[107711] in Cypherpunks
Re: CDR: Re: Adieu Privacy: Intel identifiziert Chips
daemon@ATHENA.MIT.EDU (Sunder)
Thu Jan 21 17:22:49 1999
Date: Thu, 21 Jan 1999 14:11:35 -0500
From: Sunder <sunder@brainlink.com>
To: cypherpunks@einstein.ssz.com
Reply-To: Sunder <sunder@brainlink.com>
> The plan calls for Intel to put a machine-specific ID and a
> random number generator in every processor, said sources
> familiar with the plans.
>
> The random-number generator will aid e-commerce by
> allowing PCs to encrypt data more securely, while the ID
> numbers will allow merchants to verify a user's identity and prevent
> stolen PCs from getting on the Internet.
The HRNG >might< be useful in that now we can get a source of true random
numbers, but there's a big IF attached. It is questionable that this HRNG
will produce true random numbers and unknown whether or not there are
patterns. I suppose whitening the output of this and also using the system
process table, mouse position, and system time, trough something like BBS
would do the trick.
As for serial numbers: this is a truly old scheme. Back when Apple introduced
the Lisa, included was a serial number ROM hidden as a Video State ROM. This
was a serial one bit ROM that held several bytes. When you installed
software, it would key itself to this serial number and would not run on
another system. Of course someone figgured out the scheme as to how the apps
were "Serializing" themselves and got around it.
The same was true of GEOS for the C64 which was a GUI for that machine, only
this thing randomly selected a 16 bit serial number the first time you
installed it. Since this serial number was in software, it was easy to overwrite.
In terms of this thing, it's quite likely that once it takes hold, we'll see
software key itself to this serial number and refuse to run without it. But
what Intel doesn't answer in this is how the hell is someone supposed to
upgrade their system? Right now, P2 cards are easily upgraded to faster ones.
You can simply plug in a new CPU. When you'll do this with the newer
systems, none of your software will work, and you'll have to reinstall all of
it, likely the OS as well!
> For those users who want to remain private, Intel will provide a software
> patch to turn off the function. This sort of scheme --
> which is referred to as "opt out" because consumers have to opt out of
> participating -- mimics the current state of the industry.
Right, and I'm sure that there will be a software patch in all commercial
software to turn this feature back on so as to get the serial number to key
itself to.
> "Intel says they're not keeping a database matching users to their ID
> numbers," said Steinhardt, "but the temptation down the road for someone
> to keep a database will, most likely, be too great. It will happen."
Of course it will happen! The same way that at some point >IF< key escrow
were in place someone somewhere would be paid enough money to steal the
database!
And when you do upgrade your old P3 card and give someone else your old P3
card they can become you when online, and they can become you in terms of
registered software, and of course their already installed software won't run.
I suppose this may also will kill the used CPU market. Does Intel fear the
sale of old CPU's?
That's ok, Intel can go fuck themselves until they're blue in the face. I'm
not going to buy another Intel box again. If I need to run a Redmond OS, I'll
run NT on my Alpha AXP. If I really have no choice, I'll be sure to get a
clone chip from AMD or from Cyrix >WITHOUT< a serial number.
Otherwise I'll stick to SPARC's, AXP's, and G3's (which all are faster) and
will likely run OpenBSD or another free OS if not Solaris and MacOS X.
