{"id":1344,"date":"2007-09-17T16:58:18","date_gmt":"2007-09-17T14:58:18","guid":{"rendered":""},"modified":"2007-09-17T16:58:18","modified_gmt":"2007-09-17T14:58:18","slug":"intel-unveils-vpro-2007","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/hardware\/1344-intel-unveils-vpro-2007.html","title":{"rendered":"Intel unveils Vpro 2007"},"content":{"rendered":"<p>&quot;The Vpro 2007 spec does several interesting things, the first is to prevent rootkitting via hypervisor, basically preventing a malware hypervisor from getting under the hypervisor you want to have running,&quot; says Diane Bryant, vice-president of Intel&rsquo;s digital enterprise group.<\/p>\n<p>Bryant says the Trusted Platform Module (TPM) allows the user to do a &rsquo;secure boot&rsquo;, basically when he\/she loads a machine he can check sum vital parts of it. &quot;If those parts do not checksum the same when you boot, it can set a flag, or better stop the boot. In other words it cryptographically ensures what you have running is what you want running,&quot; she notes.<\/p>\n<p>She says the nice thing the Vpro 2007 variant does is to turn off the modes necessary for a hardware-based VM (Virtual Machine) to function until there is a clean secure boot. &quot;If you try and slide a rogue hypervisor into the system, it will sense the non-secure boot, and keep instructions necessary for the malware to operate locked down,&quot; adds Bryant.<\/p>\n<p>Bryant says related to this is a closing down of DMA (Direct Memory Access) preventing the user from putting things all over the place in memory.<\/p>\n<p>She says VMs that can write outside their allotted memory are a big potential risk, and they are now shut down in two ways. &quot;DMA&rsquo;s can be remapped with an offset to direct it to a specific VM, making it &rsquo;start off&rsquo; in the correct spot in memory,&quot; says Bryant.<\/p>\n<p>Bryant says the Vpro 2007 can also constrain DMAs to an upper bound, forcing any DMA from a specific VM to go only to the places it should be allowed to go. She says if you figure out a way to spoof a DMA request, this will hopefully shut it down.<\/p>\n<p>&quot;The Network Information Centre (NIC) keeps a few seconds of traffic data in memory, performing two calculations. The first is to count the number of Internet Protocol (IP)addresses per port over a period of 10ms to Is, and from 8 to 64 IPs. Basically if your machine decides to open 50 sockets on port 31337 in 25 seconds, this can flag the behaviour,&quot; says Bryant.<\/p>\n<p>She says another area of concern is that the newest management technologies, like 802.1 x and Cisco NAC, all need an Operating System to give some tokens or certificates in order to secure the connection. &quot;This is not a problem if the OS in question has the security token, but if the OS is not running you cannot make a secure connection,&quot; she notes.<\/p>\n<p>&quot;What the Vpro 2007 does is store some of those tokens on the NIC itself so the connection can be secured before the OS comes up. You can also image a machine remotely in a secure way where as before you could not &rsquo;up the shields&rsquo; until everything was booting correctly,&quot; says Bryant.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Intel has unveiled the Vpro Processor Technology for 2007, formerly named Weybridge, and even more formally known as AMT3.0. The company says this technology adds a bunch of security features to the mix<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15],"tags":[],"class_list":["post-1344","post","type-post","status-publish","format-standard","hentry","category-hardware"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/1344"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=1344"}],"version-history":[{"count":0,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/1344\/revisions"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=1344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=1344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=1344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}