November 9, 2022
Photo: Pau Barrena/Bloomberg
Hello and welcome to Protocol Enterprise! Today: after years of delays, Intel’s newest server chips have arrived (in limited configurations), Okta has a plan to solve biometric data hacking, and security pros flee to Mastodon.
After delaying high-volume production of its next generation of server chips for more than a year, Intel has unveiled the technical details of its first batch of high-performance silicon.
Intel announced two processors Wednesday: a chip based on the long-delayed Sapphire Rapids design and a version of its forthcoming Ponte Vecchio server GPUs. Both target high-performance computing and AI — and are likely the most expensive version of its forthcoming full server chip lineup.
The new high-performance processors lean on chiplets more than any prior generation, and are built on top of the company’s Intel 7 process technology, which has suffered from its own batch of issues and delays.
The Sapphire Rapids server chip delays have been legion.
The cascading delays have cost Intel dearly. The company essentially missed an entire data center sales cycle, and continued to cede more revenue and market share to Arm-based rivals and AMD.
Overspending is an issue more businesses face when managing data in the cloud. In fact, a recent Forrester study cites that 82% of data management decision-makers report forecasting and controlling costs as a data ecosystem challenge. Businesses can benefit from best practices shared by organizations who have faced these challenges head on.
Okta has developed a new capability for its passwordless authentication system aimed at countering the illegitimate use of biometric login data, a move meant to head off a potential route for malicious actors who are becoming increasingly sneaky in their phishing attempts.
"Threat actors are getting better and more sophisticated, and this is kind of a quest to make sure we stay one step ahead of them," Okta co-founder and CEO Todd McKinnon said in an exclusive interview with Protocol.
The new capability for Okta's passwordless authentication product, FastPass, is now in an early access preview, and is expected to be generally available in early 2023.
Biometric data is considered an inherently more secure method of authentication given the unique nature of each person's fingerprint or facial scan. But a series of high-profile cases of thwarted multifactor authentication, including the interception of one-time passcodes, shows that login data tied to biometrics could very well become a bigger target for phishing going forward too, according to Okta.
The company’s answer to the looming threat, McKinnon said, is "to make even the biometric authenticators more anti-phishing” by default.
The method that Okta is implementing involves binding biometric login information to a user's device so that only that device can use that information for authentication.
"What that means is if someone puts up a fake phishing site and tricks you into pushing your fingerprint into the fake page, it's no use to them," McKinnon said. "They can't use that to then log in as you."
Specifically, the new capability prevents the reuse of the login keys that are generated in response to a user’s biometric data rather than protecting the biometric data itself, according to Okta. The actual biometrics are already protected since they do not leave the user's device as part of the FastPass system, the company said.
The new capability, Advanced Phishing Resistance for FastPass, comes amid research showing that identity-based attacks are now the largest source of breaches by far. The capability was announced among several Okta product updates Wednesday in connection with the company's Oktane conference.— Kyle Alspach (email | twitter)
If you're a heavy partaker in "InfoSec Twitter," where cybersecurity pros go to share information and commiserate, you might've noticed something different this week. One of the community's most prolific tweeters hasn't been there.
Researcher Kevin Beaumont has been over on Mastodon, or more specifically, on the platform’s infosec.exchange instance. On Saturday, the last day that Beaumont tweeted, he told his over 150,000 Twitter followers that he'd be un-installing Twitter and just using Mastodon for the week. "I am not planning to migrate yet," he tweeted at the time. "But my lifejacket is on." Over on Mastodon, Beaumont has been keeping his usual steady tempo of tweeting (sorry, "tooting"), which included disclosing the name and several details on a zero day Windows vulnerability, "ZippyReads."
While not all of the well-known figures from InfoSec Twitter have been doing much, if anything, on Mastodon, quite a few have been. Overall, infosec.exchange — which only had 180 active users until a few days ago, administrator Jerry Bell told Wired — now has 13,500 active users. And they've been pretty active, too: the instance is now up to 170,000 posts in total. The discussions have undeniably gotten more substantive after the arrival of the InfoSec Twitter crowd, Bell told Wired. A handful of other security-focused instances have sprung up as well.
Will it last, or will everyone be back on Twitter next week? Will the obvious constraints of the Mastodon platform, and the many differences from Twitter, turn too many people off? And most importantly, who really wants to say "toot"? Other than on the last question, where the answer is "nobody," who knows. It's also not clear how many Twitter communities would translate this easily to Mastodon.
But as far as suddenly buzzy social media apps go, Mastodon seems off to a pretty strong start, at least for an already vibrant online community like InfoSec.— Kyle Alspach (email | twitter)
IBM acknowledged speaking with U.S. government officials about possible export controls on quantum computing, confirming a Protocol Enterprise report from earlier this month that such an effort was underway.
TSMC will soon announce plans to build a second chipmaking plant in Arizona alongside an existing facility, according to The Wall Street Journal.
Through its cloud and data journey, Capital One also built its own tools to solve for gaps in the market, and key among them? Capital One Slingshot, a new product from Capital One Software that helps organizations manage Snowflake data costs with alerts, recommendations and performance dashboards.
Thanks for reading — see you tomorrow!