Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: Another view on Pentium III serial number not really off by default

From: Dave Farber <farber () cis upenn edu>
Date: Mon, 01 Feb 1999 10:13:46 -0500


Date: Mon, 01 Feb 1999 10:03:34 -0500
From: "Peter Schamerhorn" <peters () COREL CA>
To: farber () cis upenn edu

Hi Dave,

I just had to stick my nose in this one ....  What are all these whiners and 
complainers doing with their time when they aren't worrying about Big 
Brother, and the government looking at their email, and tracking their lives 
in minutae(sic).  Having had to do some hardware design myself, I would 
welcome a micro with a serial number built in.  I also suspect the corporate 
world would also welcome with open arms this new tool for asset tracking.  
Perhaps these people would like ALL serial numbers removed... from their 
cars (Big Brother is tracking their automotive preferences after all), to 
their VCRs and TVs (maybe secret messages are being sent from your VCR every 
time you pop a movie... so they can tell who's a Commie and who isn't...).

Of course, like any hardware system, the only things exposed to the outside 
world, are what your software allows to be exposed.  They should not be 
harassing Intel, for trying to include a useful tool in their products, but 
instead should be focusing on the software and OS vendors that may take 
unfair advantage of it.

As far as the benefits of authentication to eCommerce, if people are so 
worried about keeping their identity secret... but still want the benefits 
and priveleges of eCommerce, a system could be easily devised working on a 
two part key system... one part that is sofware generated, and one part 
derived from the processor serial number.  That way you can positively ID 
who you are... but if you want to 'disappear', you just change the software 
part of your key!

Peter Schamerhorn

'"'It matters not how strait the gate,
how filled with punishment the scroll.
I am the master of my fate,
I am the captain of my soul."
                        - Henley Invictus


Dave Farber <farber () cis upenn edu> 30-Jan-99 6:50:43 PM >>>

Date: Sat, 30 Jan 1999 13:05:53 -0700
To: farber () cis upenn edu 
From: Brett Glass <brett () lariat org>

I've just posted an article, in the form of a FAQ, on the Pentium III
serial number issue at

http://www.zdnet.com/zdhelp/static/p3/p3_1.html 

Perhaps the most interesting point dicussed in the FAQ is that, despite
recent claims in the trade press, the serial number "feature" is really NOT
off by default. Rather, Intel says it intends to distribute a program that
turns it off, but the hardware itself still defaults to "on." There are
serious problems with this from a security standpoint; see Section 3 of the
FAQ for more.

--Brett Glass
Previous By Date Next
Previous By Thread Next

Current thread: