Concerns About Intel Sandy Bridge Anti-Theft 3.0

Is anyone else concerned about the the Anti-Theft 3.0 security features that are going to be included in the upcoming Sandy Bridge architecture? From what I've read, this technology could allow for bricking a laptop via 3G even if it is powered off or the hard drive is replaced. This is scary for a number of different reasons. Does anyone know if it is going to be included in all of the upcoming mobile chips or if it will be optional?

I won't be buying any laptop that has Anti-Theft 3.0 included.

 

I smell crackers taking over the world soon . This is garbage... Just think of someone "kidnapping" your laptop, a virus or an angry reseller .

 

What were the version 1.0 and 2.0? Also can't you already do that with the TPM chip?

 

I'm looking into TPM. Here is some info about it:

Linux and the Trusted Platform Module (TPM) - The H Open Source: News and Features

https://secure.wikimedia.org/wikipedia/en/wiki/Trusted_Computing#Criticism

This type of technology seems very dangerous to me and should always be optional so that the consumer can choose whether they want it or not.

 

I think this is what used to be called Intel vPro and it can do a lot of interesting things already (e.g. allow an administrator to bypass the OS and do whatever they want with the computer without the user even noticing). However, this requires not just an Intel CPU, but special hardware on the motherboard. It's not free and most consumer laptops don't have it (it's aimed mostly at business). I'm not surprised they'd make use of 3G to terminate stolen laptops, but I very much doubt this would apply to the laptop of anyone whose company didn't specifically pay for it.

 

This is interesting. I just loaded up the bios for my ThinkPad T410s. I checked the settings for Security Chip. There are three options, Active, Inactive and Disabled. The default is Inactive "Security Chip is visible but is not functional". Why would anyone want that setting? It seems that you either want it turned on or off. Sure seems like a back door to me. And who knows if it is ever truly disabled. It can probably be enabled without the user ever knowing it, at any time (if it was ever possible to actually disable it).

Does anyone know if the TPM chip is soldered to the motherboard?

It gets even creepier if you think about the fingerprint reader. Is it possible that your fingerprint scan could be transmitted to remote parties? If so, every time you login with a finger swipe, every thing you do during that session could be linked to you personally in real time.

How much further does Anti-Theft 3.0 in Sandy Bridge extend this technology?

Room 641A - Wikipedia, the free encyclopedia

 

I would so you worry too much. It is just an extension of vPro which at the moment works over the network(wired, not sure about wireless) and they just extend that to include 3G network.

It is definitely an opt-in and would be sold as a 'feature' at a premium, so don't worry it won't be forced down.

In a sense, for the business world an executive's notebook is considered the property of the company and why can't the company do things about it ?

 

Luckily (?) the fingerprint scanners arent able to discern more than a few points on a fingerprint -- they couldnt trace large numbers of people, or even randomly selected subsets with data integrity, at least not solely by the fingerprints.

 

I don't see any way to configure a ThinkPad laptop without the TPM Security Chip. Do other manufacturers offer this as optional?

 

As long as it can be disabled in the BIOS, why should it matter?

 

As long as it is physically present, there is a chance (however slim it may be) that it can be cracked or otherwise abused. And, why should I pay extra money for something I don't want or need?

 

I won't be buying any laptop that has Anti Theft 3.0. That's because I'm going to be stealing them!

 

Because there isn't a chance... someone would have to design a virus that is designed for the computer with that exact bios, motherboard, and cpu... the more specific a virus is the harder it is to make and the less chance anyone will ever bother.

On top of that you overestimate people who produce viruses...

If I were creating a virus just to screw with people this would not be a function I'd attack.

 

That sounds like a statement from someone that doesn't know much about the human character. If it can be done, it will be done.

You have good reason to be weary OP, clandestine monitoring is becoming something of a corporate pastime.

Incidentally, there has already been unscrupulous individuals that have hacked into people's web cams. Or haven't you been paying attention?

 

do u have sources for the web cams?

 

Humm, I can only wonder what great present Santa will bring me for searching through the pages of a years worth of periodical?

I'll see what I can do.

 

So is there no hardware level workaround for any of this, including the Vpro? Not all BIOSes (what is the plural of bios?) will allow 'security' adjustments beyond passwords and as said, even that is questionable to whether it truly disables all access.

 

Thinking about it, I'd argue a bit of the opposite; it won't work unless there's hardware support for it. After all, a CPU doesn't have an antenna for 3G signals (yet, anyway), so any "bricking command" would need to come through some external hardware support anyway; and I don't believe that 3G support is going to come built into the chipset anytime soon. vPro is the same way; it only works if you have an Intel CPU and an Intel network card (and maybe an Intel chipset, I don't recall for certain). If you're missing any one of those, vPro doesn't work. So it's more a matter of "if everything's there, it works" right now as opposed to needing to find a hardware level workaround. Not speaking for the future, of course.

 

Ah, here it is:

Did a School Use Webcams to Spy on Students at Home? - PCWorld

 

interesting. i am definately bookmarking this

 

There's always the possibility that it's a visible chip on die and that if it's faulty then it's ignored. In which case you could simply take a soldering iron to the chip and fry its brains out, therefore eliminating any possible threat.

Also, I have to agree on the virus front, unless there's a definite gain of doing it then most people won't. Why do you think there are hardly any viruses for Mac and linux? It's simply more profitable to go after windows. That said, if you demanded a known hacker not to make a virus for your specific machine then you see the other stuborn side of human nature, provided you give them no reason then there's not really any worry. Besides, even if they were tailoring viruses, they'd probably make them for the desktop inspirons that all businesses use since there's actually enough of them to make it worth the time.

 

I got a laptop that came with Computrace's LoJack for Laptops. I figured big deal, it's only software, I'll just remove it.

Anyway, seen Apple's new IOS 4.2? iPads, iPhones, iPod touches, all are now able to be located, remotely display a message, and of course be wiped and/or bricked.

Good hackers: Just remember that if you're paranoid about it, someone with better skills than you is also paranoid about it. I'm sure if there's a way to take a soldering iron to it, it will be on the web while CES is still going on. I'm not implying it's as easy to do as draw a magic marker line across your CD or use a Bic pen in that Kryptonite padlock, but if there's a way...

Bad hackers: Yep-- if there's a way, they will do it. Imagine someone deadlocking laptops with a handheld transmitter. He'll walk around with it like a TV-B-Gone, or closer to the truth, like a cell phone jammer. He'll walk into a crowded NYC $tarbucks and turn it on while his buddy videotapes people freaking out to put on youtube...

Hmm. Maybe I should start soldering up short-range signal jammers and sell them as "laptop protectors"?