Jump to content

Recommended Posts

Posted (edited)

anyone give any feedback on this statement about newer PCs being more hardened than "before 2013"

http://www.intel.com/content/dam/www/public/us/en/documents/solution-briefs/old-pcs-security-brief.pdf

The risk
Software-only security solutions from even
a few years ago can’t keep up with today’s
cybercriminals and are not sufficient to
protect your devices and vital business
data. Without hardware-enhanced security
solutions, your business is at risk.
The opportunity
The newest generations of Intel® processors
deliver layers of hardware-enhanced security
features to ensure that hardware and software
work together to protect your business from
malware and secure all the important, private
data and content you create and share.
The next step
Don’t wait to be attacked. Secure your
business now by replacing computers
purchased before mid-2013 with new
desktops that include Intel hardware-
enhanced security features.
Social Engineering
Hackers manipulate people to divulge
sensitive data, using tools that lure
users to sites or by sending “phishing
emails” that trick unsuspecting users
into giving up their login credentials.
Even the most sophisticated people
can sometimes be persuaded—it can
happen to anyone.
Intel®
SSD Pro
Intel®
OS Guard
Intel®
AES-NI
Intel®
IPT
Windows* 8
Bootup
Security
Kernel-Mode Rootkit
Often used to deliver “Trojan
Horses” and other malware code,
these attacks live and operate below
the operating system, making them
especially hard to detect without
some kind of hardware assistance.
Advanced Persistent Threat
These insidious, human-directed
“campaigns” take control of a specific
system or network and can remain
undetected for a long period of time.
With hackers working around the clock to identify the next potential victim, it’s more important than ever for you to
prioritize security. And if your business is using PCs even just a few years old, the chances of a successful attack are even
greater: Virus protection and other software security solutions cannot sufficiently reduce the risk.
Here are three of the most common—and
dangerous—ways that hackers can attack your
desktops, infect them with malware, and harm
your business:
Innovative hardware enhancements, built into Intel®-powered desktops since mid-2013, “harden” key information and
commands normally executed in software, giving your business maximum protection. Get new business desktops with
Intel® Identity Protection Technology (Intel® IPT), Intel® OS Guard, Intel® Advanced Encryption Standard New Instructions
(Intel® AES-NI), Intel® Solid-State Drive Pro (Intel® SSD Pro), and bootup security for Microsoft Windows* 8 and increase
your organization’s security today.
Old PCs put your
business at risk
Protect against hackers by upgrading to new
desktops featuring Intel’s hardware-enhanced
security and supporting software
What you’re up against: Three tools of the modern hacker
What you can do to make your business more secure
Today’s new desktops with Intel Inside®, running on a known, trusted network, serve your business with more power, better
performance, and better protection than ever before. To learn more about replacing your older PCs to better secure your
business, contact your Intel sales rep today.
Edited by Crossy
Fixed the justification for readability
Posted (edited)

I can read it. It's an advertisement by Intel, the world's largest CPU manufacturer, telling everyone to buy a new computer.

I have this little program that will keep your computer safer. I'll email it to you for just US$500.00 or 17,000 baht. Everyone, especially businesses should have it.

Edited by NeverSure
Posted (edited)

I can read it. It's an advertisement by Intel, the world's largest CPU manufacturer, telling everyone to buy a new computer.

I have this little program that will keep your computer safer. I'll email it to you for just US$500.00 or 17,000 baht. Everyone, especially businesses should have it.

For 17K Baht, just buy one of these. Comes with everything you need to stay secure and safe online.

http://store.apple.com/th-en/buy-mac/mac-mini?product=MGEM2TH/A&step=config

Edited by IMHO
Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

My computer experienced "hardening" after I visited some popular pr0n sites.

Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

Router's aren't much good if you can't secure them.

http://www.itworld.com/article/2930295/security/new-soho-router-security-audit-uncovers-over-60-flaws-in-22-models.html#tk.rss_security

Posted

Marketing Propaganda linked to Intel's purchase of McAfee in 2010.

In a quest to maximize application performance and battery life, Intel wanted to build hardware-enhanced security features and solutions directly into firmware, chips and chipsets.

Making Sense of the Intel-McAfee Puzzler

E-Commerce Times - By Charles King - Aug 24, 2010

Now they have to make money back on their investment.

Posted

I can read it. It's an advertisement by Intel, the world's largest CPU manufacturer, telling everyone to buy a new computer.

I have this little program that will keep your computer safer. I'll email it to you for just US$500.00 or 17,000 baht. Everyone, especially businesses should have it.

To keep your computer safe all you need common sense.....If you can mail that I would pay more than 500 USD.

Posted

I can read it. It's an advertisement by Intel, the world's largest CPU manufacturer, telling everyone to buy a new computer.

I have this little program that will keep your computer safer. I'll email it to you for just US$500.00 or 17,000 baht. Everyone, especially businesses should have it.

To keep your computer safe all you need common sense.....If you can mail that I would pay more than 500 USD.

Unfortunately that isn't true any more.

You are very much dependent on ISV's and even hardware manufacturers doing their bit, and few of them are to the level required.

Posted

I can read it. It's an advertisement by Intel, the world's largest CPU manufacturer, telling everyone to buy a new computer.

I have this little program that will keep your computer safer. I'll email it to you for just US$500.00 or 17,000 baht. Everyone, especially businesses should have it.

To keep your computer safe all you need common sense.....If you can mail that I would pay more than 500 USD.

Unfortunately that isn't true any more.

You are very much dependent on ISV's and even hardware manufacturers doing their bit, and few of them are to the level required.

