Intel has sought to remedy the situation with the introduction of what they call Intel Anti-Theft (or Intel AT) technology. The concept is so simple, that it’s a wonder it hasn’t been implemented before. But then again, it’s the simplest things that are the easiest to miss at times.
Its workings are as follows:-
The main reason why this service is so effective is because the Intel AT enabled device will contact the server on a channel that is unsupported by the OS, making it almost impossible to intercept or interfere with. Because of this isolation, a device can be completely locked down independent of the installed OS or HDD. A thief can remove the hard-disk and insert a new one, format the current one or even try to boot from a pen-drive but it won’t work. The device will be locked down at a hardware-level and nothing but the right key can revive it.
Be warned, the AT technology will not, by itself, protect the data on your HDD though. Anyone can remove the HDD and access the data on it with the right tools.
To aid in data security, Intel’s vPro-enabled processors allow a part of an encryption key to be stored securely within the AT-hardware itself. With the right software, this encryption key, along with a user generated key, can be used to encrypt and lock any data on an installed HDD in such a way that that data cannot be accessed on any other device without both keys being present and accessible.
Read more about this here.
Intel doesn’t provide this AT service for free. You get the hardware if you purchase a supported device, but that doesn’t mean that you have AT enabled by default. You will need software that will support and take advantage of the AT features at your disposal, especially as someone needs to maintain the servers.
To this end, Intel has set up some “trusted” partners, one of which is McAfee. You can try out McAfee’s version of AT from here.
McAfee sent us an Acer ultra-book for previewing the anti-theft software and hardware, and we must say, the technology is impressive and is an elegant solution to the problem of device security. In the course of our testing the AT technology worked exactly as advertised (and as mentioned in the “Working Mechanism” section above). We even “stole” the ultrabook and used Ubuntu from a pen-drive, making sure that we weren’t connected to the internet and while we could use the device just fine (and access all the unencrypted data on the HDD), when the pre-set ping interval for the AT service expired, the device locked itself down and wouldn’t boot beyond the “This device is reported stolen” screen.
McAfee also takes advantage of the encryption technology offered by the AT hardware to provide you with a secure data-vault. There are a few restrictions with regard to this vault though. While you can have multiple vaults, the maximum size of each vault is restricted to 8GB and you cannot have a file larger than 2GB in there. That said, this vault is meant to store your sensitive data, particularly documents and images and for that purpose, does an admirable job.
There are other software alternatives to a data-vault, many of them free, but this differentiate itself from all the others by incorporating the encryption key from the AT-hardware (as mentioned earlier) and thus, providing a far more secure vault. Of course, high levels of encryption with a long and complicated key will still be almost as good as McAfee’s method given that a brute-force attack would still take decades to crack either system.
McAfee anti-theft works in the following way:-
NOTE: The device-tracking service that is offered by the software (and hardware) is simply awful. Don’t pin your hopes on it. During our tests, the device, while in our Chembur office, was listed at all sorts of locations all over Bombay, even indicating that the device was in Pune at one point.
Intel’s (and McAfee’s for that matter) Anti-Theft solution is something that should ideally be a part of every laptop/ultrabook that is being sold. It’s a very simple solution to a very prevalent problem and for someone worried about security, well worth the price.