Slashdot Mirror
Intel to embed ID numbers in chips?
DaBuzz wrote in to send
us one for the conspiracy nuts out there. Apparently Intel is
gonna be embedding IDs
in future processors so that we they can be tracked. This probably gives
the paranoid something a bit more worrisome to be
concerned about.
They said there's the option to disable the ID, so at least you can "opt-out" (as they went into detail about)
I'm going to boycott any software company that ever requires me to disclose the ID to them, or refuses to run if I disable it. This won't be a problem for my Linux half I'm sure, but being primarily a gamer, I need to boot 'doze now and then.
(assuming my next chip will be an Intel.. if the PPC crowd gets their act together, (*ahem* ego trip anyone?) I may run LinuxPPC as my next box)
Why wasn't there any good mention of the technology behind this? Doh. I'm a little curious as to how you will be immediately detected running a stolen PC when you go on the Internet. Wouldn't you have to broadcast your chip ID?
The onther thing peoples here haven't mentionned is the random-number generator. That single piece of hardware WILL increase internet security. A lot of the problem with strong encryptions is getting a strong key. And an hardware random-number genrator is much better the most softwares one. And better then any fast software generators.
Saruman
my 2 cents
But I heard that this or some other mechanism
is supposed to be used to stop piracy. The number of the CPU is supposed to match the software
you ordered or some such nonsense. If the
numbers don't match software (OS?) does not
work. Anybody else hear about this?
plan on not upgrading to anything Intel anytime
soon. Guess my 2 celeron 333 will have to do.
AMD here I come? You know after I think about
it. I could probably do with only email and my
333's are plenty fast for web browsing.
If this is just an extention to the CPUID instruction to get the chip's serial number which can only run in ring-0 then I don't see what the problem is.
'nuff said.
I'm not normally a conspiracy nut, but view this in the light of Microsoft's new software "leasing" plans. Giving software the ability to identify the processor it's running on is a pretty good way of making certain that that pesky EULA is followed to the letter. In the same vein, an ID could also prove to be a viable vehicle for enforcing software licensing and putting an end to software piracy. The ability to pirate-proof software will have the commercial software houses foaming at the mouth in anticipation. I can see it already: "You send us your processor ID, we'll turn on the software you just leased. Visit our web page in 1 year for your annual update and pre-payment."
Dial 1-800-REGDOZE
"Hello and welcome to MS Windoze registration. Your new Windows 2000 OS will not function until you complete the following: First, type in your WIN2000CD Serial number and CPU id followed by the # key.
[a short while later]
"Your registration/unlock key for WIndows 2000 is 0x7365A79F3EE76A7B754D874F01FFF2"
[a year goes by, you're re-installing the same windows CD on another machine]
"I'm sorry. THat software is registered to another machine. Please purchase a new copy. Thank you. [click]"
It's gotta be the SP-friggin-A behind this. I gotta disable it. And BIOS options are not trustworthy. I predict we'll see "mod-chips" like in PlayStations to disable this dangerous CPU function.
OK. The concept is good. Some over-zealous people have got their heads screwed on the wrong way, however, by thinking that it's going to do anything for E-commerce. /proc/cpuinfo and compare the CPUID, model and stepping to tell you what the CPU was made as?
Fallacy: It will identify you.
[red]False[/red]. It identifies the CPU. That's it. What happens when your CPU cooks itself and you need to replace it? You no longer exist?
Fallacy: It will track stolen computers!
[red]False[/red]. After a quick glimpse through the PPP specifications, I notice no reference to 'connect to intel's database and hand over CPU ID'. How, exactly, are you (you being the geek who's computer has been stolen) going to make every computer in the world that's running an Intel CPU run this 'trackstolencpu.exe' binary? Don't you think that if you -do- have a stolen CPU/computer you could quite happily not run this program?
Fallacy: It will stop overclockers by identifying the CPU!
OK, this one is true. [red]BUT[/red], what's stopping you from doing this now? All you need to do is fire up a Linux floppy which will read
True (Finally!): A random number generator in the CPU will make E-Commerce easier
This finally is true. A hardware random device is much more reliable than a software one, as there's no chance of it being fiddled with.
So what's really going on? Even if, somehow, someone manages to start relying on the Serial Number (or whatever the hell they want to call it) and figures out how to re-program it so when you toast a CPU you can put your old key back, and figures out what to do with SMP, why the hell shouldn't I write my own browser that doesn't sent my Serial Number, and sends one that I make up?
Bah. These guys are seriously on drugs.
--Rob
Don't many communist countries require their citizens to register their printing presses - if you don't you get jail time or worse.
The internet is the one medium the government hasn't been able to control - like NBC, CBS, etc. Now they have a way of registering everyone.
Sieg Heil! Assholes. Welcome to totalitarianism.
Some of the last comments talked about how they will do everything to keep the ID hidden, and the other half saying how that will be great for e-commerce. Link the two together. I can see online shopping sites asking you for your ID to buy anything, and then of course they have a contract with Intel... They will push people to disclose their ID I'm sure. And of course with that you can say bye bye to software piracy. ID doesn't match software? Too bad for you. On the good side, this ID can't possibly get on the net without software to send it there, and that will send more people to OS that don't do that, ie linux.
So why have string encryption? If you have nothing to hide, why bother with larger key lengths? All the space CPU time could be better spent helping SETI than cracking DES ;-)
Ecommerce is already thriving, I don't see how an id on a chip is goign to galvanize it further. Current Intel process can currently easily encrypt transactions using methods which are seemingly very difficult to break. As for stopping illegal overclocking, simply having the chip return an embeded value represnting the mhz of chip would suffice. :].
The only potential benfits I can derive from this bullshit is for over priced software manufacturers who will now have a greater tool to combat piracy. Of couse that doesn't really pose a significant threat for us Linux/*BSD users
Did you know that Intel motherboards
already contain a unique serial number which
can be read by their identification routines?
Intel is either:
o Totally clueless
o The government's butt boy.
o Incredibly evil
not to be an intel advocate, but who can i email at intel to voice my opinion?
if indeed intel is attributing increased profits to linux servers, perhaps they need a large earfull of advice.
who else is being coerced into doing this?
From what I have heard, SETI brings in a lot of data to be sorted through. With all the extra power, SETI would be able to sort though more noise.
M
An ID does very little for commerce what we need is a digital signature that is handed out by you favorit Web provider. This signature could verify portions of your identity necessary to buy and sell on the net.
We also need a secure place to evaluate this ID to hide to processing and make it secure. Check out Wave.com they have a technology Embassy that is a lot closer to a secure system .
What Intel needs is a set top box inside the PC so that we can get pay per view, parental control, Consumer privacy and security for data using stong encryption.
I think speed is where hardware beats software number generators. Of course, i know very litle about encryption exept it takes gpg a long time to make a large (1 megabit) key :)
What if someone somehow finds your cpu
id? How hard would it be for someone to take your
identity, and crack your incripted email? Or
charge something on your credit card? I don't know
how hard it would be, but that is the first
question that popped into my head when I read
about this.
What if someone somehow finds your cpu
id? How hard would it be for someone to take your
identity, and crack your encrypted email? Or
charge something on your credit card? I don't know
how hard it would be, but that is the first
question that popped into my head when I read
about this.
they really do have (or have been working on) a 'screen saver' program to snatch your lonely cpu cycles. I remember reading about it a year or two ago... Oh. Apparently it's due for april 99. Seti@home its called. (sponsored by tci? heheheh)
seti.org
detroit
Doesn't it seem like the most likely use for this type of information being encoded into the processor is FlexLM type licensing. To me it seems pretty obvious. For those of us who have had to deal with FlexLM licensing nightmares it is not a pretty picture.
But I guess another thing that hasn't been brought up in the dicussion so far (that I saw) was that other processors have had ID's, serial numbers, etc encoded in them for quite a while.
The identification numbers could act like their vehicular counterparts -- essentially blacklisting stolen PCs from the Internet.
"This kills theft," said one cryptographer at this week's RSA Data Security Conference, who had been briefed by Intel on its plans. "As soon as you go on the Internet, you will be detected."
Bwahahahahaha! Kind of like how adding serial numbers to cars stopped car theft, right?
Look: all of the pro's listed on that article are either irrelevant (like the theft argument) or better accomplished through public-key encryption software like GPG. The only purpose this will serve, if history repeats itself (as it tends to), is to give corrupt corporations or leadership another way to control or rip off customers.
In maximumpc ( www.maximumpc.net ) there is a section showing where the editors help consumers who were frauded or ripped off by computer companies. One guy feared his 450mhz intel chip was a remarked celeron or a 333 that was oeverclocked and remarked. He found the serial # and intel gave him a full refund and did an investigation of the computer company that sold him the remarked chips. He decided to to buy a a new 450mhz cpu and did an investigation by the product serial numbers on the chips.
Anyway he found out that 3 OUT OF THE 10 CHIPS WERE REMARKED! INTEL IS VERY SERIOUS ABOUT THESE INCIDENTS AND THEY ARE NOT EXGATERATING. The good thing is he was saved by these serial numbers. As computer users or people who administer them, we should welcome this serial number on all chips so that we aren't ripped off and our lives will be alot easier. My first computer I bought had the most bang for the buck. I later discoverd that it froze constantly and my video card keptreacted stranglely on higher video modes like svga (at the time it was considered high res) I paid for a machine with2 megs of video ram and it only had 512k also the cpu had to be replaced 3 TIMES! I was a teenage gamer at the time and I was not happy that i couldn't upgrade the video ram (even the jumper was missing so i couldn't upgrade it) errr! I had a huge 8 megs of ram on it at the time I needed an upgrade for windows 95. Opps it couldn't be upgraded either. My machine would freeze if you added anything above 8 megs. I had to use windows95 with office 95 and run doom2 and dune2 with only 8 megs of ram. Slooow
I couldn't even get linux to run on it and I had to buy a new machine for windows 95 and later NT and linux.
The point is I wouldn't of had this trouble if there was a serial number on my cpu and video cards. I could of saved alot of efforts and I machine dedicated to just linux. serial nubmers are great and i wish more companies would have them. Fraud sucks!
Ok, so an id is supposed to prevent theft, because it will instantly identify a stolen computer. Not so, if you can opt out from detection, just don't go into e-commerce with a stolen computer and you're safe.
And besides, replacing the CPU will solve that problem as well, since the CPU will be the only trackable object in the computer, unless other components start employing ID's as well.
And many propriety systems are relatively theft proof anyways. The company I work for has a RS6000, and when we purchased a network card for it, we had to provide proof of purchase to the IBM reseller before they would sell us a network card for that system. This makes it difficult to use hot property, but at the same time, its impossible to employ this method with home brew computers.