Companies are usually doing way to complicate things for their knowledge and love to connect everything without reasons. If you keep everything simple and turn off everything else you have banned 50% of the problems.

Something like accounting and stock keeping for small companies doesn't need to be direct connected to the internet. Small companies don't need databases for their webpages, pure html will do if they don't update the webpage anyhow, etc etc.

It is like putting an 18 year old with new Driving License in a Ferrari and be surprised that he has an accident......Reducing things to a level where you can handle it fixes most of the risks (but not all).

Posted

well i didn't mean for it to be a general question, more curious about these items :

Intel®
OS Guard
Intel®
AES-NI
Intel®
IPT
Windows* 8
Bootup
Security
Posted

well i didn't mean for it to be a general question, more curious about these items :

Intel®
OS Guard
Intel®
AES-NI
Intel®
IPT
Windows* 8
Bootup
Security

Intel has articles on all those items, all written in techno-gullible terms. Many of the technologies also have wikipedia writeups.

Intel marketing material

Intel IPT (Identity ProtectionTechnology)

suite of authentication and online access technologies designed to offer web properties, users, and enterprises with stronger, hardware-based security embedded into Intel’s platforms

Wikipedia writeups on

Intel AES-NI (Advanced Encryption Standard New Instructions

extensions to the x86 instruction set to improve the speed of applications performing encryption and decryption using the Advanced Encryption Standard (AES).

Though, I actually liked this article intro from a intel security critic:

"Intel doesn’t understand security, but they are not shy about shouting it from the rooftops. They took a good idea, vPro, and turned it into a remote exploit and security risk that prevents a compromised machine from being repaired."

Posted

well i didn't mean for it to be a general question, more curious about these items :

Intel®
OS Guard
Intel®
AES-NI
Intel®
IPT
Windows* 8
Bootup
Security

Intel has articles on all those items, all written in techno-gullible terms. Many of the technologies also have wikipedia writeups.

Intel marketing material

Intel IPT (Identity ProtectionTechnology)

suite of authentication and online access technologies designed to offer web properties, users, and enterprises with stronger, hardware-based security embedded into Intel’s platforms

Wikipedia writeups on

Intel AES-NI (Advanced Encryption Standard New Instructions

extensions to the x86 instruction set to improve the speed of applications performing encryption and decryption using the Advanced Encryption Standard (AES).

Though, I actually liked this article intro from a intel security critic:

"Intel doesn’t understand security, but they are not shy about shouting it from the rooftops. They took a good idea, vPro, and turned it into a remote exploit and security risk that prevents a compromised machine from being repaired."

yeah the problem is lack of competition: AMD look like they gave it up.....ARM is on the performance not even close, so Intel doesn't need to think.....

Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

Picked up some buzzwords at your work?

NAT won't do much to protect home users, it's best for protecting businesses that run servers with a lot of services.

The user indeed is the best protection, and the second best is IMO a firewall set to ask the user about what to do with any unusual packet.

Third best is a behavioral analysis tool, which will also ask the user everytime something unusual happens on the computer.

Fourth is the antivirus.

Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

Picked up some buzzwords at your work?

NAT won't do much to protect home users, it's best for protecting businesses that run servers with a lot of services.

The user indeed is the best protection, and the second best is IMO a firewall set to ask the user about what to do with any unusual packet.

Third best is a behavioral analysis tool, which will also ask the user everytime something unusual happens on the computer.

Fourth is the antivirus.

So can you tell us in layman's terms how to set up 2 - looking at Windows Firewall with advanced security for example or does it basically already do that?

And where to find 3?

Posted

The best "hardening" a computer can have is the user. The next best is a router because it does NAT and destroys packets which weren't requested - it doesn't know where to send them. If the user doesn't request something he shouldn't including opening an email or clicking a link and he's behind a good NAT firewall such as a router he has a very good chance of avoiding problems.

Of course in an enterprise environment it's good to use SecureNet and ISA proxy server between the router and the internet but that's not practical or needed for home use.

Picked up some buzzwords at your work?

NAT won't do much to protect home users, it's best for protecting businesses that run servers with a lot of services.

The user indeed is the best protection, and the second best is IMO a firewall set to ask the user about what to do with any unusual packet.

Third best is a behavioral analysis tool, which will also ask the user everytime something unusual happens on the computer.

Fourth is the antivirus.

So can you tell us in layman's terms how to set up 2 - looking at Windows Firewall with advanced security for example or does it basically already do that?

And where to find 3?

I think windows firewall doesn't cut it.

2 and 3 are provided for free by Comodo free personal firewall. Set the firewall on "custom" (i.e. learning mode) and the behavioral tool (name is HIPS) on "paranoid".

You will start off with a lot of popups with either tool asking for how to decide, but that's normal because they will be in learning mode. In fact, I keep both in learning mode all the time.

Posted

i find a lot of the wikipedia tech write ups are way over my head. but as far as i can see here.

via the hardware itself, other than encryption running faster, doesn't seem newer intel products make much difference, with it's Kernel-Mode Rootkit prevention nor it's "OS guard" ?

Posted

i find a lot of the wikipedia tech write ups are way over my head. but as far as i can see here.

via the hardware itself, other than encryption running faster, doesn't seem newer intel products make much difference, with it's Kernel-Mode Rootkit prevention nor it's "OS guard" ?

correct - these might add *some* amount of security, but to use a metaphor, I would compare these to wearing boots or gloves while driving a motorcycle. Might be useful and save your foot/hand under *some* circumstances, but will likely be useless in case of serious accident.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...