Emerging Tech

Intel technologies allow for remote repair


New technologies introduced last year by Intel could allow a computer repairman to connect to your machine remotely to make repairs, even if the computer is powered down. The technology allows for a networking chip to be active in the computer all the time, allowing for someone to connect remotely, power on the machine, and repair the computer. The technology is tailor made for the corporate market, which does not have privacy concerns, since the company owns the IT assets. However, the PC chipmaking giant is hoping that consumers will feel like the privacy tradeoff is worth having a "round the clock watchdog."

New Intel chips let managers turn on powered-off PCs for repairs (San Francisco Chronicle)

Remote support options are not new -- Microsoft integrated remote assistance software in its operating system years ago. There are also several products that allow a user to connect to technical support and give control of their computer so that the technician can run diagnostics or make repairs. However, technology that allows a repairman to remotely power on a computer, make repairs, and shut the computer down regardless of the operating system has until now been relegated to expensive add-on cards for servers. This type of remote assistance could reduce repair costs to consumers as most repair services charge less for troubleshooting or repairing problems remotely.

Remote support comes to consumers' aid (CNET)

Remote interest in bottom line (Brisbane Times)

I personally prefer remote assistance, whether I am giving or receiving technical support. I don't want to have to pay an expensive engineer to visit my location (at my expense) when they can more easily use Microsoft's remote assistance, Citrix GoToAssist, or any of the other products out there. We have had this option available to us at my workplace for a while with ScriptLogic's Desktop Authority product. I have the ability to connect to a remote PC, look at its setup and configuration, or even take control of the desktop at any time.

What do you use for remote assistance (either giving or receiving)? How significant are the privacy concerns of consumers, given the technology that could allow someone to remotely power on and take control of your computer? Will you disable this chipset on your home machines or allow the remote control technology to stay active? Will this technology help you to diagnose issues at work? Join the discussion.

--------------------------------------------------------------------------------

Stay on top of the latest tech news

Get this news story and many more by subscribing to our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!

39 comments
TidBits
TidBits

Attended Intel seminar on Vpro chip technology. For this feature to work, as mentioned by Doogster's post 'Firewalls and home users', the machine being remotely booted must be on the same network - the controlling software for now does not leap across firewalls. The idea is to offer pre-boot remote support - for example, being able to fix BIOS setting errors/missing or corrupted system boot files in a controlled network environment, which would be useful for controlling remote servers/pcs. Fancy travelling to a remote location to reboot some servers/pcs as part of your job? Hence if your pc is behind any firewall, there need not be any fear of it being remotely booted and controlled without knowledge. In a corporate settings, yes, policies need to be established to let users know of such remote assistance technology in place and the proper authorization, supervision and logging of such activity to satisfy privacy concerns. Regards.

Poordirtfarmer
Poordirtfarmer

I'll be a mighty long time bringing myself to trust that kind of technology In the meantime, a machine with that capability I'd turn off at the surge protector after I shut down.

kevinlevart
kevinlevart

I agree and think that this is sort of a "playing with fire" type of deal. If we lived in a perfect world, this would be a great option. I mean, heck, let's not put keys in vehicles and just allow them to go via a simple switch. But, we can't because there will be someone that will misuse this. What is the majority census of the best remote repair software/method for clients. I am looking for one that is reliable and cheap (i'd like free)?

