• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Intel Highlights Latest Security Investments at RSA 2020

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,233 (7.55/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro
At the Intel Security Day event during RSA Conference 2020, Intel underscored its commitment to security with several announcements, including details on security capabilities coming in future products. At Intel, security is a fundamental and foundational element of all aspects of architecture, design and implementation. Together with customers and partners, Intel is building a more trusted foundation in this data-centric world.

"Hardware is the bedrock of any security solution. Just as a physical structure requires a foundation established on bedrock to withstand the forces of nature, security solutions rooted in hardware will provide the greatest opportunity to provide security assurance against current and future threats," said Tom Garrison, Intel vice president and general manager of Client Security Strategy and Initiatives. "Intel hardware, and the assurance and security technologies it brings, help harden the layers above from attack."

Intel customers build solutions and services that depend on the breadth and depth of technologies in the silicon, vertical integration and substantive reach from edge to cloud. It is Intel's mission to provide common security capabilities across all architectures, to help address the ever-increasing sophistication of user experiences.

Data must be protected at rest and in motion. The protection of data is critical to extracting value from it, while delivering uncompromised performance. The next 10 years will see more architecture advancements than the past 50 years.

"Intel is uniquely positioned in the industry to create and deliver truly innovative security technologies that span architectures, memory and interconnect," said John Sell, Intel Fellow and director of Intel Security Architecture and Technology.

Data Platform Protection
  • As the demand for data-intensive computing grows, there is a need to balance the ease of scaling deployment with the level of data protections. To address customer challenges, new confidential computing capabilities on future data center platforms are expected to offer scale and choice:
  • Application isolation helps protect data in use with a very narrow attack surface. Already deployed for production data centers and solutions, Intel Software Guard Extensions (Intel SGX) will expand to a broader range of mainstream data-centric platforms, and is expected to provide larger protected enclaves, extended protections to offload accelerators and improved performance. This will further expand the number of usages able to leverage these advanced application isolation capabilities.
  • VM and container isolation helps provide protections in virtualized environments, isolating them from each other and from the hypervisor and cloud provider without requiring application code modifications.
  • Full memory encryption helps better protect against physical memory attacks by providing hardware-based encryption transparent to the operating system and software layers.
  • Intel Platform Firmware Resilience is an Intel FPGA-based solution that helps protect the various platform firmware components by monitoring and filtering malicious traffic on the system buses. It also verifies the integrity of platform firmware images before any firmware code is executed and can recover corrupted firmware back to a known good state. When combined with other trusted boot technologies on new platform generations, Intel continues to contribute additional tools to increase resistance against attack and help provide a more trusted foundation for modern cloud and enterprise deployments.
Compute Lifecycle Assurance Industry Traction
Since its launch in December, Intel's Compute Lifecycle Assurance Initiative has gained traction with customers and ecosystem partners, starting with the foundational offering Intel Transparent Supply Chain (Intel TSC).

Transparency of a device's origin helps establish the foundation for a trusted supply chain. Intel TSC tools allow platform manufacturers to bind platform information and measurement using the Trusted Computing Group's (TCG) Trusted Platform Module 2.0 (TPM) standard, also referred to as ISO 11889. This allows customers to gain traceability and accountability for platforms with component-level reporting. More information can be found in a blog by Intel's Tom Dodson.

Intel TSC is currently available for customers across Intel vPro platform-based PCs, Intel NUC, Intel Xeon SP systems, Intel solid-state drives and certain Intel Core commercial PCs.

To demonstrate Intel's commitment to transparency, measurement and assurance of the supply chain, Intel also enables ecosystem partners with Intel TSC tools. Today, Hyve Solutions, Inspur, Lenovo (client and server), Mitac, Quanta, Supermicro and ZT Systems have enabled Intel TSC tools. In addition, Intel has active deployments of Intel TSC with enterprise IT and cloud service providers.

