would like to ask a general question concerning IT-security and Intel hardware (CPUs, chip-sets, NUC-boards).
I have several older and newer computers and read terrifying press reports about security issues that don't concern Operation Systems or Applications, but chip-related exploits, e.g., FDIV-bug Pentium, Active Management Technology AMT, Management Engine ME, TPM, as well as outdated or missing security features in older processors. However, I'm not expert enough to judge the actual consequences of such exploits and gaps in practice.
This causes uncertainty even if the OS and all apps are updated: which Intel cpu/chipset can be used for security-critical applications, like online-banking or other personal web-accounts, and which should be avoided (outdated design without modern security features, or hardware bugs, etc)?
The variety of CPUs, chips-sets and related security features/gaps is vast and confusing. Hence, I believe that Intel's customers would very appreciate to get some guidance here.
E.g., is there any reason not to connect to a bank-account with a computer that uses an
- Intel Celeron 550 from 2008, or
- Intel Atom N455 from 2010, or
- Intel Core i3 M370 from 2011, or
- Intel Dual-Core i5 from 2015, or
- Intel Pentium N3700 from 2016?
The point is that many older computer are in too good shape to be scrapped, so it would make sense to simply classify and use them as follows:
Category A: secure "green" (state-of-the-art security features, no exploits known, can be used for login into web-accounts, online-banking/shopping, email, etc)
Category B: ok "yellow" (security features a bit outdated, but no bugs known, ok for reading news on the web, but not recommended for login into critical accounts, like online-banking, shopping-portals, etc)
Category C: insecure "red" (for non-critical offline use only)
How would Intel (and others) rate the above mentioned 5 processor types using this simple system?
And if a CPU is being rated B or C: can it be secured by any kind of firmware-update from Intel?
Proposal: Intel-experts could walk through the whole product catalog--as it is documented here on this website--and mark each CPU with either a green, yellow, or red flag. This would probably not be much work for personell with the right experience and competence, and it would be quite helpful to make the web a more secure place, raise customer satisfaction, and maybe motivate some people to invest in new Intel-hardware.
Many thanks for your responses in advance!
Best regards, Martin