Intel's Security Plans Worry PC Builders

Mark 13 mark at zor.hut.fi
Fri Dec 18 15:25:56 PST 1998



I wonder what government sponsored back doors they plan to include...

http://www.techweb.com/wire/story/TWB19981214S0008

                Intel's Security Plans Worry PC Builders

                (12/14/98, 3:49 p.m. ET)
                By Rick Boyd-Merritt and Mark Carroll, EE Times 

                Intel will add new security and software functions to future
                chip sets in a move that will boost the profile of its
                upcoming Katmai processors as key silicon for multimedia
                and e-commerce. But the plan is raising concerns among
                software, semiconductor and systems companies that fear
                the processor giant could wind up encroaching on their
                markets, extending its own reach deeper into the PC
                architecture.

                Intel's plans center around a so-called firmware hub,
                essentially a flash memory with key BIOS functions,
                which will be part of its Camino, Carmel, and Whitney chip
                sets. Those products will accompany next year's Katmai
                processors and are expected to be used in the Merced line,
                too. 

                "This is an example of Intel taking in one more piece of the
                PC architecture," said a senior R&D manager with a major
                PC company who asked not to be named. 

                Intel would not comment on its unannounced products.
                However, the key features of the chip are beginning to
                come to light based on reports from multiple sources. The
                firmware hub is "basically a flash chip with locks on its
                read and write capabilities that can be opened using a
                cryptographic protocol," said another source briefed by
                Intel. 

                Hardware security functions include a cryptographic
                engine to authenticate digital certificates Intel or a third
                party could load in. The chip could hold multiple
                certificates, each with permission to grant specific
                features, such as to permit an operating system or an
                MPEG player to run. They would also ensure a software
                program licensed to one user was not copied and run on
                another machine, a common practice. In addition, the
                certificates will act like unique serial numbers, identifying a
                given machine in any Internet or corporate network
                transaction, sources said. 

                The hub may also include a random-number generator to
                create public keys for encryption and help enable
                encrypted transmissions between PCs. That would provide
                security for e-commerce and software downloads,
                possibly including software modules for host-based
                modems, MPEG players, or audio codecs that are
                housed in the firmware hub and run on the CPU. 

                Another feature sources have mentioned is physical
                security, linking sensors to the hub so it may report
                problems to a central network administrator if the case is
                tampered with or peripherals are removed. 

                Even though the firmware -- and the chip sets it is part of
                -- are not due for production until at least mid-1999,
                samples have been available in Taiwan for some time. 

                "We have had samples of the firmware hub for a while,"
                said a project manager at First International Computer, in
                Taiwan. "We really haven't done too much with it yet. It is
                still not quite clear when it will be used and what its 
                full functions will be." 

                The hub chip is designed to incorporate new features into
                the PC upon start-up, the manager said, not to replace the
                standard BIOS, the key software that controls system I/O
                  peripherals software. 

                "After a PC is turned on, the firmware hub will be
                accessed and then the regular BIOS," said a BIOS
                engineer with another Taiwanese company. "The hub will
                affect the standard BIOS architecture, but it certainly
                won't replace it. That's not its purpose." 

                Yet the prospect of a possible Intel incursion into BIOS is
                giving some industry observers the willies. Adding to their
                concern is the fact that Intel has not provided technical
                details about its implementation yet. One analyst said the
                hub will act as a BIOS registry, a place from which
                software emulation and upgrades can be controlled. 

                Sources close to Intel suggested the Santa Clara, Calif.,
                company would be leery of entering a new PC-related
                market while under the shadow of a Federal Trade
                Commission investigation. The company's motive is simply
                to bring new features to the PC, enhancing sales for
                corporate and consumer users, these sources said. 

                Still, "If Intel controls what and how stuff gets put in the
                BIOS, that's really significant," said one analyst.
                "That's a wonderful control choke point."







More information about the cypherpunks-legacy mailing list