"This chain of trust process provides essential traceability based on the TPM," said Thorsten Stremlau, chair of TCG's Marketing Work Group. "Bringing component-level traceability to platforms and systems increases confidence and reduces the risk of counterfeit electronic parts while also facilitating procurement standards. This is the right direction for the industry."

It often takes the industry working together to make technological advancements. Intel has a strong legacy of assisting its customers and industry partners in developing new and innovative ways to improve hardware security. Intel shares knowledge of this experience through its participation and contributions to leading industry initiatives and standards bodies, including the Confidential Computing Consortium under the Linux Foundation, the FIDO Alliance's IoT Technical Workgroup and the newly expanded Common Weakness Enumeration led by MITRE. Such efforts underscore Intel's unique capacity to build a more trusted foundation for the industry.

More information can be found on Intel's IT Peer Network.

Notices & Disclaimers
Intel technologies may require enabled hardware, software or service activation.
No product or component can be absolutely secure.
Your costs and results may vary.


View at TechPowerUp Main Site
 
Joined
Jul 16, 2014
Messages
8,198 (2.17/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
Does this mean Intel is being pro-active against new threats? Or is it just building a maze to get to existing ones?
 
Joined
Mar 7, 2010
Messages
989 (0.18/day)
Location
Michigan
System Name Daves
Processor AMD Ryzen 3900x
Motherboard AsRock X570 Taichi
Cooling Enermax LIQMAX III 360
Memory 32 GiG Team Group B Die 3600
Video Card(s) Powercolor 5700 xt Red Devil
Storage Crucial MX 500 SSD and Intel P660 NVME 2TB for games
Display(s) Acer 144htz 27in. 2560x1440
Case Phanteks P600S
Audio Device(s) N/A
Power Supply Corsair RM 750
Mouse EVGA
Keyboard Corsair Strafe
Software Windows 10 Pro

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,107 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
I Spluttered as i read this
At Intel, security is a fundamental and foundational element of all aspects of architecture, design and implementation.

due to the numerous Security fails from Intel (often requiring O/S fixes) i View this as just INTEL BULLSHIT PR
 
Joined
Apr 1, 2013
Messages
225 (0.05/day)
How to transform a failing Hardware (and failing at fixing it sometimes) into selling it as a new support option to be more secure on the actual hardware.

"Guys we have a cake made of crap, let's ice it, and sell it as is" :D
 
Joined
Jul 16, 2014
Messages
8,198 (2.17/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
I Spluttered as i read this


due to the numerous Security fails from Intel (often requiring O/S fixes) i View this as just INTEL BULLSHIT PR
atleast I was trying to be subtle... :roll:
 
Joined
Mar 10, 2015
Messages
3,984 (1.12/day)
System Name Wut?
Processor 3900X
Motherboard ASRock Taichi X570
Cooling Water
Memory 32GB GSkill CL16 3600mhz
Video Card(s) Vega 56
Storage 2 x AData XPG 8200 Pro 1TB
Display(s) 3440 x 1440
Case Thermaltake Tower 900
Power Supply Seasonic Prime Ultra Platinum
I don't really think Intel deserves ALL hate they are getting. There is some that they deserve. However, I challenge anyone to design something complicated that another person won't figure out how to abuse or use in an unintended manner. It really is some of the beauty of humans - someone comes around that thinks differently and blows traditional ways of doing things up.
 

dorsetknob

"YOUR RMA REQUEST IS CON-REFUSED"
Joined
Mar 17, 2005
Messages
9,107 (1.27/day)
Location
Dorset where else eh? >>> Thats ENGLAND<<<
Intel ah well lets view the problem
Intel had/has far more security holes across its product lines than AMD or Arm
the latter are not boasting like intel of how their products are sic SECURE.
Intels Security problems have cost it Sales and production slowdowns as it Scrambles to re-design and revise products.

OF Course Good PR and publicity will help sweep those past ******* into the Closet of history
and thats what Intels marketing is trying to Achive

PS I only have Intel CPU's in my working systems so i'm not Red team red flagging the opposition
I'm just cynical.
 
