Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel To Drop CPU ID Number

Posted by ryuzaki0 on from the pats-on-the-back dept.

slashdoter writes: "Looks like Intel is giving up the ID number thing on the CPU. They will still have it on the PIII but the Willamette will be like the older PII. " Guess the boycott over the fiasco is at an end. Cool that Intel listens to consumers.

37 of 146 comments (clear)

  1. Cool! by tie_guy_matt · · Score: 2

    We can now continue to download porno and mp3's w/o being tracked! All hail the internet!

  2. Really gone or still there but "secret". Beware! by Anonymous Coward · · Score: 2

    Ya know what, I don't believe Intel for a second. I think the CPU ID will still be there. They've just declared it gone for PR reasons. Someone will discover it way down the line and ther'll be a big stink about it. Anyone want to wager against me on this one?

  3. I am not a number... by Anonymous Coward · · Score: 5

    I am a free CPU

  4. Re:Was the boycott really that effective or was it by kwsNI · · Score: 2
    Actually, I think it was a combination of many things.

    They got lots o' negative publicity over this. Because of this, there wasn't nearly as many online sites that chose to use the technology (I can only think of Intel's Web Outfitters). Then they were faced with the question of what good is a technology that nobody adopts or uses?

    Basically, I think they had an idea (not a great one but it made a little sense) and they completely marketed it wrong. When it blew up in their face, I think they finally decided that it wasn't worth it and dropped it.

    kwsNI

  5. No prob. There's still eth MAC ID, Modem serial#. by Anonymous Coward · · Score: 2
    Why are people so freaked about the CPU ID, yet not worried about:

    (1) The unique MAC address on their ethernet card.
    (2) The serial number in their modem ROM (See the ATIx series of commands)
    (3) The unique serial number embedded in their BIOS ROM.

    Any of these can uniquely identify YOUR pc to the net.

  6. A couple of things... by DeepDarkSky · · Score: 3
    How was the serial number accessed? I mean, if it was documented, then you'd know it's there. What if it wasn't documented? What if they keep it in there and just not say anything about it? Since CPUs and hardware in general are not exactly "open source", there's nothing to prevent them from putting it in and not have anybody ever know about it, right? Not that Intel would do that, because if anybody ever find out, it'd be PR disaster. Right?

    The other thing is, why not just create two versions of the chip? For home users, we can get the version of the chip that does not have the serial number, and for those that want/need the serial number feature, they can create a version that has it. Better yet, make it a separate module that can be added to the CPU, so that while each CPU has a serial number, it cannot be accessed unless this module is added. If corporate/government users want this feature, I don't see why they shouldn't have it. For personal use, I'd say we have to have at least a choice or it should not be there at all.

    1. Re:A couple of things... by Steve+B · · Score: 2
      The other thing is, why not just create two versions of the chip? For home users, we can get the version of the chip that does not have the serial number, and for those that want/need the serial number feature, they can create a version that has it.

      All they would need to do is burn some of the batches with identical serial numbers (all zeros or something) for the former market. Hell, they could probably charge the PHBs extra for the serial number feature in the latter market.
      /.

      --
      /. If the government wants us to respect the law, it should set a better example.
  7. Re:MAC = Processor ID by um...+Lucas · · Score: 3

    As far as I know, Microsoft was embedding the MAC Address in documents created by their products... Which is how the guy that wrote the Melissa virus was caught. Not that that's a good thing!

    In a completely separate incedent, it was found that the Windows Registration Wizard was sending all the data about your configuration back to Microsoft, regardless as to whether or not a user said it was okay when they were presented with a dialog asking permission.

    Two completely separate incidents, which took place a while back... After the fallout, Microsoft released 2 utilities... One that would replace the standard Windows registration wizard with an :improved: one that actually obeyed your commands, and another that removed the embedded hardware info in Office docuents.

  8. Serial numbers by Signal+11 · · Score: 3
    Yes, horray for intel. Now, what about color printers embedding hidden codes? Or your ISP selling your browsing habits? What about doubleclick consolidating cookies with real world users? Why does the NY Times require me to sign in? Or for that matter, dozens of other websites? Where is the outrage over the HTTP standard being encoded to tell the next website you visit where you came from (and what you were searching for if you used a search engine like altavista, google, any "directory-like" service like yahoo, etc)?

    Yes, a wonderful victory for consumers. But what about going after the root of the problem - marketing and insufficient legal protections?

    1. Re:Serial numbers by Kaa · · Score: 3

      Now, what about color printers embedding hidden codes?

