Slashdot Mirror

← Back to Stories (view on slashdot.org)

No More Internet Anonymity

Posted by samzenpus on from the the-computer-knows dept.

inkhaton writes "This Article tells of an Orwellian chip that, once installed in your computer (and not by your choice), will allow any website you visit to "read" your identity. The article goes on to describe how many benefits there are for using this to facilitate online business and even suggests some negative points. It ends with "Ultimately the TPM itself isn't inherently evil or good. It will depend entirely on how it's used, and in that sphere, market and political forces will be more important than technology." ... ugh. Well we all know what that means."

7 of 740 comments (clear)

  1. Pansy article by alex_guy_CA · · Score: 3, Interesting
    How blandly can someone describe something evil? Well, lets see!

    I'm so mad I can't type. The idea that something can be put into a tool that I buy weather I want it or not, and then we will see if my privacy invasion is good or evil latter makes me want to throttle someone.

    The tone of the article gives me a good idea of who to start with.

    --
    San Francisco Photographers
  2. This only works if hackers play by the rules by artemis67 · · Score: 5, Interesting

    Of course, all a hacker needs to do is keep an older model x86 or PPC system around. Obsolete computers are a dime a dozen, and you can keep them running for decades.

    And we are moving closer and closer to disposable PC's, anyway. In less than ten years, I predict that brand new, complete systems will be selling for less than $50. Got my computer's ID? So what, I throw away my computer every month!

    1. Re:This only works if hackers play by the rules by Skreems · · Score: 5, Interesting

      You could basically even do this today. Most pieces of your system will not be labeled. Presumably it's just the CPU and/or Motherboard that have this ID crap in them. If it's just the motherboard, you can swap that out for $70 every couple months, and anything but top-shelf CPUs aren't that much more expensive.

      The truly ridiculous thing about this is, it doesn't even put a dent in the cybercrime it's supposed to prevent. If you can get your system without giving up your identity (steal it or buy it through someone who "loses" records), and don't report your identity truthfully to anybody while using it, you're still just as anonymous as now. And if they come to get you, you just have to thermite one specific spot on the mainboard as well as the hard drive like you would today. Bam, all evidence gone. And until that day, you're free to molest six year olds and use stolen credit cards to your heart's content.

      There are so many easier ways of preventing these problems than to try to force an ID on everybody. Make one-time disposable credit card numbers a mandatory feature. Consumers will use it because it saves them the hassle of cleaning their credit report after fraud. Hey, look! We can cut down on fraud by creating MORE anonymity, rather than less. Or how about the banks making websites that enforce strong password standards? How about ANYthing except a system that's even MORE transparent to the end user, and thus easier to crack?

      --
      Slashdot needs a "-1, Wrong" moderation option.
      The Urban Hippie
  3. ... and look how well that turned out! by ragingmime · · Score: 4, Interesting

    Intel quickly made the serial number disabled by default, and few web sites ever started using it. If people *really* have issues with such a system, they won't use it, and they won't buy products that require it. If they don't buy it, companies won't sell it. If it's an issue, media attention can get people to vote with their dollars and keep it from being a standard. The only thing that worries me, though, is the Microsoft comment. If somehow Windows requires this system, it'll become a de facto standard. But MS has tread pretty carefully so far - e.g., restrictions on how often you can activate a copy of Windows are pretty lenient. But we'll see if that holds. Even still, though, MS won't want to make consumers buy new PC's or accept something they don't like in order to buy the new Windows for fear of losing business. So it comes down to whether people really oppose this or not.

    --
    I produce electronic music and write little games. Have a look.
  4. Routing Around the Damage? by femto · · Score: 4, Interesting
    So, does the TPM constitute damage, and will the Internet route around it?

    My vote is yes. The Internet will route around it by gradually dividing from what is currently called the Internet. Most people will use what used to be the Internet, and will consider it to still be the Internet. A minority of tech savvy people will be running on an alternative network, and will consider their network to be the Internet.

    There will be one way links between the Internet and the former Internet (new can suck data from old, but not the other way around). The new Internet will be under the radar, but will be a hotbed of technical innovation. In time the new Internet will appear on the radar, as the majority hear of it and decide that they want to be able to do all the neat things Internetters can do as well. The majority join the Internet. The Internet gets 'tamed' as large companies join it. The Internet routes around the damage by breaking away over time. The cycle repeats...

  5. AMD64 cpu UUID? by cortana · · Score: 4, Interesting

    I was poking around on my new AMD64 machine the other day, and I ran dmidecode. Can anyone explain this?

    • Handle 0x0001
      • DMI type 1, 25 bytes.
      • System Information
        • Manufacturer: System manufacturer
        • Product Name: System Product Name
        • Version: System Version
        • Serial Number: System Serial Number
        • UUID: EC491BB3-BE1F-DA11-B1EB-7B871839F7B3
        • Wake-up Type: PCI PME#
  6. Re:Real Identity? by kamondelious · · Score: 4, Interesting

    Or perhaps all the 1337 h4x0rz will just do what they already do, sniff the traffic, steal some ID's and used them. Why does it matter if this is a TPM or your username and password?

    SSL is pretty secure method for doing web-transactions. It's not perfect, but a TPM isn't going to make things any better. You can still hack around SSL if know how to use google effectively for research.

    Once you know the method for how the server shakes hands with the TPM you can usually spoof it. Not to mention this would be a publicly available process so that all the webmonkeys of the world would know how to build a "secure" site with it. Even if it wasn't readily available to the public, it'd still be like trying to movie or software piracy. Where there's a will there's a way.

    And what this guy said too :
    http://yro.slashdot.org/comments.pl?sid=171227&thr eshold=1&commentsort=0&tid=95&mode=thread&cid=1426 1329