IDC in December reckoned on compound annual growth rate of one per cent over five years for portable PCs, and a decline of 2.5 per cent for desktops. That’s alarming for Intel, which relies on a cadence of PC sales of three years in notebooks and four for desktops to help drive sales.Also, Intel has historically relied on new releases of Windows – businesses and consumers buy fresh PCs to cope with the system demands of Microsoft’s new OS.“When people move to a new operating system they almost always do so on new hardware so it’s a benefit to us as well,” Garrison said on a trip to the UK. He estimated people are “excited” about Windows 10, released in July, a fact that will drive PCs sales and therefore mean business as usual.“What you get from your old PC versus what you can buy is a significant cost for the business, plus the PC starts to wear out and break frequently,” Garrison said. But, if Gartner and IDC are correct, Windows 10 hasn’t so far (and won’t in the near future) do anything to prompt growing PC sales.Microsoft hasn’t exactly helped by giving Windows 10 away for free to download – an offer that, at times, has seen Microsoft forcing Windows 10 on existing users. Worse, Microsoft has said there will be no new versions of Windows after Windows 10 – that it’ll be incremental updates, instead.
Garrison reckoned this won’t hurt PC sales, and the raw fact that the older a PC becomes the slower and cruddier it gets, will somehow prick the conscience of corporate IT purchasers. “Do we expect to see any change in the hardware purchase? The answer is 'no'. If they are on a three-year cycle we expect to see them still on a three-year cycle, he said.Intel won’t admit it, but Microsoft will (or has), and the author of the Windows client seems to have recognised both the implications and the limitations of its “free” policy. Microsoft will refuse to release updates for Windows 7 PCs to take advantage of new chipsets from January 2020 and January 2023 for 8.1.Whether it’s ignorance about ending support deadlines, lack of money to spend on new PCs, or just a willingness to gamble, Microsoft's dangling of the carrot hasn't forced them to upgrade in the past. It's unlikely to do so in the future. On Tuesday, the California chip giant sprung this news on the world, revealing what it seemed to be saying was a really big secret: all this time, the sixth-gen Core family, launched in September, has had brand-spanking new multi-factor authentication support, and no one knew? Blow me down with a feather.
However, the technology appears to be an extension to various security mechanisms Intel has been eking out for years.The multi-factor authentication – dubbed Intel Authenticate – hopes to do away, in part, with passwords, and is aimed at businesses, large and small. Right down at the firmware layer, the chipset stores policies and authentication data that are supposed to be safe from hackers.Authentication data could, for example, be the user's fingerprint, or a PIN. A policy could, for example, state that a recognized work-issued smartphone within close range of the machine, plus the entry of a correct PIN, is enough to log into the device. The policy could add that if the machine is not connected to a corporate network, then a smartphone within range, a valid PIN, and a valid fingerprint, read from a builtin sensor, is needed to unlock the computer.So, if you're using a laptop in the office on the corporate Wi-Fi, with your phone on the desktop within Bluetooth range, all you need to do is type in a PIN to log back into the PC. If you're in a cafe at the weekend, you'll need to provide a fingerprint to make sure you're not a thief.
Intel Authenticate embeds multi-factor authentication into hardware in the platform architecture, said Thomas Garrison, a vice president in Intel's client computing group.By doing so, the most common software based attacks that steal user credentials through viruses or malware are rendered ineffective. Intel delivers a secure PIN, a Bluetooth proximity factor with your Android or iPhone, a logical location factor with vPro systems, and fingerprint biometrics.The operating system – so far Windows 7, 8 and 10 support Intel Authenticate – has to communicate with the firmware to get the yes or no confirmation for allowing the login. The OS isn't supposed to see the fingerprint or the PIN, so it can't be stolen by code running inside the kernel or in user space.If you can't login – such as you lose your phone – you can optionally fall back to a password. It's supposed to help employees who are bad at remembering complex passwords, and IT support desks who have to do daily resets for people.Intel Authenticate uses two firmware-level systems that give security researchers and privacy activists the heebie-jeebies: Intel's Management Engine (ME), and Intel's Active Management Technology (AMT). Both of these have been around for years, work below the operating system, and are mostly invisible to the layers of software above them. They are supposed to allow sysadmins to control machines remotely, but offer other features. AMT, for example, provides the network location detection used by Intel Authenticate.
The Management Engine built into the motherboard chipset provides the secure memory area for storing policies and the user's authentication data, which aren't allowed to leave the secure area nor allowed to be tampered with unless you've got the right privileges. This is supposed to stop miscreants from setting lax policies or swiping people's login details.This is why you need a firmware download to activate Intel Authenticate; the software runs only on vPro editions of Intel's new sixth-gen Core CPUs, aka the Skylake family. The Skylake vPro parts were announced this week.This whole system appears to be an iteration of the two-factor authentication methods we've seen before in Chipzilla's business-friendly chips, such as the 2011 Sandy Bridge vPro parts, and the Broadwell vPro family in 2015. Back then, it was known as Intel Identity Protection, which provides support for two-factor authentication, such as logging in with a username, password and hardware token, or a username, password and one-time code sent to a smartphone.
Now, Intel's added Bluetooth and fingerprint-reader support, made it a bit more user-friendly, thrown in PIN codes, and voila. It might explain why these two press releases on the vPro series, a year apart, seem so similar.A Canadian widow won't have to go through the courts to get the password to her dead husband's iPad after Apple, in the face of media pressure, withdrew its insistence on legal action.Last August 72-year-old Peggy Bush lost her husband to lung cancer and, among other belongings, was left her husband's Apple laptop and iPad. But when she fired up the fondleslab she found it was password protected and her husband had neglected to write it down anywhere.I just had the iPad. I didn't touch his computer, it was too confusing to me ... I didn't realize he had a specific password I should have known about ... it just never crossed my mind, Bush told the Canadian Broadcasting Corporation.Her daughter got in touch with Apple support and explained the situation. The customer support operators said it wouldn't be a problem – they would just need the will bequeathing the hardware to Mrs Bush, along with a death certificate.These she gathered, but when calling back the customer support representative claimed never to have heard of the case. Bush's daughter spent the next two months being given the runaround, as she put it, before an Apple staffer told her they would need a court order to hand over the password.
I was just completely flummoxed. What do you mean a court order? her daughter Donna said. I said that was ridiculous, because we've been able to transfer the title of the house, we've been able to transfer the car, all these things, just using a notarized death certificate and the will.Donna wrote a personal letter to Tim Cook explaining the situation but got nothing back from Apple other than an affirmation that the firm would have to have a court order to allow her mother to use the iPad as intended.The family went to their local media to protest the situation and, lo and behold, Apple swung into action. The firm said that the whole thing had been a misunderstanding and has since begun working with the family to sort out the situation.The case highlights what is going to become a growing problem for those shuffling off this mortal coil. Very few people take the time to pass on their passwords when dealing with death, and unlocking electronic equipment can be an unwanted frustration for a family dealing with the death of a loved one.This gets worse with people's media increasingly being online. Under a strict interpretation, passing on your digital possessions like music and (in this case) games is illegal, since the buyer is only renting them for the length of their lives, rather than owning them outright.