      Wasn't it color copiers? Consumer-level ink-jet doesn't really have enough resolution for all the dirty tricks.

      Or your ISP selling your browsing habits?

      I am unaware of any. I think that anytime an ISP tries to market the 'net access logs, a huge outcry will result.

      What about doubleclick consolidating cookies with real world users?

      What about it? They own the data, they can cross-reference it all they want. The problem is not doubleclick, the problem is ownership (or lack thereof) of personal information.

      Why does the NY Times require me to sign in? Or for that matter, dozens of other websites?

      Doh! Cause it's their site. They are under no obligation to let anybody in. You don't like it, don't go there. Or are you arguing for the younger RMS habits (who, as the story goes, went around the network forcing all the users' passwords to be the same -- on the Thou Shall Not Hide Any Information principle)?

      Where is the outrage over the HTTP standard being encoded to tell the next website you visit where you came from

      And why the outrage? This doesn't look like a huge threat to privacy. There are a lot of more important things.

      But what about going after the root of the problem - marketing and insufficient legal protections?

      I wonder what you propose to do about marketing -- outlaw it, maybe?

      And insufficient legal protections for what? Privacy? That's a good thing, but has to be done carefully and precisely. I myself favor introducing property rights over personal information: you have unalienable (can't sell it) copyright to your own personal info. Anybody who collects such info automatically gets a license to use it, but not to transfer it (otherwise you couldn't e.g. take pictures of people in the streets or log IP traffic).

      Kaa

      --

      Kaa
      Kaa's Law: In any sufficiently large group of people most are idiots.
  9. What the hell! by randombit · · Score: 2

    This is truly a day to remember. Why? Not because Intel stopped a controversial practice in the fact of intense grassroots opposition. Because Intel is actually removing a feature from one of it's chips! That brings the number of instructions down to... letsee... 7,045. Basically a RISC machine, right?

  10. The Id Number was a good idea gone bad by The+Infamous+TommyD · · Score: 5

    I have this straight from one of Intel's senior researchers. The original concept was that the CPU ID would be used for tracking assets in an organization. Inventory type stuff. This was actually asked for by major IT departments.

    Then: The marketing dept. got hold of the ID number and started asking around about what it could be used for and someone said oooh, e-commerce! It was then that things got out of control and everyone got onto Intel for tracking them, etc.

    The sad thing is that you don't need a CPU id if you allow your adversary to execute arbitrary code on your machine.(which you would have to do to allow someone to read your ID #) I mean a nice unique ID number is available by running /sbin/ifconfig

    1. Re:The Id Number was a good idea gone bad by friedo · · Score: 2

      Ethernet MAC addresses are all unique - each vendor gets assigned a series of numbers to use. It's six bytes long, so there's plenty of address space.

    2. Re:The Id Number was a good idea gone bad by technos · · Score: 2

      I belive that it was asked for. Dell did something similar on their PII 'business' machines; Add a interrogatable checksum to the mobo that could be used to validate a given hardware configuration. If the machine shipped with a Rage/128M/8G/PII-350, the checksum was set accordingly. You can reset the checksum with a password, and interrogate it in any number of ways. (BIOS, software over a network, dos debug) Unfortunatly, I've only ever seen it used to figure out which machines shipped with 128M and which ones Dell decided to short us on.

      --
      .sig: Now legally binding!
  11. removed? by coreman · · Score: 5

    or just reimplemented in an undocumented way?

    Even paranoids have enemies

  12. Re:No prob. There's still eth MAC ID, Modem serial by turg · · Score: 2

    How does buying used make a difference? It's not like your name was associated with the CPU ID from the start -- it becomes associated by what you do with it. The main problem is that these ID's can leave a trail, not that they might reveal your name. Once somebody has decided to snoop on you, the trail can be found. This could potentially be like someone going through your files (i.e. depending on what you use the net for, they could find some of the same info they would on receipts and invoices, etc.)

    ========

    --
    <sig>Guvf vf abg n frperg zrffntr
  13. Instant Wiretap - Worse than the CPU ID by Anonymous Coward · · Score: 2
    The CPU ID is nothing. What is REALLY frightening is the combination of the new crypto system on Intel's next generation of CPU's.

    That, along with an ethernet port on the motherboard, means that someone can wiretap your system if they set things up right.

    Mostly likely all it takes is some programming of the PAL or SAL API.

    You might pooh-pooh this; but consider the implications. It means that if it hasn't been exploited yet by the CIA/NSA, then there is someone who ought to be held up for treason.

    Consider that this is the best opportunity for the U.S. Government to have extremely considerable influence over the entire world's computer infrastructure - at will.

