There is not a certain way the Intel Content Protection HECI Service, and Protection FW Intel Integrated Clock Controller Service can be explain what they really do. That information is kept with the engineers.
Also for the proper functionality of the graphics driver, I would not recommend you remove them.
i just installed the latest HD 4000 graphics drivers 184.108.40.20632 on windows 7 x64 and noticed the 2 services below. i tried searching google and cant find any info on them. can some tell me what they actually do and if i safely disable them? thanks.
Intel(R) Content Protection HECI Service - enables communication with the Content Protection FW
Intel(R) Integrated Clock Controller Service - Intel(R) ICCS
The 'Intel(R) Integrated Clock Controller Service - Intel(R) ICCS' is a new one included with the 2932 driver, but for what it's worth, I've disabled the 'Intel(R) Content Protection HECI Service' and the system has been running fine.
Not keen on Intel continuing to add extra running services to the drivers though, I'd prefer it if they didn't, or made it more integrated into the main driver itself.
yea. i think its a little ridiculous that intel installs a service on MY computer then says "That information is kept with the engineers". i'm not asking for the source code all i want to know is what its function is. i think thats a reasonable request. what is Content Protection FW? is that some firmware that protects against playing copyrighted media. is it some HDCP garbage and that's why they wont disclose what it does?
I understand you are not asking for any source codes, but please understand that we cannot give any information regarding the Intel Content Protection HECI Service, and Protection FW Intel Integrated Clock Controller. Its an Intel policy.
So does everyone leave all of the services enabled? I just installed the latest Intel drivers for my HD 4000 and I have 6 Intel services running!
-Intel Content Protection HECI Service
-Intel Integrated Clock Controller Service - Intel ICCS
-Intel Capability Licensing Service Interface
-Intel Dynamic Application Loader Host Interface Service
-Intel Management and Security Application Local Management Service
-Intel Managementand Security Application User Notification Service
Seems kind of excessive, and some sound useless, but I'm not sure if I should disable them or not.
I think it's a HORRIBLE policy of Intel - or any company for that matter - to install new services onto our computers and then tell us "sorry, it's a secret" when we ask what they're for. Really inspires trust, huh?
I suggest Intel *revise* that policy ASAP.
From my own research and testing, I can say the following: Both the Content Protection HECI Service and the Intel Integrated Clock Controller Service can be disabled without apparent consequence to normal system operation.
The Content Protection service is likely an implementation of HDCP as already suggested. I'd be willing to bet that disabling it would cause a default state in which no protected content can be played because the system cannot verify that you're not attempting to play onto a device that can make copies. That's also what I take from Intel's statement "for the proper functionality of the graphics driver, I would not recommend you remove [it]." Of course, it is possible that it would go the other way and allow all content, but I doubt it.
What I'm really curious about is the Intel Integrated Clock Controller service! God it frustrates me that they won't disclose what this does! I can say that this one was added to my system only when I installed the Intel Xtreme Tuning Platform - but disabling it has no known effect on the capabilities of the XTU platform. I can still modify CPU clock multipliers, voltages, current limits, ram settings, etc. with the service disabled. The fact that this service is usually installed with the integrated display driver leads me to believe it may manipulate that clock setting specifically but so far I've been unable to verify whether the XTU application depends on it for this because XTU is unable to modify the iGPU multiplier setting on my system with or without the ICCS service enabled. I can, however, successfully modify this setting in the BIOS. This XTU failure to apply the iGPU clock setting could be due to my iGPU driver being a modified version provided by AMD (for Enduro graphics switchability with the AMD 7970m discrete graphics card) or maybe it just can't change the setting on laptops. It does say it's intended for desktop boards, but all other settings are functional (including BCLK which BIOS fails to modify - very exciting!)
I've run my system through its paces with and without the ICCS service enabled and have detected no differences in performance or clock settings being used (with HWINFO64) but my general feeling is that its unlikely this service makes the hardware run faster - software that monitors hardware rarely does anything good for your speed. Most commonly things like this impose some form of limitations, and that fits with Intel not wanting to tell us what it does. If anyone discovers any more information on this, please share!
