Intel processor with without spying or remote control features

4 réponses [Dernière contribution]
Uros09
Hors ligne
A rejoint: 07/09/2011

Hello,

I've just found out on this forum that my processor support vPro and Txt features which allow that someone I even don't know turn on and off and take control of my computer. I want to change it and I would like to have FSF/Trisquel opinion about that so I don't buy such proccessor again.

Here are information about my present CPU:
cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
stepping : 7
microcode : 0x17
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 4
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
bogomips : 6218.17
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
stepping : 7
microcode : 0x17
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 1
cpu cores : 4
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
bogomips : 6218.14
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
stepping : 7
microcode : 0x17
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 2
cpu cores : 4
apicid : 4
initial apicid : 4
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
bogomips : 6218.14
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
stepping : 7
microcode : 0x17
cpu MHz : 1600.000
cache size : 6144 KB
physical id : 0
siblings : 4
core id : 3
cpu cores : 4
apicid : 6
initial apicid : 6
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi flexpriority ept vpid
bogomips : 6218.14
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:

Motherboard is: Manufacturer: Gigabyte Technology Co., Ltd.
Product Name: Z68P-DS3

I found out on intel web site CPU has both vPro and Txt fature.

Here are informations from intel web site about one processor:

Intel® Quick Sync Video Yes
Intel® InTru™ 3D Technology Yes
Intel® Insider™ Yes
Intel® Wireless Display Yes
Intel® Clear Video HD Technology Yes

Graphics and IMC Lithography 22nm
Sockets Supported FCLGA1150, FCLGA1150, FCLGA1150
Low Halogen Options Available See MDDS
Advanced Technologies
Intel® Turbo Boost Technology 2.0
Intel® vPro Technology No
Intel® Virtualization Technology (VT-x) ‡ Yes
Intel® Virtualization Technology for Directed I/O (VT-d) ‡ Yes
Intel® VT-x with Extended Page Tables (EPT) ‡ Yes
Intel® TSX-NI No
Intel® 64 ‡ Yes
Idle States Yes
Enhanced Intel SpeedStep® Technology Yes
Thermal Monitoring Technologies Yes
Intel® Identity Protection Technology ‡ Yes

Anti-Theft Technology Yes
Execute Disable Bit Yes

Intel® Data Protection Technology
AES New Instructions Yes
Secure Key Yes

I am concerned about
'Anti-Theft Technology',
'Intel® Identity Protection Technology' and
'Intel® Insider'
'Execute Disable Bit'
'AES New Instructions'

I found 2 similar CPUs with same socket requirements but I am not sure about first if it has or has not TXT beacuse it is not on web page:

http://ark.intel.com/products/75036/Intel-Core-i5-4430-Processor-6M-Cache-up-to-3_20-GHz

http://ark.intel.com/products/65509/Intel-Core-i5-3330-Processor-6M-Cache-up-to-3_20-GHz

Please check those few links and tell me if one of these CPUs have some hidden spy-on-me feature like my present CPU ? Feel free to advice me in future CPU choice.

lembas
Hors ligne
A rejoint: 05/13/2010
jxself
Hors ligne
A rejoint: 09/13/2010

The long term solution will probably be what RMS describes here:
http://files.jxself.org/build.ogv

And it probably also means that such a computer won't be x86.

Uros09
Hors ligne
A rejoint: 07/09/2011

I contacted think penguin store and they wrote 'Intel Anti-Theft Technology' needs some modules and os layer support to work and they don't ship configuration with those modules so it should not be of big concern. They actually offer cpu from my link (first one).

Is there anything else besides vPro/TXT and Anti-Theft I should know before I upgrade system next time ? Are there any hidden spy on me tehnology built in that i5-4430 CPU or in ASRock H87M-ITX Socket 1150 Mini-ITX Board ?

mYself
Hors ligne
A rejoint: 01/18/2012

I've looked at the CPUs ThinkPenguin uses in their computers, and I doesn't found more information than what you know already. This means that besides the "Intel® vPro Technology", and "Trusted Execution Technology", there is nothing else to avoid ("Anti-Theft Technology" is even supported on i5-4430, which is used in 4th gen Penguin Wee desktop computer, sold by ThinkPenguin)

So, either you just replace/upgrade your 2nd gen. (Sandy Bridge) i5-2400 processor to some 3rd gen. (Ivy Bridge) one (like the above mentioned i5-3330 model), that supports your (LGA1155) socket, or you change your motherboard too, and buy some 4th gen. (Haswell) based model (like the i5-4430), that will only fit to the new LGA1150 socket, supported by the ASRock H87M-ITX board.