I do like the fraud detection as far as tracking the proper CPU speed and preventing illegal overclocking, but this can be done with model numbers as well, it doesn't require an individual ID number.
As for the ecommerce, I suppose that authenticating the hardware would be a sensible way to prevent fraud, however, if the CPU can be used for this purpose, so can any other hardware component, including an add-on card, a parallel port dongle, network cards, or modems, etc.
And it will take 10-15 years before this could be used in a widespread fashion since you have to phase out all the older computers otherwise you will alienate large numbers of potential customers.
-Restil
restil@alignment.net
software patch, huh?
interesting.
detroit
I know Renderman on Irix uses a license server that uses the machines chip id.
True (Finally!): A random number generator in the CPU will make E-Commerce easier
/dev/random until somebody can do conclusive tests on the hardware version.
This finally is true. A hardware random device is much more reliable than a software one, as there's no chance of it being fiddled with.
While I agree with most of your post, I must also point out that a hardware random device is only more reliable than a software one if it's designed more reliable, and since we probably won't get access to the processor spec, we probably won't have any way to tell.
I suggest sticking with
Woops. I forgot to mention that what we're really looking for, of course, is a random device whose output is consistently untraceable, and therefore, we should probably call this "unreliable."
:)
It's the old, "if a vacuum cleaner doesn't suck, does it suck?" question all over again.
So what if you have a CPU ID embedded in your CPU, ou still will have control if that ID is sent out over the Internet. The data has to go through the TCP/IP stack which is under your control, if running an Open Source OS. So, I'm sure there will be a group of people who will not want their ID's sent over the net and will write the approprate code to filter them out, or spoof them entirely.
The ID may be in the hardware, but to get to the Internet you have to go through software. With Open Source you control the software.
To do that E-commerce/Stolen PC tracking stuff effectively they're probably going to need somebody to add stuff into the OS, or at least at a low level in both major browsers.
To pull this new standard off, Intel will need support from MS, Netscape, E-Commerce sites. Even then this will alienate people using Cyrix/AMD/PPC cpus, alternative OSs, Macs, NCs, WebTVs and Slashdot readers. : )
Sounds like a bulls**t rumour to me.
I've been running linux for 6 years. When I started out, I had to spend most of my time in msdos, because it was the only way I could get my work done.
Now I go weeks without booting NT at all. In another year, I'll probably drop MS from my machine altogether.
I really don't care what hooks Intel provides MS. I hope MS does start hassling people over liceneses. I hope they jack up their prices, and send widows and orphans to jail for piracy. Because every scummy, grasping thing they do brings the world that much closer to Linux.
I think we should encourage the big software vendors, people like M$, to be as extreme as possible in their quest for profits. It's good for us. It has the effect of magnifying our competitive advantage.
privacy@intel.com let them know that you are not happy with their solution for e-commerce. please also mention if you plan to no longer purchase intel products like i did. i have spent too much of my time fighting for users privacy to let one company have this much control.
is SGI doing this for Microsoft on their new NT machines?
I never signed an agreement or contract to refrain from overclocking my CPU. There is also no law against it. It is no different then someone who soups up the engine on their hot sports car. Would you accuse them of illegally changing the horsepower of the engine? I think not. So lay off it.
The whole overclocked chip thing is nonsense. Intel and other need to MARK their chips before they sell them. This is simple, if you don't see Pentium x/Speed y on your chip send give it back to goon you bought it from, then call the police.
Easy. Its just laziness on the part of the chip makers.
I saw a nifty hardware random number generator last night. http://lavarand.sgi.com/
It uses lava lamps, and a digital camera to create random numbers...
same with MAC addies for network cards. each one has it's own UNIQUE address.
Mike
taken from:1 89721,00.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2
"This kills theft," said one cryptographer at this week's RSA Data Security Conference, who had been briefed by Intel on its plans. "As soon as you go on the Internet, you will be detected."
I believe there is a loophole in that statement. What about Firewalls??? Currently, I connect to my isp through my linux box using chat, pppd, ip masquerading, and the masqdialer server/client programs. If the cpu in my windoze box should happen to have an electronic ID, Intel or anyone else wouldn't be able to see my windoze box unless they transmitted the ID on the ports for the www, ftp, telnet, etc. Right??? That would kinda defeat the electronic ID since that specific machine was behind sort of a firewall. Correct my if I'm wrong, I'm kinda new to Linux.
where the hell do you see any privacy invasion? does your privacy feel invaded by your coffee machines serial number??
I find nothing wrong with a serial number on the chip, printed on the packaging(the ceramic 'cover'). This should suffice to identify chips. Printing the speed and other pertinent information on the chip should also help, since no one is going to buy a chip with serial numbers removed or buy a chip that is overclocked. If you were buying a computer from a disreputable source you could check the cpu before paying - or use a credit card. The point being it is possible to prevent overclocking fraud without using this approach. And the chip would not have to be installed to check the ID.
Most pieces of computer equipment do come with serial numbers, all of mine have. And I have run in to problems similar to those you have described. The most effective solution has been to be more careful in the merchants I purchase from and to research the item I am going to purchase thoroughly.
The thought of having some ID that may or may not be disable by the BIOS is unsettling.
Also people upgrade computers, and change CPUs on a regular basis. What will happen if you donate your computer, and it is then misused? Will you have to tell intel that you no longer own it? And which thief is going to be so careless that he will not disable the ID?.
Ok.. If intel uses these CPU ids, then when someone reports a remarked CPU that they bought at as a P2 400 that was really a 350 or whatever then they can track were that chip was from. Thus, no need for them to implement the clock-locking technique that they use with multipliers and are runmored to be planning on doing with bus speeds. If CPU ids means that I can now buy a CPU and do whatever I want with it (cause I don't plan on selling it as something else) then it is fine with me. As for not being allowed to buy things on the net w/o a CPU id, I'm sure there will be plenty of sites that will allow you buy things w/o one, as long as there are customers that want something, the market will provide. And if software starts being released that wants your CPU id, it will only be about, oh 4 hours, from when the software is released before someone comes up with a way to beat it and posts it all over the net. All software piracy prevention plans to date are quickly beaten, and this one will be too... (Anyone else remember breaking copy protection on old Commodore 64 games so you could trade with your friends? :)
-CJK
I do not see how any of the reasons given in the ZDnet article are valid points to implement any sort of chip ID system. How will this affect e-commerce? I do not see how a vendor knowing the consumers CPU ID would mean anything to them. Dynamically software generated encryption keys would seem to work just as well (as they do now). As far as theft is concerened, unless you have to register your CPU ID everytime you buy a new computer (with the DCD (Department of Computation Devices) perhaps?), the ID would be meaningless. It won't even curb software piracy in a very effective manner. Current means, like key CDs or Dongles, to prevent software to be installed on more than one system are just as effective. True an ID would be much more transperant to the end user but this is hardly reason enough to start IDing CPUs.
What's the real motivation, Intel?
I suspect that the latest annoucements from Intel
(CPU serial number, on-chip encryption) are merely
a part of the embedded CLIPPER CHIP. The powers that be had such bad press when they tried to foist the original clipper on the market, now they
are getting Intel to do theire dirty work.
Hopefully, AMD and the others will not follow suit.
> All you need to do is fire up a Linux floppy /proc/cpuinfo and compare the
/proc/cpuinfo
> which will read
> CPUID, model and stepping to tell you what the
> CPU was made as?
what is this box, really?
% cat
processor : 0
cpu : 686
model : 3
vendor_id : GenuineIntel
stepping : 3
fdiv_bug : no
hlt_bug : no
f00f_bug : no
fpu : yes
fpu_exception : yes
cpuid : yes
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 11 mtrr pge mca cmov mmx
bogomips : 299.01
screw intel...my chip is a p233. i will probably want to upgrade around april. by then g4 macs and transmeta chips will be out. hmmm only problem will be deciding which one to get...
Two words: illegal overclocking. Think about it. How is it illegal? How does this look to a lesser informed reader? The news is the first draft of history. I hate to seem sensitive, but I've heard so many people that are mislead by things they've read in the paper.
All this talk about random numbers, computer
theft, and encryption is missing the point.
This thing is for piracy protection. It can
work not just for big packages like Photoshop,
but also for small things like a web page on
the New York Times site.
"This kills theft" refers to SOFTWARE theft, not
just hardware theft. In other words:
this kills mp3
this kills pirated software
this kills borrowed software
this kills free access to premium content,
once authentication is made transparent
There will still be choices for those of us
who prefer not to go the pay-per-view route.
But there is a bigger concern that has been,
amazingly, overlooked in this discussion:
Were this to happen, the entire business model
of the net would change (again). We'd be in for
a locking-down of intellectual property on a
scale that probably only three percent of you can
even imagine. Whether that would be good or bad
depends on your own beliefs: if you think like
RMS that people should share information freely,
then it would be bad. If you think like
Microsoft, the movie studios, and the record
companies that intellectual property should be
exploited to the hilt for maximum profit, then
it would be good.
After the change in the net business model, even
people like us who would choose to use Linux and
open source software would still suffer, due to
the shrinkage of opportunities and loss of
creativity that would follow from such a
corporatized web. Even if thought you still had
your own creativity, you wouldn't know what you
were missing.
Besides the net business model (now some
speculation) I think this might also open the
door for Intel to write its own platform-
specific software, and go into the appliance
business. Then they would be selling machines
for which you could not change the OS, as is
done by other companies: Sony, Apple, Motorola,
for example. Computers without software-
readable CPU IDs have led to a great blossoming
in the industry; this could bring that to an
end if other manufacturers were to follow suit.
I don't even understand why "you people" keep posting stories from ZDnet. They've already proven they have a taste for sensationalizing their stories, even to the extent of fabricating stuff just to make it more spooky sounding.
Zdnet is a lame "news service" and you people are just playing right into their hands by overreacting to their lame sensationalist tactics. Boy, I think I'll just start a web page where I slam linux and FUD FUD FUD all day long, but I'll be sure to have LOTS of ads on my page so I can keep getting your moron reactionaries to fill my pockets. I'm surprised someone hasn't done this yet, and I'm not sure if this isn't what ZDnet is doing.
Fellow Nerds,
It's not about tracking user behavior.
It's not about overclocking CPUs.
It's not about stolen hardware.
It's not about random number generation.
It's not about encryption.
It's not about privacy (a red herring, easily addressed).
It's not about CPU upgrade hassles (another red herring, easily addressed).
It IS about piracy prevention. Remember
the MP3 discussions, where people claimed
software copy protection was a failed
technology? It's only failed in the past
because on machines where the CPU did not
have an ID. With CPU IDs authentication
(not user based authentication, just CPU
based authentication) can be made so
transparent that even individual documents
can have access controls. So actually MP3s
can be killed dead as long as the record
companies make it easy and tempting enough
so you will be willing to use a conforming
platform in return for access to their wares.
If you want to really get paranoid, surf
around at doi.org and handle.net and try to
figure out what they are up to, in light of
the Intel news. Hint: they recently applauded
congress's passing of legislation that
included wording that provides for stiff
penalties for anyone who tampers with a
rights management system.
The machine ID is on a PROM in the front panel/backplane (depends on the machine), so that
you can upgrade CPUs and motherboards w/o having
to get all your licenses transfered.
Big Brother owns you.
Be afraid, be very afraid.
Well, I've heard that at least one compiler
vendor does this, and that they sometimes take
days to get new authorization numbers out when
a hard drive crashes.
Second, the new UCC is allowing great latitude
in software license terms. If a company sells
a 1-CPU only or time-limited license, that's
what you've got.
What's scarier from a privacy perspective than
foolproof ID of your CPU every time you connect
is foolproof (supposedly) ID of you every time
you go out in public. This is pretty close.
Software that can identify people by physical
appearance is on the way. Those security cameras
are pointed at just about every cash register in
the country. What happens when BigBigInfoCo makes
an offer to the merchants -- let us connect to
your security cameras and we'll give you info
about your customers? Privacy is dead. The CPU
ID will just make it impossible to retain privacy
by staying home and only going out on the internet.
IBM has been doing this for ages in their AS/400's, and it's primarily used by ISV's, who :)
wants to make sure that when they sell some system including the hardware, they will get all future hardware-deals too. I imagine it will be used this way in Intel servers too, and won't really be a problem/feature used in end-user equipment. Or is it just my lack of imagination/paranoia?
Quite the contrary, in fact. Go read a MicroSoft EULA for licenses of Windows, for example. Under the EULA, it is a breach of the terms to migrate Windows from one machine to another, if Windows was purchased with that machine.
I'm sure MicroSoft would be more than happy to tie Windows to the CPU ID. Should you upgrade the CPU, you will have been deemed to have effectively changed machines. Boom! You need a new license.
rodgerd@ihug.co.nz - away from my password.
Suppose I steal Joe Schmuck's computer. He's a normal likable windoze guy, so he has a shortcut to "Purchase it." It probably has his credit card info there somewhere, or I just scan his sent mail till I find it, then I use his computer on a throw-away dialup account to rack up the credit card purchases. I can have them delivered to PO boxes or wherever, and finish the spree in a night or two. I would not block the CPUID!
:-) They show up at Joe's house, and he goes downtown till they sort it out. "What did you do with the computer Joe?"... "It was stolen, I swear it.." "C'mon Joe,.. you can tell us now, or talk to sergeant McKnuckles later."
I collect, and let Joe Schmuck take the hit because he's the one that the CPU was registered to. Maybe if I feel a little malicious, I write a threatening email to the president. The secret service takes that very seriously. I'm not worried.
By this time, I've collected all my ill gotten booty and revenge. And the computer is in the river. Gawd, I love this CPUID!
Intel processors have the ability to patch themselves - one capability added all Intel CPUs since the Pentium Pro, IIRC, is the ability to fix errata with microcode patches.
It would be trivial to allow the embedding of CPU speeds in microcode, preferably within WOM.
Software tied to a CPU is not a new concept as anybody who's had any appreciable experience w/ commercial mainframe or UNIX systems can tell you.
Every workstation I've ever used has had a unique
ID PROM which is used as part of the hash for a license key. Yes, this DOES make things a pain in the butt for things like hardware failures (new system board always comes w/ a new PROM), but thats what support contracts are for.
It's a whole different model of selling a supporting software which is finally coming to the PC market.
Intel's scheme of embedding this ID is considerably worse though 'cause PROM IDs don't float all that easily off the system they're plugged onto unlike these embedded IDs.
From:
l co/p2_sl264.htm l co/p2_sl265.htm
/. submissions, as a space -allways- ends up in the link somewhere breaking it. Cut'n'paste guys.
http://www.sandpile.org/80x86/cpuid.shtml
[Let's assume it's an Intel CPU - I believe Cyrix chips can fake the vendor?]
GenuineIntel means it's a real Intel
80686.3.3 means a PII at 266mhz -or- 233mhz
Bogomips at 299 means you're running it at 300mhz.
You don't have APIC and SEP in the flags, which means it's a Single CPU motherboard.
It's much easier with 2.1 and 2.2 kernels:
This is the second processor of a SMP system, rated at 300mhz, running at 300mhz.
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 3
model name : Pentium II (Klamath)
stepping : 4
cpu MHz : 299.946777
cache size : 512 KB
fdiv_bug : no
hlt_bug : no
sep_bug : no
f00f_bug : no
fpu : yes
fpu_exception : yes
cpuid level : 2
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov mmx
bogomips : 299.01
In your situation, this is one of the times when they didn't differentiate between CPU's in model or stepping - which means, to me, they've used exactly the same die and just put the 266's through a higher level of QC. Either way, you're over clocking it 8-)
[Oh, here's some more useful links:
http://www.sei-europe.com/dynamic/html/spain/se
http://www.sei-europe.com/dynamic/html/spain/se
for the 233 and 266 mhz PII's.]
I've given up trying to put decent length href's in
--Rob
If the identification is done by an extra instruction, then it could be blocked by operating systems. Just make it a privileged operation and do not allow user-space programs to execute it. I don't know if that is possible with an cpuid extension.
Pro/E Uses the ethernet MAC address to accomplish this, not a system ID. This means that the deal is between you and the software company, not you, the software company, and Intel.
A clock ID is all you need to stop illegal overclocking.
A CPU ID is intellectual property control, something every supporter of open software should be very wary of. Believe me, I've seen CPU ID locked software on workstations and it is a major pain.
Block it any way you can.
It will be broken by the NSA. A random number generator in every chip on every desktop of the world (or at least Intel's chip of the market) sounds just a little bit too tempting to resist.
And since it's embedded in the CPU there's no way for a user to see if it has not been modified for spook purposes. Rest assured that the new ID will also be used by intelligence agencies.
so instead of having to crack into many user's machines, all Ms. M. Alice Sioux-Hacker hs to do is hack the NSA once.. Or have a mole there..
(counter-espionage? surely that sort of thing never happens!)
You're wrong.
Workstation ID's and workstation locked software are a major pain. More than 50% of the non-functioning workstation software I've seen has been due to license software stuffing up for any one of a hundred of reasons, none of them piracy.
Network link down so it can't get to the license server. Dongle locked in the office for the weekend. Phantom software license locking out real use of the software. Software upgrade killing the license. License software upgrade killing the license. Wrong (eg. demo) license sent from the vendors. Simultaneous use license overestimates the number of simultaneous users. It goes on and on.
Block CPU ID's any way you can. They're for control freaks who assume you're guilty until proven innocent.
Hey, come on and /. this one:
"Are you planning to replace Windows with Linux on the desktop?"
http://www.it.fairfax.com.au/
;-)
Hey, come on and /. this one:
"Are you planning to replace Windows with Linux on the desktop?"
http://www.it.fairfax.com.au/
Hey, come on and /. this one:
;-)
"Are you planning to replace Windows with Linux on the desktop?"
http://www.it.fairfax.com.au/
How long before tools like netbus give all the 13-year-olds a way to quickly gather a bunch of valid IDs? Someone is gonna have alot of fun...
Yes, you are naive. This tracking system will allow the marketing vermin to track everything you do, everywhere you go, EVERYTHING. This idea deeply frightens me - and should terrify any sane person. It frightens me, not because the marketing vermin will track me, but because they keep records that may one day (tomorrow, or fifty years from now) be seized by the State and used against me or my descendants - as evidence of [fill in charge]. Anybody old enough to remember Communism should be upset, those of us old enough to remember the German Social-Democrats are terrified. Never again!
I'm not sure if you've ever taken a look at it, but both of my PII-300's have got serial numbers on their cases.
Ares, who doesn't have his password handy.
That doesn't mean PGP/GPG/whatever has to use the included random number generator.
Ares, who doesn't habe his password handy.
It WOULD allow equipment seized by police to be traced.
USR modems have an ID for a while. You can get it by using some AT command. When you call USR first thing they ask you is this ID. Also, as far as I remember, new IDE drives have an ID which can be read by a software. This ID is often used by different proprietary packages. During installation it reads this IDE disk ID, encrypts it and saves to configuration. When you copy all the files to another computer - the program does not work because another computer has a different IDE disk ID. We already have an ID for a while.
Let's go buy AMD & Others processors...
Firstly, its almost certainly possible to un-patch a stolen CPU -- its probably going to be a privaledged instruction, which can only be executed with the CPU in ring 0. That will prevent userland programs on any current OS from accessing it, since they will have to load first -- bugs in Windows excepted of course :-)
Secondly, the real question is about the random number generator, but it must be possible for the vendor of the software to be able to simulate this random number generator to test that, and the ID's value could most probably be altered in software anyway.
This might mean that every copy of Windows, Office, etc will have to be paid for. In countries like China, India, Mexico this will be impossible. In fact, if every US company had to pay for all of the software they use many would prolly sink. It's pretty easy now to run a hacked copy of Alias or SoftImage on a NT/Intel box...
If companies start CPU specific software wee will see Linux move beyond 50%
-Scott
What's legal today may not be legal tomorrow. And no matter what law should pass, what one does on their own computer that they paid for with their hard-earned dollar is their own business.
Not too sure about the extra licenses.
For one thing, students who normally pirate windows and all its apps would be more likely to give linux a try.
what id will be used? and will all of the software use the SAME id? ie if app.foo uses cpu0's id but app.bar uses cpu1's id this could making life intresting...
_my computer is schizo, 95% of the time it kewl as a Penguin, but 5% of the time it is a Window to hell...
To start off with, I haven't read the article, but I did read through all the /. responses which are generally more informed.
I have been hearing of this from my friends at intel for a while now. This press release is just a tad premature, in order to force a decision to congeal inside of product management and the engineering teams. There has been a lot of debate about exactly what to implement.
The engineers are *ALL* on the side of privacy, while the PMs are getting a lot of input from the legal department, the SPA, and various music industry reps. The PMs and the heads of the legal department have almost all received free dinners, business trips to various fun places (bali, paris, orlando with the whole family), envelopes full of cash, etc. There is a lot of money at stake out in the real world. MP3s and win2k licensing for example.
From an engineering point of view, the plan started off with a request from the legal department like this; to stop unscrupulous people from re-marking the chips and selling them to un-suspecting customers at a hefty profit, it is possible to have a small programmable chunk of logic to store the final tested speed and maybe a serial number. This technology has existed for almost 20 years, it is some PROM-like cells which can be programmed once, then a 12V signal applied to a pin to blow a fuse and render the circuitry RO afterwards. The pin then reverts to its original purpose. The PROM cells are then readable via an opcode, and always return that value. So each chip can be tested, and then internally marked for speed, manufacture date, lot number and anything else you want. Takes up little real estate, can be done near the edge of the chips with large-ish dimensions, so as not to affect yield too much.
Then intel can release some simple apps, (or fragments of source code to the OSS community), so a person buying a system can walk into a store with a floppy and run it before buying and spot a re-marked CPU. Buyers of CPUs can also know they are getting ripped off, and notify authorities before the bad guy can get too far. Large companies can install soft on every one of their intel machines to report inventory to a central database, and when machines or CPUs are stolen, they can give the numbers to police. Police can also go out and test machines they think are stolen, and so on. It doesn't prevent theft, but it gives the police a tool they didn't have before.
The PMs have been approached by those who want to kill MP3s by having a unique, unmaskable serial number on the chip. Then they can sell a consumer some music which is encrypted and can only be decrypted with your unique serial number. Sounds great, but it generally ignores the fact that people can write players that will just look up the key in software, and play from there. To counter that the music may actually be an executable which will do its own playing, and always be tied to a single CPU. Change machines, and buy^H^H^Hlicense the music again.
As the idea developed, M$ got into the lobbying act, wanting an undefeatable unique code so they can lock a copy of some soft to a specific machine/CPU unit. Then they will change their licensing to something even more creative than the EULA they have now. Use your imagination, but not too much or you will lose sleep over it.
So the engineers were losing out, but had taken a M$ approach to the idiocy (we can do the good thing, but the evil stuff can't be done without too much cost). The PMs are under a lot of pressure after accepting all their bribe^H^H^H^H^Hconsulting fees to do whatever M$, the SPA, and the entertainment industry wants.
So it looks like there will be some long serial number that will uniquely identify the chip, but no speed information will be recorded. So the re-markers win and M$ and Sony win, but you lose a little bit more of your privacy.
But there is still hope for coding the speed after test to kill the re-marking market. They don't really care if some college student overclocks his machine, just that 15%-20% of pentiums on the market have been professionally remarked and sold to unsuspecting buyers.
The thermal PRNG is a nifty bit of tech that is completely separate from the rest, but I have heard the PMs want a weak PRNG with a short repeatability cycle, while the engineers want a very advanced, provably strong PRNG generator. If its weak and set in silicon, it will be found out and then no respecting e-commerce vendor will use it, and intel will suffer bad PR worse than the FDIV bug. But real estate costs on silicon are nothing to laugh at, and a better PRNG will take *MUCH* more space.
This was too long, but I'm bored this morning.
An anonymous ex-intel engineer
Anyone who would trust a black-box hardware random number generator for creating cryptographic keys is either a tremendous optimist or an idiot...
This would be useful to XOR with a software-generated key for potential extra security, but nothing more. No code, no trust, that's the cryptographer's rule.
# hdparm -i /dev/hda
Model=IBM-DHEA-38451, FwRev=HP8OA20C, SerialNo=SH0SHG07
^^^^^^ ^^
I know my 3com card can change the address.
Where I used to got to college the net admin was getting paranoid and wanted everyone's ethernet address, so I just made up some bs number and gave it to them and then changed my ethernet card address.
What you are describing is a clock ID, not a chip ID. A clock ID would be something embedded in the chip to reveal it's "natural" speed; it would (hopefully) not prohibit people from overclocking.
Might I suggest that we can't solve crime with technology? We will end up with some better criminals, though. YAY FOR US!!
That's the reason Intel claims for locking the multiplier and adding a PLL (in Celeron 350+ models, supposedly) that halts the chip unless the clock frequency is "appropriate". We're meant to believe it's just an unfortunate side effect that hobbyists also can't knowingly overclock their own chips. Tom's Hardware goes into some detail on this.
If Intel wanted to let people overclock (rather than have to pay more for chips with conservatively higher tolerances) while stopping resellers from lying, they would have made overclocking easily detectable. They'd rather prevent it entirely- imagine that.
I really hope this becomes reality. Think about it all of the warez kiddies out there will have to pay for their software! Yeeeehaaaa! And maybe, just maybe, software prices will go down! gasp!
>> e.g. if you buy a lot of beer, that could be brought up as evidence in court.
And it would be the truth, right? So what is the problem? If the truth had a negative impact upon a person within a court then that is a problem with either the person or the court system, not with the method of obtaining the truth, DUH!
My GSM mobile phone tracks my physical location already. What do I care?
Read the Intel person's post. The plans for recording the cpu speed on the chip were scuttled in favor of a more-or-less meaningless, but unique ID number. So you'll have a heck of a time figuring your cpu's speed, but virtually any program could read your CPU ID and send it to a tracking DB.
I saw another press item from Newsbytes indicating that Intel is seriously marketing this as an "Internet security" feature, but there don't appear to be any features to prevent copying of CPU id's and emulation of them in software. After all, there's nothing in TCP/IP to ensure that a "CPU ID" comes from a chip and not somebody's file of purloined ID's. It's like having a credit card number that you can't change; if someone gets it, you might as well return the chip and relicense your software and MP4's, and try to get your bank to give back whatever money was billed to your "secure" chip ID.
Jeez, even an S-key card is better designed. Probably tomorrow they'll feign ignorance and announce a "miraculous" design to prevent disclosure of the chip ID. D'oh! Can you say public key encryption? I think even the Clipper chip idea was better than this.
I don't hear Cyrix and AMD complaining. Maybe the tamper-proof markings work.
Imagine this,
You're an American, you are 20 years old and in college. You see a TV news program on the Chinese government's repressive policies and post a comment to Usenet to the effect that you think that the Chinese people would be better off with more democratic government.
Years pass.
You are now fourty-five, and have long since forgotten about the meaningless comment you had posted twenty-five years ago.
Your wife wants to go to China, on vacation - so you go. Unfortunately (at this point in the future), the Chinese government is actively seeking to prosecute "foreign agents of subversion" and is making examples out of those they ensnare. They have a database of all 'subversive' comments posted to Usenet for the past 26 years. With Intel's Tool of Repression (TM) CPU ID tag the Chinese intelligence community is able to positively identify you as such a person. "What luck," they think, " and he is coming here? Such arrogance must be puinished!"
When you arrive, you are met at the aircraft by Chinese internal security, whisked off to a sham trial, and executed. Or more likely, you spend a few months in a Chinese prison while the diplomats work something out. You might make it home, but you'll never be the same.
Regardless of the outcome, this is a situation that can be easily avoided by not producing such a tool for repressive regimes to utilize.
Even in the history of the US, repression lies just under the surface. Remember the McCarthy hearings? Say something similar happens in the future - not necessarily with Communism, but something similar. Once, in the past, you visited the web site of the entity currently being repressed - and thanks to Intel's Tool of Repression (TM) CPU ID tag, you can be positively identified as a person who "obviously has close ties to [the entity]." You are dragged before Senator McNewwacko, grilled, and imprisioned for contemp of Congress - or you give them the lie they want you to tell, and you're allowed to go home. Your coerced 'testimony' is then used to crucify other innocent people. Then you are fired and blacklisted.
The potential for abuse is frightening. This can not be allowed to be implemented.
PC buyers in the corporate world have been asking for processor serial numbers for years. It is not clear that Intel is trying to satisfy these people, but if a processor serial number is available via software (even if a BIOS setting has to be turned on to get to it) automated inventory will be a lot easier.
Best case would be if Intel externally marks the serial number on the case and makes the same number (or some unique subset) accessable via an instruction or register. It doesn't matter if the serial number rolls over as long as it is unique for each model/type.
Disks, Ethernet adapters and most newer motherboards already have some form of machine-readable serial numbers on them. Some vendors (Compaq for example) support software-readable serial numbers on memory. Why should processors be any different?
Who needs the police? The license on some software packages gives the software maker the right to revoke your license whenever they want so just add a sufficiently powerful laser to the satellite and save everyone the time and expense of a trial.
Give me one good reason why overclocking is illegal?
So what about the Intel ID; many of the other parts of my PC have serial numbers that can be read via software (can you say BIOS, monitor, ethernet card (well, the MAC address), IDE hard drives (SCSI as well, AFAIK), etc.).
You go get a system that doesn't have a BIOS serial number (flash it), doesn't have ethernet, has a non-VESA-DDC monitor, and no harddisks, and I'll tell you your wasting your time... software to track people based on part serial numbers is very possible today.
Besides, people upgrade CPUs more often than monitors, so I'd say that monitor tracking numbers would work better for big brother anyway.
Brad Keryan
keryan+shalstod@andrew.cmu.edu
Transmeta is vaporware so far.
Nuff said
Perhaps a good strategy to counter this would be to start a campaign to encourage AMD and Cyrix not to support it and then boycott Intel. There are also PPC, Netwinder, etc., but the Intel clones are the biggest direct threat to them. If Intel loses 10% more share over this, I bet you see the tune change quickly - at least to defaulting to privacy.
Excuse me, you seem to think the normal form of government is democracy and that democracies never fall. Both of these assumptions are historically ridiculous. The bulk of current and historical governments are authoritarian and it is debatable whether any are truly democratic. The most extreme example of such a retroactive crime was that of being a Jew - rather chic in Weimar, really bad news a few years later. There are plenty of people in the US and elsewhere who would love to imprison or execute gays - if they came to power, it would be necessary for gays to be able to escape or hide, but this option will not exist if we create an information infrastructure now that makes privacy imposssible.
This is a good point, and thanks for the URLs, but I don't think it's the whole story. First of all, if this is what Intel had in mind, they would say so. It would be a lot less controversial and not bring up people's (well-justified) big brother fears so much. Also they would not create a system that was defeatable; this severly undermines the security. They could probably implement this without having to actually broadcast the CPU ID (decrypt and watermark on the client), which would be much more PR acceptable. And it's not as though people aren't trying to gather information about you. Selling information about users is one of the biggest revenue streams on the web.
Don't be didactic. His point is clearly valid, regardless of technical details. I don't think the government will let Intel keep the databases, but that is a minor implementation detail.