    If someone in the NSA/CIA hasn't worked with Intel to put wiretapping into the Itanium, this is an extremely serious oversight. It's hard to think of a better opportunity to expand U.S. dominance.

    Of course, if the Chinese have penetrated Intel's security, or the Israel's, well, hey, we're screwed. :)

    The Intel boycott is still on.

  14. Why? by ryanr · · Score: 2

    Did they do it because of pressure, or because a unique feature in each CPU adds significantly to the cost, and they need to compete with AMD?

    1. Re:Why? by gorilla · · Score: 2
      It can't cost that much to add a serial number to a chip.

      An iButton, with no special features, so it's just a serial number chip, costs about $1 each in quantity. That probably indicates that it costs only a few cents to serial numberize a chip.

  15. IPv6 and big brother... by MosesJones · · Score: 2

    Humpf... With the advent of IPv6 and its super duper security model we can all look forward to big brother knowing where we are... but at least we can encrypt the packets.

    --
    An Eye for an Eye will make the whole world blind - Gandhi
  16. Re:MAC addresses are NOT unique OR permanent by swordgeek · · Score: 2

    MAC addresses, AS ASSIGNED, definitely are unique. Changing them without a very good reason (and there aren't many very good reasons!) is a Bad Thing. Furthermore, some cards actually have the address burned into them, meaning that ifconfig doesn't do a damned bit of good.

    Those comments aside, you're right. You can change your MAC address. Furthermore, if you have stuff to do that you don't want traced, you can just unplug the ethernet cable and use that old 56k modem! (or alternatively, get a few extra ethernet cards)

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
  17. Finally by roman_mir · · Score: 3

    Remember, the day when you found out about Intel PSN? It was devastating. I remember going to their newsgroups and publishing questions
    -1 -, -2 -, -3 - maybe those were not very well articulated questions but, jeez, couldn't they try to answer?
    The only responses from Intel rep's that me and other hundreds of people received was to move our questions away from Intel's newsgroup into other newsgroups.
    They specifically did not like questions that mentioned overclocking their CPU's, even though they overclock their own CPU's all the time and sell them at higher prices (PII, PIII same core; Pentium 166 was an overclocked Pentium 150 - but only intel is allowed to do this.)

    I am happy that AMD did not catch this desease of marking their processors with PINs, it would be a worse blow yet.

    Now at least, I can go back the Intel's newsgroups and say: "told you so, suckers!"

    --
    You can't handle the truth.
    1. Re:Finally by rcw-work · · Score: 2
      Pentium 166 was an overclocked Pentium 150

      Nonsense - the P150 was an underclocked P166. Just like the P166MMX and P200MMX was an underclocked P233MMX (which in turn was an underclocked P266MMX, which they never released because it would interfere with PII sales), just like the PII 300-400 was an underclocked 450, the Celeron 366 through 466s were underclocked 500's, etc etc etc.

      Saying the P166 was an overclocked P150 would be saying that all P166's wouldn't necessarily run at 166.666mhz - excluding defective chips, this was most certainly not the case.

  18. the last thing they needed in the first place... by LocalYokel · · Score: 4
    Intel really needs to get their ass in gear on several much more important things:
    • Provide a chipset that makes Rambus even halfway worthwhile.
    • Differentiate their CPUs by price and performance (L2 cache variances are not enough)
    • Release a 1GHz processor to the retail market
    • Show support for PC133 and DDR SDRAM
    • Prove that the Pentium III processor really does make the Internet more fun


    --
    --

    --
    E2 IN2 IE?

  19. CPU ID dead from no MS support by RayChuang · · Score: 4

    Folks,

    I think the CPU ID idea used on the Pentium III CPU died real quickly because Microsoft never really supported the idea in Windows 98, Windows 98 Second Edition and Windows 2000. Given that's 85% of the operating system market, when Microsoft doesn't support the CPU ID#, nobody else is going to support it.

    --
    Raymond in Mountain View, CA
  20. Who do you trust? by Jouni · · Score: 3
    Hard drives can be used for fairly good identity tracking as they are assigned a 'quite' unique ID number when they are low level formatted. This is a method used by some multi-player online games to ban cheaters from their realms. Obviously this is "easily" circumvented by a hacker by re-formatting the hard disk, re-installing all system software and finally the application for the online connection/game. I was fairly amused by the vision of this kid reformatting his system every time he was caught cheating.