BALTHOR
BALTHOR

Intel is implying that the problem is file related.This one sounds like Military.

barrie.duke
barrie.duke

Our information is confidential and in thewe UK are bound by the Data Protection act. No-one can be allowed near it. Download it to another country and we are liable for an illegal act. Intel have a lot to learn! We have run an optional Home Support project for years across 800 sq miles of a rural area. It's a matter of agreeing a protocol and only using a link when requested. We use Logmein Free and today I have twice helped an older peron sort their computer out - it provides them with the confidence and comfort of a backup service that they seldom need. It saves me spending all day on the road.

btljooz
btljooz

I can recall that I actually AGREE with BALTY, even though he is a [i][u]troll[/u] [/i]. ;)

GreyTech
GreyTech

Like Eternal, I've used RDP thru VPN to support clients, but I am increasingly concerned, like Meesha, by application vendors requiring such access. There is always a trade-off between cost and security. Do you trust the vendor enough to allow admin access to your system, because that is what they normally require? Then they allow junior techies to sort the problems. How often do we hear stories of unscrupulous plumbers or electricians ripping off their customers? How often does it happen it our world of IT? Personally I don't want to give access to my systems, to anyone outside, but for many people the cost/security trade-off comes down firmly on the cost side. One last point; many, if not most, home users have inadequate security. This causes a proliferation of zombies and almost unfettered expansion of spam and malware. Would more remote access by the vast majority of honest suppliers and their support teams, at costs the users would be prepared to pay, improve overall security to the benefit of the honest user community.

Eternal
Eternal

One of my major clients as I said in another thread is a law firm, they love the remote access. They're about to get a special system in for real estate law and such. The vendor is providing a server and require 2 ports open on the firewall for remote admin and remote backup. From their box, they "maybe onthe network" but they'll have no permissions to anything except their box.

jmarkhus
jmarkhus

you know Bob, speaking as someone who has to drive over 22km on a customer support call for which i only bill for the hours onsite, remote access would be a blessing for me. is there a way to segregate data from applications? maybe the fact that most desktop OSes don't offer multiple users should be a selling point. the whole time you work remotely, the user can watch since it will be a live session. i am paranoid as the next guy but driving 22km to change the font on someones word document REALLY old pretty quick. how does one set up cheap remote access to soho clients?

GreyTech
GreyTech

For jmarkhus: For users on broadband use the built in Windows XP "Remote Desktop" for those on dial-up use PCAnywhere or VNC. If they have a router for you to go through set-up a VPN channel. I prefer to get soho customers to use routers like DrayTek with built in VPN servers.

nappy_d
nappy_d

Like everyone else here, there is nothing new here. Also, it's just one more potential method for someone to try and compromise a computer.

wrlang
wrlang

Don't forget that the government is one of the proponents of this kind of technology. Use to be that remote support was disabled on new machines. Now it's enabled. There's a cable going into my network card that I can unplug anytime I want. That use to be the SOP before firewalls.

W.E.
W.E.

No way jose!!

Andy Moon
Andy Moon

We use remote control technologies where I work, but we require that the user give permission for us to take control of their desktop. This technology would allow someone to take control of a computer even if it is powered down. Do you see this as a benefit at your place of business? At your home? What privacy concerns should be addressed before Intel puts these chipsets into home computers?

btljooz
btljooz

While remote assistance 'can' be a useful tool in the CORRECT hands for the CORRECT purposes, making it a part of Hardware would only ADD to the co$t of said hardware. Where's the $aving$, there? ?:| Remote assistance is already available in software. Why the [i]need[/i] for 'hardware' remote [i]assistance[/i]??? Just so hardware manufacturers can make the pad$ in their pocket$ BIGGER??? Let's not forget about 'govs' spying into people's lives over telephone lines, computers, etc.!!! This chip is only the next tool in the [i]gov's[/i] spy tool arsenal enabling them to further stick their noses where they do [b][u]NOT[/u][/b] belong!!! As usual, it's being introduced as a [i]good[/i] thing to get it into people's computers. Then Big Brother will know exactly what is done on every single computer these chips are installed in and run amok with what [i]'he'[/i] finds out in whatever fashion [i]'he'[/i] wants. [b][u]NO THANK YOU!!!!![/u][/b] Big Brother's done it before, is doing it now and is only stepping up [i]his[/i] tempo. GREEDY companies who buy into aiding and abetting such behavior should be [b] [u]BOYCOTTED INDEFINITELY!!!!!![/u][/b]