Suppose someone decided to distribute hermetically-sealed Anthrax spores on street corners. Would this be EVIL? After all, the spores themselves are properly contained and can do no harm, it is only when someone *releases* them that EVIl has been committed. While this is in some sense true, it is also true that some forms of evil (a perfectly verifiable part of human experience, requiring neither caps nor quotes) are better disabled than permitted and then punished.
It's all about the principle.
If you have nothing to hide then you can live in a glass house and it's not disturbs you that everybody can watch you...
paranoid
Lets just say that the engineers had an excellent, simple, robust solution, which is what the legal department wanted, and they are not being allowed to implement it. Yet. Wait until 50% of all CPUs are remarked by cheats, and intel stock takes a hit.
:-)
The 'encryption' option was just mangled press hype for the thermal PRNG. If you believe the current story, they are adding a strong randomizer which uses many random thermal events to create very long numbers. I can't wait to see the specifications or a real world analysis.
I haven't heard of any other 'crypto' functions being added, because the US gov would then require a review of the entire design, plus a 6 month analysis of the first silicon by the NSA before allowing it to be marketed or sold. So they are avoiding any problems by not adding questionable opcodes or functions.
But as others have pointed out, a unique serial number would be good for companies with a theft problem. And home users, paranoid or not, will have an incentive to switch to open source software to avoid the new continuous M$ tax, and spewing the serial number to marketing companies everywhere on the internet.
But I think the privacy nuts are reacting with just enough fervor over this. Its a problem, but not a big one, and the solution is why slashdot gets 50 Million hits
anon ex-intel employee
Software companies can sell software licensed only to work on a specific CPU.
Yes. This is already very common in the UNIX world. A lot of proprietary software is designed to work with license-management software like FlexLM, which allows for licenses tied to a particular machine, identified through unique hardware characteristics such as CPU serial numbers. (There's a Linux version of FlexLM... I'm not sure how it comes up with the unique host ID though. I think the MAC address of your ethernet interface plays into it, though.)
Let's look at a couple of the points raised in the outcry above:
Frankly, I don't think this is worth all the worry people are putting into it - especially open source people. There will be ways around whatever Intel wants to do with these IDs. Open source will make these hacks easier to pull off. Don't look at it as a threat; look at it as a clever and significant hacking challenge.
How exactly is it possible for this to work? the CPU has the id? that means software has to read this id and send it over the internet for someone to be able to track you.. hmmmmmmmmm.. Software such as your OS's tcp/ip stack, and/or perhaps your web browser.
Ip spoofing can be done reletivley easy. What happens if someone spoofs your ID number and commits somekinda online credit card fraud or similar?
Sounds dodgy if you ask me.
> German Social Democrats
The fuck are you talking about? The social democrats are in power now.
stroucki@guild.net
First of all, who says that only countries like the United States and Canada are relevant. It is a global standard that is being created here. Secondly, the US has just seen its President impeached on a silly pretext despite strong popular opposition. Government repression including spying, framing for crimes and such was frequent with groups like the Black Panthers and the SDS in the 60's. If it is less so now, it is only because there is less opposition. Sure, if you always think and do what the government wants you to (no "questionable" behaviors), you will have no trouble, but that is usually the case in police states as well.
> BTW, we don't have a real democracy. Things like human rights don't come about as a result of democracy
(not initially, at first).
For the most part what human rights we have won, through tradition and through legal documents such as the Magna Carta and the Bill of Rights have been the result of popular struggle against authority, sometimes led (and sometimes opposed) by an intellectual elite. This is also how democracy emerges and the two are part and parcel of the same process. Human Rights do not come from the wisdom and generosity of authority figures.
The US isn't a democracy, its a Republic with representational government.
The German Jews in the early 1930's didn't believe that their goverment was going to cold bloodedly exterminate 7 million people in the next few years. They lived in a "Democracy" as well.
It can't happen here. This was said many times by disbelieving people as entire families were dragged off to be starved to death and burned.
In this country we exterminated 9 out of 10 Native Americans. During world war II we rounded up all the people of Asian desent and placed them in concentration camps. If we had been losing the war do any of us doubt that we would not have turned on these helpless people as scapegoats?
It can and has happened in every nation on the earth. And it will happen here again. Jefferson said the the tree of freedom will be watered with the blood of patriots.
Remember that only you care about your own rights, the dictator rules because everyone looks out for their own interests.
The paradox is that only those who are willing to die to protect their own freedom is truely free.
Only those who are willing to give up everything, including their very lives can be free.
I don't think that having ID's in the microprocessor will have any impact on any of our rights. No more than having a VIN number on a car and the VIN helps to protect our rights of ownership more than it hurts us.
While this topic is now getting on the old side and I am not sure how many are reading it anymore, I just had this thought on it.
If the serial number on the chips is going to be a 96 bit serial number. And websites are going to start requiring this 96 bit number to do transactions through them. No other processor has a 96 bit serial number. Is this a further attempt to squash the competition. Will this also be a further attempt to squash non-MS operating systems because MS will have the integration in them to retreive this serial number.
So is this just one more push to get a Intel-MS world where everyone else is left out in the cold.
While for software giants I can see many additional benefits. Being able to tighten up software licensing, preventing resale of their products, requiring each person buy a new product and then go online or call to activate it.
To the consumer I see few benefits. They claim it will increase the security when I do shopping over the Internet. Do they take into account that half of my web surfing is done from an Xterminal, and the other half is done from home. Will I only be able to purchase items through one of those two computers. For that matter how are multi-user OS's running on Intel chips, SMP machines, and multi-user OS's on SMP machines being dealt with.
For some reason Intel or MS looking out for my better interests really scares the crap out of me.
Really. Why will I use software that reads this ID in the first place? If I'm law-abiding citizen, I will just use software that doesn't, and will make sure that it doesn't by compiling it myself. If I'm not, I will use some proprietary thing that reads it, run it under debugger (oh, debuggers vs. undebugable code wars again, but this time with complete hardware emulators available to general public) and fake ID, just like people fake credit card numbers. And since Intel chip becomes a "credit card" that costs >$100 to replace, things will be very interesting.
Contrary to the popular belief, there indeed is no God.
irish toast? is that like french toast?
If you suspect that the hardware RNG produces a bitstream with known correlations that an attacker could exploit, then scramble the bits further in software. For instance, instead of using the raw bitstream, pass it through your favorite stream cipher seeded with a key composed from a trusted random source like /dev/random. Or, for a lower-bandwidth application, read a random number of bits into a buffer, then compute the buffer's SHA-1 hash and use that as the next few bits of your stream.
Someone who knows more about crypto than I do can probably suggest a stronger scheme than the above. The goal is to make it computationally infeasible for an attacker to exploit his knowledge of the RNG's hidden weaknesses, while requiring many fewer trusted random bits than would be needed if the hardware RNG were not used at all.
Capatalism is gasping it's last as history will later see it. Ironically many of it's last ditch survival efforts will be the keys to a new age that many don't see coming. The solutions to perfect privacy and security lie around the corner in disguises like this one. Don't be fooled, this particular effort (or rumor) won't work:
What I believe will work (I could prove it out for you, but that would be a book):
ID=Position in space time. Possibly averaged from a large number of particles (microscopic). Hopefully accounting for all functional particles in the object. (Item's ID would change if it broke or was tampered with for instance)
Everyone is given at birth a little black box(perhaps implanted) which provides identity.
Every posession (while they still exist) also has it's identity and permissions, like files in a unix file system, it will react to people and other objects appropriately. This most notable includes communication devices. Communcation devices at large are the most important of these, computers being a part of everything. The routing protocols will be fantastic feats of physics:)
Mundane things such as email are representative of the type of objects we will send. They could carry an id and therefore maintain your permissions across every system in the world. Of course on the flip side a system owner can filter email based on permissions as well as the obvious things making it possible to create "email contracts" meaning basically that "root" on said accepting system maintains root-like permissions while granting reliable feedback (such as when it was read) and allowing deletion or modification by the sender (before it is read).
Free software advocates rejoice. You may think this bodes ill for using "other people's information" without paying for it. But it also means that if we don't accept the invasion of privacy necessary to provide uncrackable licensing (and we won't) the capitolists will sell their programs to an increasingly smaller customer base until all information is open source as a matter of common law.
This is the direction we are headed. I have my timelines, but they are too sketchy to share yet. It will not be a violent revolution, but a light speed-technology driven evolution. Reader's of slashdot more than any other group so large and mainstream (relatively) should be aware of this due to the great content posted on nanotechnology and quantum computers.
As I write this I chuckle inside because from this perspective (and I am VERY confident in it) the founding fathers of our next age are you and I. In a world driven by information, we are they who fight for freedom.
Posted by supercouillon:
as any company using hardware dongles knows too well, any hardware is fooled too easily by software...
I assume that immediately after the specs are released, kracks to change your ID will spread out everywhere...
btw: what about users of AMD, Cyrix, PowerPC and else ???
dumb enough to run a closed-source os, that is. if they do it, I bet it'll be about 4 hrs. before a kernel-patch that shows arbitrary (and/or random) id's is available.
of course, closed-source os'es will probably ride right along, happy to increase their "licensing" robbery.
Assorted stuff I do sometimes: Lemuria.org
there are other chips on this planet, so all
that crap about sites requiring this id thing
would alienate non intel users. looks like thats
what intel wants. MS probably too. fuck em!
besides, as mentioned in earlier posts an OS can
overide anything that gets
sent out over the network. sure you can encrypt
something. and sure you can just take the encrypted version from another chip anyway.
processor upgrades would now be a real hassle for
commercial software if it used the IDs. more reason to us free software.
I fail to see what the CPUID has to do with anything. It's not as if the vendor can press the magic button and your cpu transmits it's ID. Software has to do that, and software, source or binary can be modified.
It's just another trivial security scheme that will prevent casual fraud. A determined hacker will just disassemble the code, and change the instruction that fetches the cpuid to a literal load instruction, and viola, a fake ID. It's basically the same procedure that game crackers have used for years to patch binary games so they don't ask for the secret code from the cheap cardboard decoder wheel.
Given that, the real worry is that casual fraud goes away, but determined systematic fraud becomes easier.
I thought they already had a unique number on the chip in the serial number. I heard they had serial numbers in the chips since the pentium was released.
One thing I can see this being used for, though, is license schemes like current Unix platforms using flesLM. Not that that's good or bad, IMHO, just feasable.
I'm sure we will be seeing per-machine licencing of digital content happen using these IDs. For example, the mangled RIAA MP3 format...
Probably fairly trivial to crack, but still, enough to get the clueless 90% of users to pay.
