September 19, 2020

Intel to Offer "Security" Features in Future Microprocessors

Intel is reportedly planning to include security technologies, code-named “LaGrande,” in a future processor chip.

I haven’t seen much in the way of technical detail. The article referenced above says:

Where Internet security technologies already protect information in transit between a user’s PC and Web sites, LaGrande and Palladium attempt to safeguard information and software once it is on a PC. The idea is to partition off parts of a computer into protected sections dubbed “vaults,” and protect the pathways between those areas and keyboards, monitors and other accessories.

One benefit is what Intel calls a “secure boot,” which means that the basic instructions used when starting a computer can’t be modified for improper purposes.

It’s way too early to tell whether this is good or bad for consumers. We’ll need many more technical details before we can even form sensible opinions.

Every security technology is designed to give somebody more control over something. The key questions are who is getting control, and over what will they be given control. We can’t answer those questions yet for LaGrande.

It used to be a given that when somebody talked about securing a computer, that meant giving more control to the computer’s owner. Nowadays the term “security” is more and more applied to measures that take control away from the owner. Whether LaGrande empowers consumers or erodes their control over their property remains to be seen.

Once we know what LaGrande is trying to do, we can move on to the question of whether it actually delivers on its promises. Intel got into trouble once before with a “security” feature – the Pentium III processor ID (PID). The PID raised privacy concerns, which Intel tried to defuse by arguing that the PID could protect consumers against fraud. Unfortunately the technical details of the PID made it fairly useless as an anti-fraud measure. Ultimately, Intel withdrew the PID feature after a storm of public criticism. Such an outcome is good for nobody.

It appears that Intel is being more careful this time. If Intel wants public buy-in, the best thing they could do is to release the technical specifications for LaGrande, to enable an informed public debate about it.