ajaymm
ajaymm

Hi everybody, I am the manageability developer community manager working for Intel corporation. I totally understand the privacy concerns that all of you are concerned about. But, please remember that there is a whole population of people just getting there hands on a PC and would love remote manageability. So, what do you think should be done to address the privacy concerns and still make it possible for remote administration. Let me put it this way .. what would make you comfortable to enable remote manageability on your PC? Regards Ajay Mungara http://www.intel.com/software/ajay

btljooz
btljooz

You make that chip an [b][u]OPTION[/u][/b] for those who want it. For those who do NOT want it leave it OUT of the picture [u]altogether[/u][b]!!!!![/b] It's called "Freedom of Choice". ;) BTW: The "K.I.S.S." method usually works the best, don't you think?

asgr86
asgr86

Remote control is not good, some people will frek out when they come to know that IT admin can connect to they system even if they shut it down.....

carlsf
carlsf

Depending on how the chip operates could be a very useful tool depending on the following..... 1) What security options? for the user 2) would the technician have an password access? 3) The What if it was a hardware fault not software. I would definitly like to see how this chip would operate, and would be a starter.

Eternal
Eternal

I can't rememeber the spelling of the project, it was paladeon, pladeon, pl something... Anyhow I think I read about it here on TechRepublic.. HP, Microsoft, AMD, Intel, etc were involved - Would allow a "governing body" to censor and do what ever they want on any PC. They don't want you to go to www.apple.com ... you can't.. they don't want you to curse in an e-mail... guess what.. Yeah that got dropped fast, but step by step we're gettng there...

mullakev
mullakev

Anyone who would allow someone else to start their personal computer remotely must have their head examined Why don't you open the door and let the world in

zefficace
zefficace

If your look at my profile, you'll know I'm a lawyer. For that very reason, I will not and would not allow such technology to be active... even if it was approved by the Bar. I'm personnally responsible for the safety and confidentiality of the data, and I don't see how I could live with the idea that my computer can be turned on in my absence. These kind of techs are accidents waiting to happen. I will remain on the psychotic side, and keep my virus/hacker/rootkit free computers behind any protection I can afford... including being present when they're powered on.

Eternal
Eternal

One of my clients that loves the remote access feature is a law firm. The PC's are on 24/7 for daily backups, etc. It's not so much that the technology is there and available for use, it's who has access to this feature. I'm a one man outfit so they know it'll only be me or 2 of the lawyers who can use this feature. This is the same place I have keys/alarm code/safe(vault) code for(The server is in the vault). Frankly, I'm a trust worthy person and I'm ex-army so I've had clearance to more inmoprtant info than anything these guys have on their clients. That and I don't care who's being sue by whom, who is getting out of jail, going to, or who is buying what house... etc, etc.. nor do I have time to go look.

zefficace
zefficace

You didn't have a freeky, less than tech qualified Bar inspector try to hack your wifi to see if you had a hole. The whole attempt just so to write a bad report to the Bar so that he could justify his job. Of course, he only managed to logon to the neighbor's network... but he was so damn proud to have found a vulnerable network. He was much less proud when I told him he was trespassing on a network he had no business to be on (it is a criminal offense after all). Dealing with such inspectors leaves me rather paranoid. These kind of half-wits scrutinize everything and expect you to have bigger professional insurance policies if you do business with anyone outside your office for your IT needs. They are also tougher on small law offices like mine... at least, that's my experience. A funny situation, granted, but not if you have to deal with the local Bar of Quebec. In consequence, no freaky cpu for me thank you very much!

GreyTech
GreyTech

Uncontrolled access, by users not understanding how to turn it off, will not only allow support guys to get in to your PC but the FBI, CIA, MI5, MI6, NSA and al qaeda. Do we believe that users will understand enough to secure their systems?