"Without music life would be a mistake" - Nietzsche
most computers come with some sort of serial numbers, often readable to the bios.
Your ethernet card has a unique id.
If you've got a static IP you've got a unique id.
etc.. What sucks is it will probably raise the price of their hardware.
Plus, I'm guessing that the software to be modified is the apps, not the OS, as it's the apps which talk over the network. (At least, I hope they don't plan on embedding this thing into TCP/IP itself...)
no, but any day, "they" could make a law that makes what you do illegal. maybe it's currently legal, but won't be in the future because some high-priced corporate lobbyist greased some congressional palms.
It happens all the time.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
hm. NOW Intel's investment in Linux is starting to make more sense. . .
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
one other point -
What about emulators?
On a Macintosh running VirtualPC, couldn't one, in theory, tamper with the code, and forge a CPU ID since it's not tied to hardware?
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
... ability to block that ID from getting out. Windoze users ma have a problem getting the software to do this, but Linux users are almost guarenteed that there will be some parinoid little hacker that will program a patch for the kernal.
:)
This is a great thing for anti software piracy people.. I can see its use.. I just don't like it though..
!Xabbu has spoken
(and chances are no-one) will hear.
- Jimbob
Take a look at the comments in /usr/src/linux/drivers/char/random.c. We already have a properly nondeterministic random number generator in the Linux kernel, so we don't need this new feature.
You should be the first one to get in line for ear tagging.
Linux is only free if your time has no value. Windows is only free if you threaten to use Linux.
... it probably doesn't help any when you type the article up with "so that we they can be tracked."
Don't panic. Ethernet Cards and SCSI disk drives already have embedded ID or serial numbers for a long time now with little impact on privacy.
Ok, I think either I'm just a naive geek, or just one who doesn't care, but why would anybody care whether there's a id on a chip? Software, I can understand (especially if you're a pirater) but hardware? Same as for all the other privacy stuff...i couldn't care less about being tracked all over the place. As long as some guys in black suits don't cuff me while I'm standing in line at a supermarket, then I'm not worried. In most cases, it's those that either
1) have a lot of things to lose (like money, or possessions) that criminals can track and hunt down the rich. I don't think I have this, and the average person doesn't either.
2) have criminal activity to hide
Please enlighten me, b/c the pros (as described on the web page) seem to outweigh the cons.
lt;tim><
Like I said, what most people consider private are not things that I consider to be private. It's only when people start hiding things, that's when curiousity sets in and others will try to look for it.
Also, if everybody shares information, it's suddenly not a big deal anymore. Think of your phone number. If you're like most people in urban centres, you're one of millions of names in the phone book. And hardly anyone cares about that. And now because there's some method of identifying who you are on the internet, you're worried?
As for tracking--could you fill in the rest of your sentence (as evidence of_______)? I can't think of anything that I personally do that can be used against me in some way. That's not to say that everybody has nothing to hide, just that most people don't, and the proponents of this kind of privacy is assuming that EVERYBODY should be appalled at these actions against privacy.
<tim><
Ok, so it's about software and music piracy. Which is, in most circles, illegal. Unless you can admit that most of your MP3's are legal (hey, if you can, great. But don't speak for the majority of the population.)
<tim><
I have heard that there are some ethernet cards with a programable mac address. Does anyone know which cards allow this? Also, I know nothing about writing drivers for ethernet cards, but if you have the source for your driver, could you make it send out a different address than the one that's in your card? The resnet at my school uses this for dhcp, but it also uses it for security, dropping the packets of anyone who's ethernet address is not registered in their database.
--
-- Knowledge shared is power lost. -- Aleister Crowley
Hey, thanks alot :) After looking through the redhat network scripts, I found that if you put the line "MACADDR=00:12:34:56:78:9A" in the ifcfg-eth0 file you can configure it for a particular adapter. How convenient :)
--
-- Knowledge shared is power lost. -- Aleister Crowley
Well, to a degree.
If there's a person available, random number generation is easy. Attach microsecond timers to keyboard inputs and your distribution curve for interkey press rates will be *completely* random.
Once you pull the pin, Mr. Grenade is no longer your friend.
If software becomes reliant on a single random-number generator, what's to stop the NSA from instructing Intel to modify it so that the numbers have certain characteristics, difficult to detect by the unknowing but useful to those in the know? It's in Intel's best interest to be in the NSA's good books (as with any corporation). And if stuff like PGP depends on the random number generator, all of a sudden the NSA's brute-force crackers can be optimised to more quickly crack it.
It is conceivable that there would be an option to upgrade one's CPU; you'd have to first "de-authorise" your software so that it no longer runs on the old CPU, change CPUs and "re-authorise" it.
On the Mac there is such a scheme, where authorisation is done on a per-hard-disk basis, using a copy-protected floppy. (Not that I approve of it; I'd rather it wasn't there, but at least it allows customers to upgrade their machines.)
</DEVIL'S-ADVOCATE>
No more illegal overclockers... Finally.
Can you read? I said _illegal_ overclockers, as in the kind that take PII 233Mhz CPU's and relabel them as PII 300Mhz CPU's and sell them like PII 300 CPU's.
If some moron wants to overclock and is willing to suffer the consequences, this ID number will do nothing to stop them. This is in fact much better than forcing the CPU to a specific clock, since it does allow the home user to overclock.
This is provided that Intel actually registers each ID number with the CPU's speed and provides that information via the web. I don't see any reason why they wouldn't though.
OK, alot of people seem to disagree with the idea of having serial numbers on their chips. Running open source software myself, I am not to intimidated by this. I can understand how someone who has to use a closed source OS or application dosn't like this idea.
If Intel is really serious about this and wanted to get our support and do the right thing they would use all those lobbiests that we all know they have in Washington and get a bill passed. This law should force any program that uses hardware serial numbers to include compilable source code. It should make any other method of serial number access illegal. Then we can choose, without decption and abuse, what level of authentication to run programs encription etc, is acceptable. Accept no less.
Lets see if they care as much about their customers rights as much as they care about the damage overclocking does to their reputation.
Novel theory: Modern Man evolved from psychopath
Microsoft was supposedly working on this fairly secure "fingerprint" technology, where it stored the IDENTITY of whoever read the document, hidden in the document. Probably spoofable, but it would give clues to who was reading documents, either in Word or in IE.
:D
This was being designed for the leaders who run the corporation known as CHINA. Ugh.
And before you think something like that oculd never happen here, two words for you: "piracy" and "anti-terrorism".
-Scott
PS - Makes a great companion technology to digital paper too!
Maybe somebody out there with a Thesis to write will be kind enough to use the occasion to design an ASIC Pentium clone? And then release it under GPL? Something that could execute from a big Xilinx part would be ideal. Then somebody designs a standard open motherboard, and anonymous souls all over the world will make and sell copies.
Dog is my co-pilot.
developers of licensed software have been asking for a cpuid/hostid for years. they had them on sparc's and other real computers, now intel finally has them. good. that means more companies will consider writing unix software for intel chips. of course free software won't need such things.
as for the paranoid bit - oh give it up.
US Citizen living abroad? Register to vote!
Bit by bit, Richard Stallman's paper The Right to Read (from the 2/1997 Communications of the ACM) is coming true. Read this paper. It's scary, especially when you realize that he's talking about things that are already happening, or at least being proposed.
David Gould
David Gould
main(i){putchar(340056100>>(i-1)*5&31|!!(i<6)<< 6)&&main(++i);}
Just in case that was too subtle for anyone, he's talking about Reflections on Trusting Trust, which was posted here the other day.
Apparently, Ken Thompson added a piece of code to the C compiler that would detect when it was compiling the Unix login command and insert a special password. He then added a piece to detect when it was compiling the C compiler and add both of these routines. He then compiled the standard C compiler on this doctored version: the source is clean but the binary contains his hacks, with the effect that he can rootshell any Unix system that was compiled with any version of the C compiler that was compiled with his C compiler binary. He claims he never actually used this.
The point is that not only can you not trust binaries that you are given; you can't even trust binaries that you've compiled unless you trust your compiler, i.e., you wrote it yourself in assembly. I guess even then there could be hardware back doors, so you'd better make your own processors too.
But then, I'm not sure writing it yourself is such a good solution: I know there are no back doors in code I've written from scratch, but how far would I want to trust my own debugging skills? Dunno.
David Gould
David Gould
main(i){putchar(340056100>>(i-1)*5&31|!!(i<6)<< 6)&&main(++i);}
Now you can't be tied down to any specific hardware platform! Name it, Linux is on it... and if it ain't there yet, its coming soon.
Its spelt "L-I-N-U-X", but pronunced as "Free Beer"
Think about it. It's basically going to be a serial number inside the chip that you can use to check against Intel's product database. They're chucking a random number generator in there for encryption schemes because:
But, as I said, since it's not invading your privacy any, and if overclocking survives as a viable alternative to those who use it, WHO CARES?
Chas - The one, the only.
THANK GOD!!!
Chas - The one, the only.
THANK GOD!!!
Why need an ID? Just store the chip's official clockspeed in the same way as the ID would have been stored. Then there's no privacy invasion.
At first I felt a little sympathy for Intel over the issue of them getting a bad rap from people who got less processor than they paid for due to unscrupulous retailers.
Then I remembered all those 486 motherboards out there with extra sockets that were supposed to be upgradeable to Pentiums, and then I remembered all those motherboards with a disabled cpu soldered on because the co-processor upgrade included another processor (and a price that reflected it!), and then I thought about all the mothers at Intel.
I see even classic Slashdot is now pretty much unusable on dial up anymore.
Try looking at the fscking chip! The rated CPU clock speed is printed on it. If it's filed off, don't buy it. Sheesh...
Schwab
Editor, A1-AAA AmeriCaptions
Okay, so if they use this for software licensing, it doesn't necessarily tie you to the same CPU for your natural life. Every Sun workstation has a unique hostid that many software manufacturers use for software licensing. Want to upgrade or use the software on a different machine? Just e-mail the info to the license center and they issue a new license. Install the new license, and bang, the software works on the new machine (and not on the old one). It works well. There are obvious problems, one being what happens if you have a machine die and you need to use the software right away? You have to wait for the license center turnaround time to get the new license (in Sun's case, usually an hour or two).
Some software companies are already using unique IDs on Intel-based machines to license their software - an ethernet card MAC address. I know Pro/ENGINEER's NT version used to do this (and I assume it still does). So it's not such a big deal in the software licensing area. It's actually only a major problem for pirates (besides, who uses proprietary software anyway? The free stuff's much better. *grin*).
