[109145] in Cypherpunks
Re: [ZKS Press Release] FAILURE OF PENTIUM III UTILITY Exposed by
daemon@ATHENA.MIT.EDU (Greg Broiles)
Thu Mar 11 19:06:27 1999
Date: Thu, 11 Mar 1999 15:34:02 -0800 (PST)
From: Greg Broiles <gbroiles@netbox.com>
To: Mark Hahn <MHahn@tcbtech.com>
cc: cypherpunks@cyberpass.net
In-Reply-To: <4.1.19990311091607.00abe250@mail.aosi.com>
Reply-To: Greg Broiles <gbroiles@netbox.com>
On Thu, 11 Mar 1999, Mark Hahn wrote:
> >Zero-Knowledge Systems programmer Mario Contestabile designed a
> >small ActiveX program that bypasses Intel's Pentium Serial Number
> >(PSN) Control Utility. ...
>
> Of course, you could choose not to run executables from suspect sources, like
> say, ActiveX programs.
>
> The security issue here is with Microsoft, not Intel.
You would be correct, but for Intel's assertion that they had software -
or that software could be written - which would address the privacy
concerns raised by the surveillance features of the PIII hardware. Intel
was wrong to make that claim, as your discussion of OS insecurity
illustrates. Intel should solve its privacy problem(s) with hardware, not
software, because software cannot be trusted.
--
Greg Broiles
gbroiles@netbox.com
