause Wikipedia is reliable

There was a program on the radio a while back talking to specialists in their chosen field and Wikipedia, and how these people that really knew what they were talking about tried to fix and fact check some of Wiki's articles.

The articles they tried to submit to were changed back in 15-30 by some kid with a book he plagiarized. I wont go into to much detail,if you want I'm sure you can google the article,but I take Wikipedia with a grain of salt.

To bad really, I had high hopes for Wikipedia

 

What OP said is easily found in any literature about Sandy Bridge CPU's and has nothing to do with the veracity of Wikipedia. These issues he brings up are well known and even acknowledged by Intel as being a "feature." You know, sort of like how ISP's claim that targeted advertising from third party data miners is a "feature" we all will come to love.

 

You and OrionMan suggest the features are a bad thing and I personally think they are not.

1. The on-die memory of Sandy Bridge is not a concern as Sandy Bridge has the same amount of memory as previous architecture. Sandy Bridge has CPU and GPU on the same DIE. With Westemere the GPU sits on the same SUBSTRATE as the CPU. Sitting on the same DIE has two advantages, (1) GPU can access L3 cache of CPU (huge performance increase) and (2) manufacturing process is easier. So Sandy Bridge does NOT make it harder to find decryption keys, compared to previous architectures. Note: AMD also releases GPU/CPU integrated CPUs in the next months.
   
2. The DRM feature of the CPU is JUST for acceleration. DRM streams can always be handled by software as well. There must be software drivers to use the DRM feature so I don't see a problem.
   
3. The Kill CPU feature either needs additional hardware (like 3G card) or needs software drivers/BIOS (YOU, the owner must install those software drivers or enable it in the BIOS). I see NO WAY of feds or other people being able to kill your CPU. Marketing wise it would be terrible if OTHER people would get control over your CPU. So the Kill CPU feature used by feds or malware is a great story, but not real.

These above are FACTS. No need for conspiracy theory. Intel just wants to accelerator further and further, and create unique features to stay ahead of AMD. AMD is working really hard to make Intel worried. Especially the on-die GPUs in the upcoming AMD processors are MUCH better what Intel has to offer (AMD bought ATI a few years ago). So Intel recently bought NVIDIA's patents. We'll find NVIDIA technology in the next generation of Intel processors in the near future.

 

I agree. Intel's in the business of making money. Why would they purposely cripple their chips in any way? Any bad publicity just sends people in AMD's direction.

If AMD chips have capabilities that Intel chips don't have or Intel chips have vulnerabilities AMD chips don't have, AMD wins. And I find it hard to believe that any remote kill switch wouldn't eventually be exploited by malware. Intel would be foolish to allow such a "feature", which is why I think erikloman is right.

Regarding the DRM, again, if AMD chips can do things Intel chips won't allow, people will switch to AMD. I don't think Intel has any desire to cripple their own business, and I have no idea what incentive anyone could offer them to do so. We're talking billions of dollars in lost sales for any bad publicity.

 

My point was that it is a slippery slope. I do not want DRM baked into my hardware, period. Right now it might be "voluntary" but tomorrow it might be mandatory.

 

What does this "DRM" "baked into hardware" do, exactly? If you never use DRM content, it doesn't make a single iota of difference anyway.

And besides, it's never going to become mandatory. You won't be forced to buy something you don't want to.

 

Never say never