As for E-commerce, I can imagine the only good it would do is if a site required you to give them your CPU ID in order to buy stuff. Well, I wouldn't buy stuff from them. There are plenty of people willing to take your money without violating your privacy, so I don't imagine that scheme would go very far.
I don't see this as being a big deal, one way or another. It's not a huge privacy problem (the "stolen PC" argument is lame, because as others have pointed out, you still need some software to broadcast this ID), and it's not a very useful feature, either.
Hey, I'm not saying it's a good idea, I'm just saying it's not the end of privacy for every human on Earth. For one, Intel doesn't have the market clout to force it on everyone anymore. And for internet sites to require it will be the death of those sites, since old, ID-less CPUs will far outnumber the new ones for a long time (not to mention all the non-Intel computing platforms out there), so I can't imagine an e-commerce site shutting out everyone else.
Yes, hardware keys suck. But if it's not the CPU ID, they'll find another way (MAC address, dongle, whatever) to lock you down for a license.
You know, I wonder how much a company like Sun spends dicking around with licensing issues every year. Another good reason for software companies to move to a "free software, pay for support" model.
Intel refused to comment for this story.
I wonder why.
'As soon as you go on the Internet, you will be detected.' - Cryptographer
Who said that?
I gleaned just two pieces of information from this article. Intel will put two new features in its chips, and members of the ACLU are worried about the chip IDs. It's not clear whether all of the doomsday speculation that follows is part of Intel's master plan, or just extrapolated predictions by unknown persons and a journalist with a deadline. Where is the support for all of this? Are Intel's statements confidential? Why do I torture myself by clicking on these zdnet links???
I always mod up spelling trolls.
Actually, It will help with chip theft...
Many/most PC thefts these days involve opening the case and swiping the memory and CPU, both of which are difficult to identify, and easy to sell. Most companies could easily add the CPU IDs to their asset database and report them stolen. When the police catch up with someone with a dozen CPUs stashed under the bed, they could actually *prove* that they were the ones that went missing from xyz corp last week. It would also help you get your parts back if they were found, as you would be able to show they were actually yours.
As for the rest, you are right, and I think the writers should hang their heads in shame for writing such an ill thought out article.
Adrian
Hard drives have had serial numbers in them for years. Just remember, if someone tries to screw the public over something like this, the market will not allow it to happen.
--fatboy
IIRC, a reverse-biased zener diode is a particularly noisy beast, used to generate truly random noise.
I guess if you amplified this noise, then applied the output to a short monostable or something else to produce a spike given a certain input level, you would get a series of spikes separated with truly random intervals
... for probably less than a couple of dollars worth of parts. And a few dollars more to connect to perhaps the COM port.
"There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence."
With chip ID coding, now you can be sure of the chip you're using. I stopped purchasing Intel CPU's for this reason. Cyrix and AMD have extremely stringent, tamper-proof markings. Intel only has silk-screened letters on a soft plastic cartridge. I think Intel is moving in the right direction, even if some people here think it's for the wrong reasons (product tracking, et. al).
I don't like buying junk.
Kriston J. Rehberg
http://kriston.net/
Kriston
When my computer boots it says PENTIUM-MMX CPU at 225MHz. Has Intel ever made a 225MHz CPU? No, so where did it come from? My BIOS. My BIOS executes the CPUID instruction, which reports family, model, stepping, but not speed. BIOS then multiplies 75 (bus speed) by 3 (multiplier) to get the CPU speed. I assume that the CPUID (or any other) instruction could be made to read from a little ROM and report the speed, alerting users to potential mischief on the part of their vendors. But why do that? There is already a serial number stamped on P2s, if you are putting a ROM on the CPU, why not put the serial number in there instead of or in addition to other related stuff. That way, Intel can make a big fuss about how they care about this and are doing something about that, while not really doing anything in particular.
As to licensing for a CPU. Any software that locks to a serial number is as brain-dead as software that locks to a particular family/model/stepping or any other identifier in the system. If they want to enforce licensing well they will use dongals. That way they have control over the identifier, and you have control over which ONE machine you want the dongal plugged into.
Next up. Unless Microsoft and company want to master a new CD for each CPU, the Windows (or whatever) setup program will negotiate with the CPU's challenge/response serial number thingie. When this happens, a value will be stored somewhere (registry anyone?) which, if not matching the live one it just got from the CPU, the software stops, moans, self-destructs, whatever. Ask yourself, is there really any way to do this? Can we not simulate the process and then put the bogus, but workable key wherever it goes?
Ways to complicate life for people trying to break this: Pass laws (won't really stop anyone). Require intervention (once or often) with a remote server acting as license master (pointless, doesn't need the CPU serial number, think StarCraft). Well there is an infinite number of ways to make this task more difficult. Each of which has at least one workaround.
In the end what do we gain? What do we lose? It's debateable either way. If we were required to use our VIN as a password would that be a gain or a loss? I'm tired, I'll sleep now. Hope this makes sense in the morning.
See that "Preview" button?
I must be missing something here.
So, the cpus have an ID. How does that make Internet commerce more secure? Can't you make your browser just lie about the number when it sends in your request?
I see how this identifys computers in case of theft, the police just run a program on your computer that checks the number.
But I don't see how this makes internet commerce more secure, unless some sort of crypto is built into the chip too.
While I acknowledge all the potential good that can come out of chip IDs, there is far more potential for personal injury than personal protection.
Like any scheme that systematizes, quantifies, and collates identity, it invites mountains of abuse. Identity fraud is already a pervasive problem in our modern society (e.g. credit card fraud, fake IDs, IP swiping, etc.) Intertwining identity with computer hardware, in which there is already too much complacent faith, will bring new efficiency and detriment to misusing identity information.
On reflection, there are dozens of ways this instantly available personal information can be used to hard. Here's just a few that jump to mind. It invites malicious folks to victimize users by capturing their chip ID and having their CPU 'blacklisted' from the net by falsely reporting it stolen, or very effectively impersonating another user on the net. It won't be long before some hacker develops a hardware or software interception mechanism to fake the ID of the CPU, completely undermining this scheme and opening new opportunities for misrepresentation.
And because the misused identity is associated with the computer, this form of fraud will be far more nefarious than plain old IP swiping or email faking.
And while Intel claims they are not keeping a database of users associated with chips, it is inevitable that such a database will easily come into existence. All it takes is for some website to obtain your name and read the chip ID and voila. In the wrong hands, this is a spammer or unscrupulous marketers dream. With a mere visit to a website, without relaying any information, the site automatically has your address, phone number, email, etc. If the information is associated anywhere, it will be available everywhere. That's the nature of the modern age.
Intel is just making that insult to our privacy one step easier.
there's a big difference that xinit is missing. To check the serial number on my tv/vcr/bicycle/processor case/whatnot the police need physical access to my property. That has a nice way of requiring them to do inconvenient, archaic things like *getting a search warrent*. I don't want a unique ID for my CPU accessable to any e-business and two bit script-kid cracker out there! Once I buy a processor, it becomes my physical property. Intel has no right (or need) to know where I put it or what I do with it.
0 1 - just my two bits
as for tracking, well, they do it now with cookies, so just go ahead an disable them, you can always turn them on for the odd site that you do trust and needs them.
oh, and if you don't like the idea that the net remembers what you said, make sure you stop posting anywhere! I for one don't mind people finding out what I've posted, since I consider postings to be public, so I think services like dejanews are a good thing.
I'm sorry if anyone disagrees with me, but I just plain don't like this idea at all. I'm not some "everything is a conspiricy" looney either.
I like my privacy. The personal information currently available for identification is plenty.
What about transfer of ownership and upgrades? Sounds like a pain in the ass to maintain, anyway.
A much unneeded complication.
The option to "opt out" doesn't make it any better. It's just too easily abused, and creeps me out.
"May you spend two hours in heaven before the devil finds out you're dead." --Irish Toast
Personally I'd like to see another bios option to prevent software from accessing the cpu's serial number. This way we don't have to wait around for someone to make the software patch available for whatever non-standard OS that one chooses to run.
Thats still really not good. What if you have a processor failier and have to have a new one next day air mailed to you? So after you get that processor, that machine's software is still until you can do this "de-authorise"-"re-authorise" process. Great, thats another week or so.
--Dast
This sig is false.
As seen recently in the French case, restrictions on use of cryptography are lifted, or its use is encouraged, mostly when that is in the interest of the corporate world, even when it is done allegedly in the interest of personal privacy.
As many have commented already, giving a unique ID to each processor is neither an interesting way to promote secure e-commerce nor required to protect buyers against overclocking. But there may be several unconfessed reasons for promoting such measures.
In principle we could avoid disclosing CPU ids,
but imagine that in some way most of the commercial online services start requiring access to our CPU ids for granting access permission. This may be forced by government or become part of "standard" corporate policy in their quest for more and more private consumer information.
Then either you comply and give away another part of your privacy or you don't comply and, as e-commerce and other online services become more and more predominant, your options become increasingly limited.
We already have many interesting examples: credit cards and cellular phones are already means to disclose our shopping habits and our location, for instance. Yet it is becoming quite difficult for many of us to avoid using them.
Electronically identifying and tracking our cars, our phones, our computers, even our pets, is just the beginning. As biometric security systems get cheaper and more effective, we will probably see their usage spreading widely. Soon you may have to show your iris or a fingerprint to access common services which now require a simple password or a PIN. Then YOUR BODY will be electronically identified and tracked, everywhere. Paraphrasing Philip Greenspun (http://photo.net/philg/), this is a future so bright you'll have to wear sun glasses.
When I make a purchase, no one writes down my VIN to track my spending habits. The closest tracking any store can do is add a phone number or zip code in the computer (assuming I'm paying cash). But I can refuse these requests (particularly the phone number).
But it seems to me that with this Intel proposal, one runs the risk of vendors secretly tracking what computers on the Internet are spending the most money on whatever items. And making money off of the data.
I have no idea how this works with a multiuser system, but I can just see the new flood of junk mail to those computers that actually do commerce on the Internet.
Comparison to hard drive, computer, broom, or other serial numbers are not valid since they cannot be queried in software and collected by some outside organization. THAT's the problem I have with it.
~afniv
"Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"
"We could be happy if the air was as pure as the beer"
~afniv
"Man könnte froh sein, wenn die Luft so rein wäre wie das Bier"
Richard von Weizs
If it stops Intel having to put a FSB lock then I am up for it. Maybe they could take the mult lock off as well.