    But that's all still really besides the point. :)

    Digital identity in the right hands can give you the kind of freedom you've never imagined possible. Fully authorized digital identity or certificate in the hands of a third party you trust can be used to arbitrate your business and thus shield you from the more tiring elements of free capitalism such as direct mail marketing. Other elements of your identity, like all contact information, in the right hands can give you powerful roaming freedom, and in the wrong hands an endless nightmare of commercial bombardment.

    In the Real World, we leave this sort of trust to the government, the community and society that we are a part of. We have enough trust in our own community to allow them to do things like keeping an elaborate registry on everyone; where they live, where they work and how much they earn. Our identity can be verified at every door and most financial transactions. We have a common agreement that this information will not be abused, and a legal system to enforce it where violations may occur.

    Now, since the virtual world does not possess this kind of global authority, the need for verification and identification of an individual has driven us to temporary choices like ID numbers on processors. Quite laughable, actually, both the concept of associating a machine with a person and the worry of someone tracking these cyptic numbers over the Wild, Wild Web. Laughable, maybe, but hitting frighteningly close to home. A piece of our identity in the hands of someone we do not trust to treat us justly.

    This will continue to be an issue when we learn to flash the badge of our strong digital identify in the online world. Who will you really let know who you really are? What will they do with this information, where will it be stored?

    In God we trust, and God is dead. Now who will hold your number?


    --
    Jouni Mannonen
    3D Evangelist

    --
    Jouni Mannonen | Game Designer, Consultant
  21. And what about... by guran · · Score: 2
    Did you know that your face is easily recognizable when you are walking down the "public" street, or even through the window of your own "private" home?
    Did you know that your car has a unique licence no?
    Did you know that your DNA or evven crude fingerprints are tracable to you?
    Did you know that you are levaving fingerprints and DNA traces everywhere you go?
    And even your "anonymous" snail mail might be traced to where it was posted.

    Let's all cover our faces, always use gloves, never use any product with serial no, communicate through secret spy style boxes. Then we might at last enjoy the privacy wich we have the right to...

    --

    All opinions are my own - until criticized

  22. Re:No prob. There's still eth MAC ID, Modem serial by ethereal · · Score: 2

    How will these get traced back to me?

    (1) The unique MAC address on their ethernet card.

    But this only identifies my card to other machines on the local network (on the same wire). Packets coming to me from the Internet just contain my IP address, which in my case is dynamic (although it doesn't seem to change day-to-day very often). Some cards allow you to change their MAC, if you're paranoid or running IPV6 (which is supposed to include the MAC in your IP address).

    (2) The serial number in their modem ROM (See the ATIx series of commands)

    Sorry, I don't have a modem so I can't comment. If you are dialed up, can the remote machine command your modem to return the serial number? I'm not familiar with the issue here.

    (3) The unique serial number embedded in their BIOS ROM.

    How, pray tell, are you going to get this from across the Internet? This is more-or-less equivalent to the PIII CPU ID - somehow software has to get this ID number off of your machine and send it out. As long as you run an OS that you trust not to do that, and there are no hidden hardware interfaces that can pass the ID directly from CPU or BIOS to the network card or modem, then you're safe even if you have a unique ID on your machine.

    --

    Your right to not believe: Americans United for Separation of Church and

  23. Re:MAC addresses are NOT unique OR permanent by swordgeek · · Score: 2

    Wrong, wrong, wrong, wrong, wrong. The drivers themselves do it. Think about it. You need a driver to be able to query the card to find it's address. But if you tell the driver to instead return some other value instead of quering the card, how can you (or a user-space application) tell the difference? So ifconfig tells the driver to return the value you give it instead of the actual value. How do I know that this is the case? If you reboot, the address returns to it's former (permanent) value. You never touch the hardware.

    Yikes! I stand corrected, although this strikes me as a Bad Way of doing things. I admit that I wasn't speaking from linux experience here, but HP-UX, which actually polls the card for an address when requested. On some of their cards, it can be changed in hardware (and thus is entirely stable across reboots), and on the others can't be changed at all (showing that they don't set it in software).

    Hmmmm....

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
  24. Re:dummies, MAC address is already unique by poopie · · Score: 2

    Why not use MAC address for inventory tracking uniqueness like the rest of the world?

  25. I liked the serial number by Animats · · Score: 4
    The CPU serial number was a good idea, ruined by stupid marketing statements and unwarranted activist enthusiasm. Sun has had CPU serial numbers for over 15 years, and nobody is bothered by that.