Eternal
Eternal

Well here at the Univeristy where I work we use VNC(yes I know) the way we have it setup is we call up the person and say hey can you turn on your "contact helpdesk" (vnc) then we remote in with a password and get to work. With my personal bussiness my major bussiness clients, I use RDP to the file servers, then bounce from the file server to the client side PC if need be. I will add the filer servers are using non-standard ports for a hint of security. Via this method I can take over without their permission, but they can kick me right back out by re-logging in. I use this method so I can tellt hem to leave their PC on over night and I'll just remote in and fix it. Most my clients don't care I have this ability and actually like it. I live out in a rural area. Some of my clients are really close and some are a 100mile round trip. They all like that most problems I can fix in 3-4min without ever having to show up(I normally don't bill for those)

Meesha
Meesha

Like yourself our organization internally has a process for remote support. However, to allow external vendors direct access has become a huge pressure point in their providing support. We can't allow it but it has become almost a demand from many of the large application vendors. We had an experience two years ago with a specific vertical market vendor where we gave them access to the production system. Our Senior Tech just happened to be watching at the server console that day when she noticed the vendor accessing through the back door and downloading customer data; she disconnected a.s.a.p. and reported the incident to me. I immediately called the vendor and asked for an explanation. They said that they did NOT download any data and just kept denying it. I sent a formal letter of admonishment to the vendor's president who again responded in the negative saying that we did not know what we were talking about. I took this matter up with the most senior manager as well as the application owner requesting that we discontinue services with this vendor. I was told no and that I had to find a way to "work" with the vendor. So I did. I put them on PCAnywhere where they must call us to open the connection at which point they must provide details of "why, who, when, etc." and at that point I have one of the techs "watch" the process from beginning to end along with "logging" of the transaction. They still bitterly complain to this day and now want 7/24 access while using Skype? Are they mad? Of course they are. They know that once our senior management allowed the original transgression they can pretty much stretch the boundaries all they want. I'm disgusted but what can you do. This experience tells me that if any company, MS, Intel, HP, IBM, AMD or whomever is given this type of carte blanche to your PC whether you're at home or at work is a clear recipe for disaster. Do you really seriously want someone else into your system unattended poking about, downloading/uploading, modifying at will? Let's do a reality check - NO, NO and a billion times NO!

ajaymm
ajaymm

Hi Meesha, It is very unfortunate to hear that service providers are basically misusing the remote administration option. I still think there is a lot of value in remote administration, but we need to make sure there is plenty of logging and provide access only to certain capabilities,data, etc. on the remote machine. When remote administration becomes a reality then we need to also make sure to put enough controls in place to prevent the experience you have had with the vendor. Regards, Ajay http://www.intel.com/software/ajay

Meesha
Meesha

. . . it only takes one bad apple to make the barrel rotten. Intel in and of itself is not my overarching concern. It is all vendors who have or will jump on the "access" bandwagon in the name of good service but who in reality hide their potential for larceny at the worst and accidental data leaks at the best. Who do we hold responsible when it happens? Me the smallest fish on the food chain or the gargantuan whales such as Intel, IBM, Microsoft, et al? This isn't simply a matter of remote administration. As we've previously stated, many organizations already provide this successfully within their own walls. So this whole issue must NOT be seen to be a simple "we just want to provide better service to our customers" but rather as a potential for extreme disaster on many fronts - security, privacy, legislated responsibilities. When the bank tells you you are overdrawn and maxed out on your credit cards, personal line of credit, loans and mortgage, that same bank is going after you not the "I just want to be helpful vendor". Even with the best physical security and the best security processes in place, no one has yet been able to safeguard the consumer or business owner. Time and time again, we have reports of ID theft, BOTS, Phishing, spoofing, etc.that affect our societies at all levels - no one is immune. So no, no one can protect me better than I can protect myself. As others have alluded in this forum, what's to prevent the "bad" guys from using the same methods undercover of their potential employment with that helpful vendor? You say it can't happen? Then why do all the security and audit statistics point to internal disgruntled or incompetent employees as the number one risk factor to any organization? What happens when many of these same vendors outsource their support services to off-shore entities that are protected by their own laws and not ours, who suffers? Who pays the price? Who cleans up the mess? And it's already happened. By the way, this issue is the same if not quite similar to when Microsoft a couple or so years back wanted to be the guardian of your PC. They got around our concerns by forcing us to use their update service on their terms. And even now with their recent release of the XP upgrade VISTA, they have built in the capability to shut down your system if they see you as not "fit". Their whole activation / deactivation process benefits no one but themselves. To give Intel the similar capabilities but at the board level is just ludicrous. I don't need to give access to the Police to my home just so they can make me "safe". So why would I give a vendor access to my home or business PC where I store much of my valuable information? I still say NO!