Until I have at least some idea of what this service is supposed to do, I'm leaving it disabled!!
Thanks jjon for the excellent question. angieandretti thanks for the reply.
I too am interested in what these services really perform on my system.
Guess I will disable them, since it is my policy to do so.
Until I have at least some idea of what this service is supposed to do, I'm leaving it disabled!!
Indeed, if Intel aren't willing to let us know exactly what they do, then it's fair for us to be suspicious and disable them if there are no noticeable consequences to doing so.
Just disable them, any services like this should be written into the main core of the driver anyway, for example like Nvidia drivers.
I agree that it is beyond dumb that they dont disclose what software they install on our pcs are doing. I done some research on the HECI service.
I found a directory (on my machine at least) C:\Program Files\Intel\iCLS Client (notice this is where the heci exe is)
iCLS is a remote Disable and Destroy Service. (http://www.symantec.com/business/support/resources/sites/BUSINESS/content/live/DOCUMENTATION/4000/DOC4975/en_US/pgpRDD_102_configguide_en.pdf)
according to the config files it is connecting to https://ias.intel.com on port 443 using pgp
I disabled it as well. The other service mentioned here is not on my machine.
Ha-ha! Orwell was sadly mistaken ... Big Bro was not communism, not Soviet Union - but the Intel.
The next time they want to scan yours SSD in search of usernames and passwords to access yours bank account and they will reassure me it's for yours own good.
A fundamental rule of life is that, if someone is deliberately evasive, it's because they're up to no good. And is clearly the case here.
HECI appears to be the OS driver for the updated DRM Intel has been incorporating into their chips discussed here:
Basically, what Intel's saying is that it works is a sort of backchannel - a private, memory-protected, encrypted channel, accessible only to certain Intel-licensed institutions i.e. Netflix, Amazon, banks, etc. This is pretty much how all Set-Top Boxes work now.
Except your typical STB doesn't store the kind of information your PC does i.e. critical and sensitive personal or business documents. Furthermore, with this new technology, there is no way for you (or your company's IT staff, information security groups, etc.) to monitor or audit all information flowing into or out of your PC or network with Intel Insider/HECI.
I mentioned Amazon not only because they provide streaming media services, but they have a history of remotely accessing people's computers and deleting files off of them. (In these cases, it affected Kindles, but Kindles essentially use the same basic mechanism for content delivery and access.)
Just as an aside, a great many content distributors have a history of remotely "turning off" bought-and-paid for content, which is effectively the same as deleting it, including Yahoo, Walmart and Microsoft. HECI/Intel Insider almost certainly allows that as well.
I've been an Intel customer since the dark ages and I find this policy of yours utterly appalling and ridiculous. Truly a shameful display. Luckily, I know how to uninstall services and block both incoming and outgoing net traffic. Whatever these services are doing, they won't be doing it on my computer.
(Off topic, speaking of shameful displays: I registered on this forum only to voice my opinion, only to find a ridiculous and scary password rule. Apparently one must limit the password length to 15 characters. Thus it is very likely that you are storing the credentials in clear text rather than in a hashed and salted form. This is a very, VERY bad practice. To anyone reading this and having an account on this forum, change your password to something random and not using anywhere else.)
OK I finnally got to register - they didn't think my password was good - LASTPASS generated it. Then they thought my screen name was obscene - I used the BOT TEST characters THEY asked me to enter.
NOW that I am here,,,,, I have been chasing a lockup problem on my NEW ASUS system for over a month.
As it stands right now it appears like it might be the SECRET HECI service S/W. It hasn't locked since I disabled it.
Way to go Intel, It was a close call to buy Intel this time. Next time it will be a different story...
Is the NSA involved? I would think it would be in Intel's best image to engage in a little transparency instead of this non-answer.
Really, if you can't tell us what it does, I can live without it and will remove it from my WES7 image.
"Enables communication with the Content Protection FW"
Nothing I will be doing needs anything from unHolywood, so I see no problems in:
sc config cphs start= disabled