Joined
Jan 5, 2017
Messages
307 (0.11/day)
System Name Main
Processor 8700K
Motherboard Maximus Hero X
Cooling EVGA 280 CLC w/ Noctua silent fans
Memory 2x8GB 3600/16
Video Card(s) EVGA 2080TI Hybrid
Personally I disable hyper-threading, which is virtually worthless to me anyway, and I avoid the vast majority of CPU security bugs.
 
Joined
Jun 29, 2018
Messages
537 (0.23/day)
I don't really think Intel deserves ALL hate they are getting. There is some that they deserve. However, I challenge anyone to design something complicated that another person won't figure out how to abuse or use in an unintended manner. It really is some of the beauty of humans - someone comes around that thinks differently and blows traditional ways of doing things up.

The sheer scope of their incompetence is staggering. They are selling a security-oriented product called Intel Active Management Technology that allows basically out-of-band management of PCs including remote control with VNC, remote boot, remote powerup. Do you know that they didn't even bother to check what happens if you provide an empty password to it? Well someone did and it scored a 10/10 CVE-2017-5689 with a very nice presentation on it. Exploiting it is undetectable from host OS. Oh and a fun fact: AMT is running on Intel Management Engine that's present in every Intel-based PC since at least Core 2 Duo. Wanna take a guess how well that one is secured?

Personally I disable hyper-threading, which is virtually worthless to me anyway, and I avoid the vast majority of CPU security bugs.

That's not enough since some of them also target SGX (can be disabled in BIOS) or TSX (can be disabled in Windows), for example.
 
Joined
Mar 10, 2015
Messages
3,984 (1.12/day)
System Name Wut?
Processor 3900X
Motherboard ASRock Taichi X570
Cooling Water
Memory 32GB GSkill CL16 3600mhz
Video Card(s) Vega 56
Storage 2 x AData XPG 8200 Pro 1TB
Display(s) 3440 x 1440
Case Thermaltake Tower 900
Power Supply Seasonic Prime Ultra Platinum
The sheer scope of their incompetence is staggering. They are selling a security-oriented product called Intel Active Management Technology that allows basically out-of-band management of PCs including remote control with VNC, remote boot, remote powerup. Do you know that they didn't even bother to check what happens if you provide an empty password to it? Well someone did and it scored a 10/10 CVE-2017-5689 with a very nice presentation on it. Exploiting it is undetectable from host OS. Oh and a fun fact: AMT is running on Intel Management Engine that's present in every Intel-based PC since at least Core 2 Duo. Wanna take a guess how well that one is secured?

I'm aware. And half the hate comes from people that have no idea what they are talking about and don't understand there are 10 types of people - those who understand, and those who don't.
 
Joined
Apr 29, 2011
Messages
135 (0.03/day)
Are you sure you can put the words Intel and security in the same sentence after what we have seen in the last years from them?
 

jgraham11

New Member
Joined
Oct 16, 2019
Messages
11 (0.01/day)
How to transform a failing Hardware (and failing at fixing it sometimes) into selling it as a new support option to be more secure on the actual hardware.

"Guys we have a cake made of crap, let's ice it, and sell it as is" :D

Well if your product is plagues with one Hardware bug after another, one failed attempt to fix them after another and your product runs hotter and much less efficiently than the competition, meanwhile the competition is able to make their chips for a fraction of the price it costs you to make them... your basically screwed on all fronts, RIP Intel.

"Guys we have a cake made of crap, let's ice it, and sell it with a guarantee on the box, that should work!"
 
Joined
Aug 20, 2007
Messages
21,452 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Does this mean Intel is being pro-active against new threats? Or is it just building a maze to get to existing ones?

They are arguing "hardware security" is a good concept. Ironically, most security types fear this concept, and with good reason.

Hardware security bred ideas like the PSP, ME, etc.
 
Top