Doogster
Doogster

Even if WOL was built-in, the "magic packet" still needs to be allowed through the router or software firewall. Just because it's on the PC doesn't mean they can get to the PC. And if you don't have a firewall then you've got bigger problems. But overall I don't see it as that great of a benefit to home users. I just can't see people feeling comfortable with an outside company working on their machine while they're not there. If someone's got to work on my machine I want to be there to see what their doing. Would you want a repair man to be able to let themselves in your home while you're not there to fix something?

Neon Samurai
Neon Samurai

Having grown up in a town of 1500, I'll just continue nodding understandingly.

Eternal
Eternal

I live in Athabasca 150km north of Edmonton... population 3300 in town

Neon Samurai
Neon Samurai

But you've Edmonton listed so instead I'll just nodd understandingly; ah, fellow Canadian.

Eternal
Eternal

I have over $40,000 worth of computer equipment in my house.. well dueplex that I rent. My landlord won't come in unless I'm home cause he doesn't want the liability of "forgetting to lock the door and I get robbed" Some people don't mind. I've had people, I go pick up their computer.. they're home.. I bring it back to the shop fix it.. callthem up schedule a drop off time... they say oh, I'm not going to be home, but the back door will be unlocked.. just come do your thing, and don't worry about locking the back door. A couple people have giving me keys and codes to alarm systems... For liability reasons I don't take just anybodies keys.

glfinney
glfinney

I understand why the computer industry would want such a feature , however in this day and age when identity theft as well as other issues are rampant why would I want to open myself up to yet another potential hole in security.

ajaymm
ajaymm

Hi, I agree that we should not have another opening for identity theft, but don't you think with this technology we can potentially prevent identity theft. This technology is mostly targeted towards novice computer users who do not apply the necessary security patches or download the latest updates to the software. If service providers are able to take care of that remotely then it will close the door to potential hackers / viruses. I understand your concerns with privacy and I know it is not a easy problem to solve. That is why I blogged about this problem yesterday. http://softwareblogs.intel.com/2007/06/18/its-a-lot-of-power-to-give-over-to-someone/ regards Ajay http://www.intel.com/software/ajay

Ex Dementio Scientia
Ex Dementio Scientia

Unless I am completely missing the point, this is not so different than WOL. As with WOL I expect you can turn it ON/OFF in the BIOS. Even if not possible to turn OFF, the firewall - we're ALL running firewalls these days, yes - will not allow any unwelcome packets to reach the computer.

lsatenstein
lsatenstein

If Intel can enter my computer via the internet, what is to prevent a criminal (company) from so doing. And from what I see, they would be able to add a rootkit, or whatever, and that's a security risk. I dont care if Intel has a way to check the machine using the mac address or built in serial number in the cpu.

ajaymm
ajaymm

Hi Josh, I work for Intel Corp. and I am the manageability developer community manager (http://www.intel.com/software/ajay). Intel only provides the technology that makes manageability possible remotely, but the policies has to be set by the business users along with the service providers. Hope this helps. Regards Ajay Mungara