Comments Locked

36 Comments

Back to Article

  • HStewart - Tuesday, April 17, 2018 - link

    Pretty interesting article, one thing I be curious if Intel iGPU could be use while an Discrete GPU like Mobile NVidia and AMD GPU or like on this 8805G I am typing this on is active.

    But one there is a lot out about Cryptomining on GPU, but Intel is using the technology for a good purpose to protected the customer. There are even virus and such that use GPU to mine on some else computer even if they don't know. I am glad to see someone using the technology in GPU for some thing that is good for the customer. Of course original purpose for graphics should always be supported including games.

    Intel has been attack on security side for last 4 months or so, and this is likely the only the beginning to fight fact. Of course there will be others out there that will come back and say it means nothing - but I would help AMD also considers working with Intel and Microsoft to also provide support for their customers.
  • Samus - Wednesday, April 18, 2018 - link

    That's a good idea. Use the iGPU silicon when a dGPU is present to do things like threat detection...
  • PeachNCream - Wednesday, April 18, 2018 - link

    I think the concept of using the iGPU is a good one, but my concern is that the iGPU activity will generate heat that would otherwise not be present (say the iGPU is scanning while the CPU and a potential dGPU are busy with another relatively demanding, user-initiated task) and that additional heat will force the CPU to throttle because of rising temps that a HSF can't cope with. This is more of a problem for laptops than desktops since mobile processors usually have a much lower overall TDP threshold, but since we live in a largely mobile world, I can't escape the idea that we might bump into this problem. Then again, a set of throttled CPU cores would probably still respond better than those same cores running at full speed that are busy messing around with an antivirus scanning chore. That and there are a lot of situations in which the iGPU has processing time to spare even when it's the only graphics processor in a system. It doesn't take a lot of GPU effort to display a website or throw characters on a screen as they're being typed into a document so sending a task to those underutilized iGPUs might be a fair way of putting those frequently idle transistors to work.
  • Bulat Ziganshin - Wednesday, April 18, 2018 - link

    they should pause scanning when cpu/gpu is busy, like they probably do now with cpu-only scanning

    There is another concern, though - i not sure that OS can employ iGPU when dGPU is installed and selected. At least, for other purposes it goes that way
  • Manch - Wednesday, April 18, 2018 - link

    I wonder if this will run on GCN. It would seem silly for Intel to leave out its hybrid CPUs w Vega. Considering this is first supported in MS defender, I cant see them making it a intel exclusive. Intel could use the good PR.
  • Bulat Ziganshin - Wednesday, April 18, 2018 - link

    they probably developed OpenCL 2.0 solution with IntelGPU-specific commands. But important point is the idea itself - i'm 100% sure that MS and other AV developers will quickly catch in

    BTW, Gen9 GPU is Broadwell, and Gen 9.5 is Skylake (there were no new GPUs since Skylake)
  • Ryan Smith - Wednesday, April 18, 2018 - link

    Gen 8 is Broadwell. Gen 9 is Skylake. Gen 9.5 is Kaby Lake & Coffee Lake (which got a bunch of new media functionality that Gen 9 didn't have).
  • peterfares - Wednesday, April 18, 2018 - link

    Don't those hybrid CPUs have iGPUs along with the Vega GPU?
  • mode_13h - Wednesday, April 18, 2018 - link

    Yes.
  • mode_13h - Wednesday, April 18, 2018 - link

    Their hybrid Kaby Lake still has the Intel iGPU enabled.

    Intel iGPUs are actually better for this sort of thing, since they contain more narrow cores. Should be better for integer, scalar, and branch-heavy tasks.
  • Manch - Thursday, April 19, 2018 - link

    Oh OK, thanks. Didn't know that. Other than its a notable oddity of AMD GPU with Intel Proc, just not a product applicable to me. That solves the prob of leaving those procs out and I guess reutilizing the igpu for something else beats just letting silicon bake.
  • willis936 - Tuesday, April 17, 2018 - link

    These all sound like bad solutions that at best just make me nervous.
  • HStewart - Wednesday, April 18, 2018 - link

    I would wish some time some one review a product or new idea and leave out the name of manufacture and then once the comments are made review the name.
  • mode_13h - Wednesday, April 18, 2018 - link

    Only because you care about the comments. If you don't like the comments, then just focus on the data (when this is reviewed) and ignore us.
  • willis936 - Friday, April 20, 2018 - link

    It’s almost like everyone forgot about Intel ME and are content to repeat history.
  • jordanclock - Wednesday, April 18, 2018 - link

    Okay, so we have iGPU accelerated signature-based AV scanning, a system to collect data points to detect new malware outbreaks and a toolkit of local security options utilizing existing CPU/mobo features.

    How are these bad solutions? And you're nervous because....? Intel will be collecting telemetry to help identify new threats. This is vital data. To expect better security without it is akin to telling the auto industry to get better gas mileage but they aren't allowed to see how drivers actually drive cars.
  • willis936 - Wednesday, April 18, 2018 - link

    The first sounds like using resources without the user's consent or ability to disable it and the second sounds like it exposes a huge swath of attack vectors that previously didn't exist.
  • mode_13h - Wednesday, April 18, 2018 - link

    First, they didn't say they would activate it without consent.