    CPU serial numbers are useful mostly for networking, inventory control, and copy protection. If you've had to deal with dongles, or FLEXLM, the License Manager from Hell, CPU serial numbers look like a big improvement. Dongles are notorious for having problems when you have more than one. They usually plug into the printer port (although USB dongles are appearing) and try, not too successfully, to be transparent. On my system, if the printer runs out of paper, the dongle can't respond to the license manager, and the licensed software stops running.

    1. Re:I liked the serial number by rcw-work · · Score: 2
      At least the P3 serial number isn't backed up via a lithium battery that dies after five years causing your Sun to lose its ethernet address :)

      Then again, you could actually use a dremel tool to drill into the RTC chip to solder in wires for a new external battery - I'd hate to attempt this to anything in a slot1 cartridge.

  26. There's a difference... by Millennium · · Score: 3

    You're right. In the physical world, we do have these elaborate "registries" as you call them. But there's a difference between that and strong digital identity. With physical identity, we can always choose not to "flash the badge." With digital identity, you can't do that because you have no control whatsoever over what of your identity people see (you don't have much control in the physical world either, but you can still take precautions to completely hide your identity).

    Now, if this "identity" could be stored on my machine and only my machine, and I could at my own discretion choose to hide it or not, that would be one thing. Perhaps CPU ID's would make a starting point, though MAC addresses would be better (they're cross-platform). But that's not how it works now, and businesses will never allow that (since then they have no control, and in business it's all about who controls what).

    By the way, I notice people here saying MAC addresses are totally private. Not strictly true. Every Ethernet packet you send out is tagged with both your MAC and the MAC of the machine you're sending to; it's part of the Ethernet protocol. Now, these are both stripped out as soon as the packet passes through a non-Ethernet device (cable modem, DSL modem, T1, etc). But as long as there's only Ethernet between you and The Bad Guy (tm), he can still track that part of where you're going. Guess it's a Good Thing that the Net isn't Ethernet-only...

  27. Re:Heh. I don't believe that one! by Sun+Tzu · · Score: 2

    Since MAC addresses can be used instead, and since virtually all corporate PC's have them, this excuse is for a redundant id code. (This argument is weakened slightly by the fact that you might replace your network card, thereby changing the MAC address.)

    And, of course, it's use for tracking people remotely would require the "victim" to execute code to identify himself.

    No, the real use of such code would have to be for copy protection schemes. Mainframe users have long lived with programs that are installed with a key specific to a particular machine's CPU ID. Software I have installed on a Sun 10000 attempted to do the same thing -- but using a network adapter's MAC address -- but became terribly confused when I added a fifth or sixth adapter. The boneheaded scheme then disabled our *backup* software.

    A universal CPU ID would be a copy-protection/software licensing dream come true.

    --
    Geeky modern art T-shirts
  28. Real reason behind Intel serial numbers by fydfyd · · Score: 2
    I've come late to the discussion, but it seems that there is a much more pragmatic explanation to the existence of a CPU ID register.

    I believe that Intel begin putting CPU IDs in when (literal) highway robbery of processors was running rampant. It was noted at the time that gram for gram these things were more valuable than gold and less contraband than cocaine. When a greymarket vendor starts selling Intel CPUs real cheap it really helps the constables to be able to track them back to a "vanished" shipment. Thus, Intel would have added serial numbers for the much more mundane purpose of protecting their own shipments. Dell has now begun shipping "stealh" boxes that don't say DELL all over them (translation: steal me, I'm a computer) for much the same reason that my daughter just received a non-descript shipment from "TRU" which contained a gift from a well know national toy vendor.

    As people have noted, the export of the CPU ID might make enterprise asset tracking easier, but I think the more parsimonious explanation fits better. Of course I could research the relevant history, but it's much more fun to pull it out of memory.

  29. Re:CPU ID only one UID on every machine... by rcw-work · · Score: 2
    The serial number of your hard drive. Very easy to get to. Not guaranteed unique, can be changed, but most are not.

    I hope you're not thinking of this:

    C:\>dir
    Volume in drive C has no label.
    Volume Serial Number is E0F1-8483

    Because that E0F1-8483 is just a fancy timestamp written by DOS's format command.

    I believe the stuff in /proc/ide/ide*/hd*/identify is actually hardware information and is AFAIK unique.

  30. The possibility is (almost) irrelevant by guran · · Score: 2
    Tracking peoples affairs has been possible for a long time. Todays tecnology only makes it cheaper. Does it reallly matter so much wether I'm spied at by a camera or by my nosy neighbour (or by a guy in a black trench coat)?

    If we want privacy we need laws (aka rights). Too much "privacy intrusive" information has fully legit use. Or do you really believe in privacy through obscurity?

    --

    All opinions are my own - until criticized