back to article Don't listen to Snowden ... Intel: We've switched on CPU crypto for Hadoop

Chip giant Intel is redoubling efforts to defend its valuable data center turf – by developing its own technologies for data management and analysis technologies, such as Hadoop. As part of its mission to make sure that Xeon chips get top-billing when data center admins mull what to run a large Hadoop cluster on, Intel …


This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    AES is an official American encryption standard and I don't trust it. Give me options to run the encryption method of my choice and with my own keys.

    1. Hit Snooze
      Thumb Up

      Not again

      What are you going to do if the encryption method you choose is also or becomes an "American" standard?

      If I was the NSA, I would mind f*ck the world by telling everyone how much the NSA loves and encourages people to use these "secure" systems. I would also throw in a few "working with our very close friend <insert anti NSA critic> we have improved this encryption algorithm."

    2. Paul Crawford Silver badge

      Bollocks, say I.

      "AES is an official American encryption standard"

      You seem to have forgotten the part where it was created by Belgian cryptographers and subject to estensive world-wide analysis before being adopted. That is how it should be (but not always Belgian, unless we are looking at a two-horse race with the Swiss for chocolate).

      If you were pointing at the dodgy elliptical curve standard, or the secret Intel random number generator, then you would have a valid point...

      1. Destroy All Monsters Silver badge

        Re: Bollocks, say I.

        Belgium is NATO, right? Belgium is part of America! Everything is part of America.

      2. Paul Crawford Silver badge

        Re: Bollocks, say I.

        Of course, with a suitably fitted tin-foil hat, I could postulate that Intel CPUs keep a cache of recent AES keys that can be accessed by some secret instructions so that user code can reveal them in a way that software implementations of AES could not.

        You would need native code execution to exploit this, of course, which is hard to do outside of a few US-friendly suppliers of, for example, web browsers. Oh yes, there is Adobe Flash after all on some 90% of machines...

      3. tom dial Silver badge
        Black Helicopters

        Re: Bollocks, say I.

        Perfectly correct, and upvoted accordingly. However there will, no doubt, be those who note that the NSA customarily advises NIST, as they did, for example, with DES many years ago. Accordingly, the reasoning will go, their advice was to accept Rijndael as the standard, with minor modifications, because that was the only candidate they had cryptanalyzed successfully.

  2. Charles Manning

    So who's going to trust software built by Intel?

    The problem with violating trust, is that it is a hard thing to win back.

    Nobody on the outside, and likely very few on the inside, really knows how deep the Intel tretchery goes, if there is some at all.

    At one extreme, Intel are complete NSA/Isreali bedfellows and every thing they touch from code to compilers and SSDs should be suspect and shunned.

    At the other extreme, Intel is completely innocent and Snowdon is making it all up.

    The truth is likely somewhere between these two extremes.

    No wonder Google is considering baking its own ARM chips. Apart from getting the architectures it wants, it then know what went into the device.

    I hunch though this adds yet another hurdle to Intel when it comes to getting design wins for their mobile chipsets.

  3. Stevie


    What earthly good is "transparent encryption?" The evil hackers will see right through it.

    What's needed is extremely opaque encryption.

    1. Anonymous Coward

      Re: Bah!


    2. Charles 9

      Re: Bah!

      (JOKE RIPOSTE) I think that's the plan. If it's so transparent the hackers see THROUGH it, they can't see the cipher data meaning they don't know where to hack. Encryption where my data becomes invisible would be rather nice IMO (END)

      But seriously, the easiest way to get data encrypted on a widespread basis is to make the process turnkey simple, and a transparent (automatic on-the-fly) process can be a step in the right direction if done properly.

      As for the paranoia, you might wanna just wring your hands of the whole affair. Let's face it; few things have as much resources as a state, and if ONE state hasn't subverted half the programmers and coders in the world, then the Russians, Chinese, and Arabs have probably polished off the rest. Which basically makes it a case of "Don't Trust Anyone," which means nothing gets done anymore.

  4. Eduard Coli

    In God we trust all others take cash

    Intel, Microsoft, Apple, Google, Facebook, Twitter and any ofthe other that to the taxpayers money to sell out the taxpayers privacy should never be trusted and we shoudl never have to trust them.

    I wonder what the PRC pays them for its backdoors?


  5. Khaptain Silver badge
    Black Helicopters

    Cloudy cloud

    If it's in the cloud, I don't see how's it possible to retain any form of garauntee.

    A cracker requires time before he cracks your code.

    Give a safecracker time and he will enter your safe.

    The cloud is the element of "time" that is required for the <insert agency/pirate here> to be successfull in pwning your data.

  6. Bladeforce

    Best security ever...

    use a commodore 64 like me! it can be done! The NSA still deal with the 6502 processor? aha! No intel, no Microsoft, no Skype, no Outlook, no Google, no Yahoo, No facebook..the web is all of a sudden fantastic!

    1. Anonymous Coward
      Anonymous Coward

      Re: Best security ever...

      Maximum 64KB of memory and a processor that's extremely simple to follow. Not to mention it runs at a pokey 1MHz. Put it this way. A 33MHz 486SX had enough power to emulate the computer with some optimization of the code (speaking from firsthand experience). How much chance would it have against a multi-core multi-GHz behemoth (and if the rumors are to be believed, the ability to read data off monitors and power lines from a distance)?

  7. ops4096

    ... and the rest of us ?

    Leaving aside the question of NSA subversion ... let alone metadata security, I believe that market demand for hardware encryption by ordinary users for simple things like HTTPS, PGP, TOR and whatever future encrypted security measures are devised, is the next big thing. Yet Intel et al in their infinite wisdom consider these facilities are only to be provided to keep our corpratz overlords safe.

  8. T. F. M. Reader

    Transparent encryption

    I do find it ironic that much effort is being invested in keeping people's data transparent for analysis while encrypting the actual processing/analytics, so that no outsider knows how exactly the data are analysed, I suppose.

    With tongue firmly planted in the left cheek...

  9. simmondp

    It's all about the key location......

    But where are the keys held? If you hold the keys good - if they hold the keys then the encryption is about as much good as a chocolate teapot. (Patriot Act request for Data AND Keys and you know will nothing about it).

    If you hold the keys then at least a legal request needs to come to you asking for the keys, and then you can make a decision about what to do (comply or fight) - and if you comply then at least you know that the spooks have which bits of your data.

This topic is closed for new posts.

Other stories you might like