    Second, how does it expose the system to any new attack vectors? Are you aware that Intel has made the iGPU available for compute tasks since Sandybridge?
  • willis936 - Thursday, April 19, 2018 - link

    You seem to think that the headline is "intel to make generic software implementation" and not "intel making more unauditable black boxes".
  • Hurr Durr - Wednesday, April 18, 2018 - link

    It should be "Mossad Announces...".
  • bairlangga - Wednesday, April 18, 2018 - link

    Well, it could be time also for Microsoft for them to lift up some of their notorious Win10 services which ramped up CPU usage every now and then beyond user control to the GPU. There are tons of them...
  • serendip - Wednesday, April 18, 2018 - link

    Why just Gen 9? I would assume Gen 8 GPUs like on Atoms are equally capable of this.
  • notashill - Wednesday, April 18, 2018 - link

    It wouldn't be an Intel announcement if they couldn't work some extra market segmentation into it.
  • Bulat Ziganshin - Wednesday, April 18, 2018 - link

    Gen9 added OpenCL 2.0 support which is much more capable than OpenCL 1.x
  • mode_13h - Wednesday, April 18, 2018 - link

    Exactly. OpenCL 2.0 added support for shared virtual memory, which sounds like it'd be necessary for the GPU to scan CPU processes.
  • Xajel - Wednesday, April 18, 2018 - link

    So next they will create a new Anti-Virus Accelerator and sell it for $300 with a monthly subscription.

    Yeah, security is an investment.
  • HStewart - Wednesday, April 18, 2018 - link

    I hope Microsoft does not do that - but I believe that it should be done for non-Intel GPU's also.. assuming that non-Intel have the specific function needed to make this work.
  • BurntMyBacon - Wednesday, April 18, 2018 - link

    @Anton Shilov (Article): "The focus of Intel's efforts here is on one specific aspect of AV scanning: in-memory (resident) malware, which doesn't get caught in TRANSNATIONAL disk I/O checks and instead requires scanning a system's complete memory to check for."

    I can see how they wouldn't want to get involved in TRANSNATIONAL disk I/O checks. Who knows what kind of government involvement and regulations might apply. (O_o)
  • Manch - Wednesday, April 18, 2018 - link

    Thats why theyre really building a wall...
  • Azurael - Wednesday, April 18, 2018 - link

    If Intel actually cared about consumer security, they'd provide a way to turn off the remote manageability of vPro platforms, but I suspect they don't want/aren't allowed to...

    "Intel does not put back doors in its products nor do our products give Intel control or access to computing systems without the explicit permission of the end user."

    This was part of the statement released by Intel when the ME-related CVEs were made public. Notice that it is very carefully worded - all it says is they don't give _Intel_ access to your computer. Read from that what you will, but I would expect them to have written it as follows:

    'Intel does not put back doors in its products nor do our products give anybody control or access to computing systems without the explicit permission of the end user.'

    If that were true...
  • Azurael - Wednesday, April 18, 2018 - link

    It might be a complete coincidence but I should point out that when I posted a similar comment on Intel/McAfee's 'Securing Tomorrow' article about the ME vulnerabilities, the entire post was pulled a few days later...

    It _was_ at https://securingtomorrow.mcafee.com/executive-pers... - and now neither in wayback machine nor the Google page cache... Hmmm.
  • Azurael - Wednesday, April 18, 2018 - link

    I should probably clarify what I mean by 'turn off' remote manageability - obviously, there is a setting to do this but it quite clearly doesn't. The TCP/IP stack remains live and responsive, LAN will remain up when the system is off even if WOL is disabled, ME continues sending interrupts to the system when there is nothing which should have apparently invoked it.

    ME is a complete black box, they won't talk about it and I very much suspect that outside of the DRM and platform initialization functions they've shoehorned into it in the last couple of generations to give it a 'legitimate' purpose in a consumer platform, there is no reason for it to be present/active on 99% of machines it ships on.
  • Hurr Durr - Wednesday, April 18, 2018 - link

    Complete cohencidence, as it always is with intel. Or Mossad, who`s to know anymore.
  • wow&wow - Wednesday, April 18, 2018 - link

    “Intel Announces Silicon-Level Security ...”

    What is the point of silicon-level security technologies if the company couldn’t even simply follow what was defined by itself?

    Can “Intel Threat Detection Technology” detect its not following what is defined by itself?
  • Vinayancho - Monday, April 23, 2018 - link

    Guys, i know, you love vulgar girls
    What about online communication with them without limits? Here http://sexbadoo.ga you can find horny real girls from different countries.
  • Kotonyekia - Tuesday, April 24, 2018 - link

    Guys, i know, you love vulgar girls
    What about online communication with them without limits? Here http://sexbadoo.ga you can find horny real girls from different countries.

Log in

Don't have an account? Sign up now