Today Intel launched its new Core i5 and i7 processors with vPro. While there was clearly a performance enhancement message attached to this release, the real focus is on security and the key feature is a Poison Pill capability that will brick a stolen laptop. However, this capability, while interesting in laptops, may be critical for products like the iPad, which are increasingly used in business and are far less secure. Given that Intel bought McAfee to be able to do things like this with smartphones and tablets, I think the vPro announcement has as much to do with what is coming as it does with what has arrived.
We'll start with the promise of these new vPro parts, talk about a few of the problems and close with where this is going for coming devices.
The vPro platform has always been about managing large numbers of PCs. Intel remains tied at the hip to this market and the faster PCs can be configured, deployed and replaced. The better the PCs can be managed, the happier PC customers will be and the more PCs they are likely to buy. So part of Intel's strategic direction is to continue to drive PCs toward an appliance model where much of the pain of owning one, at least for businesses, can be automated.
This release improves the security of the offering. Called "Intel Anti-Theft Technology Ver. 3.0" (or "IATT," which is likely pronounced like the sound your aunt would make if she sat on a tack). This advancement allows an IT administrator to send out a coded message and brick a complying PC that is on and network-connected. That's not all, though. If the PC has a GPS system and a 3G or 4G modem, it can cause the PC to beacon and drive investigators to it. (I expect this will be a plot item in a coming "White Collar" episode.)
Finally, there is a new standby protection method that effectively bricks the PC when in standby unless it receives an encrypted wake-up call. I can see this potentially implemented at some future point, involving a cell phone/PC log-on process that requires the user to unlock his or her PC with a cell phone to enable it. That means that a thief would have to have the PC, cell phone and password to gain access. (Hmm ... it's a shame "24" is off the air as only Jack Bauer could crack that one.)
Coupled with IATT is Intel's Identity Protection, which is already in all second-generation processors, to provide a way to better authenticate a PC with a secure information source. This technology auto-generates a new password every 30 seconds and effectively prevents a fishing attacker from using captured passwords since it would be difficult to read and enter the password in the 30-second window.
As I mentioned above, part of this announcement was an improvement to both processor performance and the connected graphics system performance, but the focus was on security.
There are two problems that jump out at me on this. One is this being an Intel-only architecture and increasingly businesses are buying AMD and ARM-based solutions that may not easily integrate with this platform. It allows Intel to differentiate, but in a lock-out fashion and buyers often avoid deploying technologies that will limit their choices later.
The second problem is that while this shifts the attack vector from the user to the IT administrator who should be more capable of addressing security problems, an in-depth attack or a compromised administrator could do a substantial amount of damage. In effect, this is potentially a self-destruct button for business and that disgruntled employee we often worry about could potentially brick a company that has widely deployed this technology.
Wrapping up: Future Tablets and Smartphones
Tablets and smartphones are becoming the client of the future and, at that future point, virtually all will be connected and have GPS capability. They also will have limited local processing power to preserve battery life and will pull much of their information off the Web. But they will need to be bricked instantly if stolen or compromised because of that access.
One of the reasons Intel bought McAfee was so that technology like this could be applied to these new classes of devices. I expect that as Intel brings its alternatives to market, built-in technologies will be similar to what was announced today. Also, it appears that cell phones will increasingly be used as keys not only to close transactions, but to access notebook computers and, probably at some future point, to physically access your home, car, business or shared private facility (golf club, health club, etc.).
I think this is another step towards what will likely be a very different security world in a few years and one that we haven't fully explored. But, whatever that step is, today's announcement indicates that Intel is trying to help make it.