What I think would be good, is to have a write once bit on the cpu that is set whenever the FSB or Mult lock exceeds the rated speed or setting. This would be good to protect people from buying 2nd gear that has been o/c in the past, also would eliminate Intel's claim that they have to honour the warranty on CPU's that have been O/C. Think, if they do not have to honour, then they have no incentive to prevent the hobbyist pushing thier hardware.
As a means of identity on the net, well that is not quite true as it just identifies the cpu in current use.
Ice
"Because we are not employing at entry level, offshoring will kill our industry stone dead."
2) have criminal activity to hide
And how do you define criminal activity? What you amy think is leagal might be considered horribly illegal by the controling body. Imagine if your beloved Linux became criminal activity. Not fun (for you).
- alex
The revolution will be mocked
I'm no cryptoexpert either, but I think there are certain kinds of non-randomness which are hard to test for, if you don't know what you're looking for. On the other hand a nonpseudo random number generator is something I've always thought should be built into chips. But then maybe that's just because I got burned by the terrible PRNG's in Numerical Recipes first edition, which the authors thought that they had tested to ensure they were sufficiently random...
--Artemisia
Can't wait.
Aren't you dead?
This ID is not good for
a) E-Commerce..many people use one computer at home and one person uses many computers at work. There is no one to one ratio.
b) And unless there is a compulsive registry of ID to purchaser then knowing a criminal's ID does not help you find them.
c) If there is a no-ID patch like the article said, then stolen computers will just be patched, therefore no problem. Unless it is only a PARTIAL patch, then it is really not a opt-out patch at all.
This ID is perfect for one and only one thing. Software companies can sell software licensed only to work on a specific CPU. They could sell software over the internet knowing it can only be run on the target machine. Kind of the ultimate proprietary software. To be any more securely restrictive you would have to sell it as a ROM.....
I don't know what Microsoft will do about this, but I can tell you that this never was a problem with software for Sun machines. Every sun has an unique hostid (which can be changed, but if you don't do anything to your machine, it's unique). Now when you buy software that is node locked or otherwise protected, you usually have a license daemon running, that checks the license number against your hostid and gives the OK to run the software.
Whenever you upgrade your machine, or the CPU or just the NVRAM chip you just submit a change request to customer servervice and you get a new license.
No problem and usually no big deal to get it done in a timely manner.
I don't see a problem with this CPU ID thing at all. And BTW if you have a network adapter in your computer, you already have a sort of hardware ID. Every ethernet card has it's very own ethernet address, which is unique and can be used for software licensing as well.
No, your coffee machine is probably very quiet as far as internet traffic is concerned, but your network card and your networking software do "broadcast" quite a bit of information with every packet you put out to the internet.
And you first need software that will take your CPU ID and send it out to the net.
hmm... and a random number generator? Must be yet another bug in the manufacturing or design process.
-t.
Aren't all computers planned to be obselete? And in any case, up until October you could run the latest version of the Mac OS on computers all the way back from the 040 days ('90? I forget). Try running Win98 on a 486. Linux is, of course, a different matter. And if you look closely, the only proprietary things on the new pro G3s is the ADB port (for dongle & ColorSync compatibility) and the Mac OS itself. Think before you speak.
What would be a good way to express to Intel one's grave concerns about the proposed? Do people think this can be changed? Based on Intel's pre-emptive briefing to the ACLU, Intel is at least sensitive.
Also, what's to keep Intel or any other chipmaker from doing this without telling us? How do we know they haven't already?
Beware MS and Intel are evil!!!! Bill Gates is Satan himself! Thats why I run Linux, cause its not a evil OS like the MS ones :) BEWARE....my processor will be a K7 when the Mark of the Beast begins....I rather have a 7 mark (K7) than a 6 (intel) and a 7 mark OS (linux) than a 6 (winblows 2000). Don't fall into the Beast plans for the future. Stay unevil
...use Linux.....God's weapon against MS!
NaTaS
http://natas.startx.org
Natas of
-=Pedophagia=-
http://www.mp3.com/pedophagia
Also Admin of
http://loki.linuxgames.com
The arguements stated in the article definitly aren't the real reasons behind the proposal. They don't make sense. You can't track a thief if he can disable the ID transmission with a patch.
You could just as easily embed the clock speed the chip was sold at as you could embed a serial number (much easier actually)
the e-commerce possibilities could only be realized with a standard that ALL hosts adhered to.
IMO the whole reason intel is doing this is for Intel. They want to enable node locked software licensing. If they are the only ones that support this "feature" then you will only be able to run PC-nodelocked software on INTEL PCs.
I am not completely against hardware IDs for systems although it doesn't seem to make sense in the home PC market where a large number of users regularly upgrade CPUs and motherboards. If all your software was node-locked you would need to contact each vendor for new licenses with each CPU upgrade.
For a commercial UNIX workstation you are usually only running one or two nodelocked apps per machine. With PCs you run many different software packages. What a pain if your machine running turbo tax crashes in the middle of the night on April 15th.
If Intel succeeds in this, what are the chances that it would slow down the upgrade cycle?
They could be shooting themselves in the foot.
Hey, Intel isn't the only game in town.
Using the chip id to identify 'hot' PC's should be a resounding failure since 1) not all chips will have the id and therefore cannot be required and 2) a determined theif would use the 'patch' that would be out shortly after the release of the new chips to mask the chip id.
Since overclocking is more a function of the motherboard/chipset than of the processor, Intel would be reliant on MB manufacturers to enfore the no overclocking mandate, and that should be unlinkely.
The only possible benefits I would see out of this is from a consumer standpoint of being able to identify that a chip really is rated at the advertised speed, and possibly using the id as an alternative to the hardware keys ("dongle") on expensive software. Again, since it's only on Intel PC's the usefulness is REALLY limited.
The prng should be interesting, though.
Recently a friend of mine had 5 moderately well equipped servers stolen from him. While his insureance will cover some of the purchase price, he has lost thousands of hours of time and work. If when one purchases a computer, they could register a CPU ID to their name, this would allow for it to be made possible to track if your computer came online, from which host/ip and possibly regain stolen possesions. This would of course have to be overseen with strict security, as we don't want everyone seeing what we're doing, but it would make stealing a computer the same as boosting a cell f0ne, in that after a while, it becomes worthless, and no one will provide service.
i didnt think intel could suck more.
ahh well. Like i want one of those
energy hoggin overclocked crap a-s chips
with POS technology anyways.
intel's fast. thats it.
put it this way: i could put a Jet engine
on top of a pinto and it'd go real fast, but
it'd still be a piece of sh-t
I'm afraid. I'm afraid, Dave. Dave, my mind is going. I can feel it. I can feel it. My mind is going.
If they are to associate an ID embeded in a chip with each person that purchases a chip, then they have their work cut out for them. What happens when a person sell's their computer? Does every computer reseller have to make sure and register the people they are selling processors to? It seems to me that after a few years it would become impossible to keep up with all the ID to Person mappings.
With everyone connected it's only a matter of time :p
until your IP addy (or other electronic tag) will be as tracable as a telephone number. How can we protect our privacy. One idea might be a chip swap
in a back alley somewhere... But wait, the chips will have GPS tracking built in..
I was making a point. Okay IP ADDRESS It's only a matter of time. Your CPU has an electronic ID. Your OS is running a TCP/IP stack, you are on the net. How many lines of code in your BIOS would it take to report this ID to INTEL over the net? In the future when you buy a new PC you have to fill out a registration card to keep your warranty this CPU ID number is included with other information like your snail address. If the FEDS want to find you they call INTEL and check to see if you purchased a computer. The FEDS then get a log from intel when you have connected from the net and from where.. Do you see a pattern here? a 1984 or something? Does clipper chip ring a bell..?
I don't want to start a flame war here. My posts are a hypothetical situation.
Any hole in a system that is open to private information will be exploited.....
I wonder how an ID is going to help e-commerce. How will they keep track of who owns the CPU ID? What if I stole a computer from a store and then I use a carded ISP account to connect to the internet then they would not be able to find me.
I think this is another piss-poor attempt of Intel trying to provide people with a false sense of security. How will people who do not have Intel chips (or a PC for that matter) be able to buy goods online if such a CPU ID is required to conduct e-commerce. I'm pretty sure no e-vendor would limit their customer base to Intel users only. I think this is a waste of research time and anyone who buys an Intel chip because of this feature is an idiot. I hope Intel chokes on its own poo with this one.
A summary of Intel's stupidity regarding this issue:
1) "Stolen PCs cannot get on the internet"
- I would love to see how they try to implement this.
2) "The plan calls for Intel to put a machine specific ID and a random number generator in every processor"
- I doubt that it will be truly random. I bet someone will break the algorithm in less than a year forcing Intel to recall all of their processors. Bwahahahahahahahahahahaha!
3) "But with an electronic ID attached to each processor, consumers will be able to check their processor against Intel's database of products and find out at what speed the processor was sold."
- It would be easier if Intel just made software to test this instead.
4) "Intel says they're not keeping a database matching users to their ID numbers"
- Then how will they know if it is stolen? I could just call up Intel one day and tell them that was stolen then that will prevent him from getting online
F0 0F C7 C8
EOF
Uhm, how will this prevent software piracy? I'm pretty sure someone will break this algorithm within a year and publish it all over the WWW. This would also require other processor companies to implement CPU ID on their products.
I wonder how many H-1 Visa employees at Intel worked on this and how many of them already have given blueprints of the algorithm to their cousins in New Delhi.
Well this is just one thing in a line of other.. ..
Anonymity is getting more and more just a privilege for thouse knowlegeable enough to make themselves anonymous.. If this id is used for tradeing and authentication, I would sure stop to trade. The id has to be implemented with software part on the cpu, since the physicaly cpu has to be alike. It would amaze me if noone found the way to change that around pretty fast.. realy amaze me.. now that would be fun... uhm.. mayby I should get one of thouse alpha's anyway
As zdnet is going to edit my responce to their article, and I'd like to hear some comments (maybe ;) I thought I'd post it here as well...
The implications of this action go far beyond what was stated in this article. Chip-based ID numbers give few benefits and alot of responsibility given to those who have proven themselves otherwise time and time again.
Tying commercial ID to a piece of hardware, especially a piece of hardware replaced as often as a CPU is ludicrous! What if I upgrade? What if I have more than one computer? What if I'm at a public terminal, or a friends computer? What if my computer gets stolen? Will someone be able to transfer funds from my accounts because they stole my laptop? What if someone breaks into my computer and sends death-threats in my name? A piece of code I can carry on a disk (or beter yet, in my memory) is far more portable and universal as a personal ID.
Second, if Intel is so worried about overclocking fraud, why not just encode into the chip what speed THEY sold it as, and release the code required to query the chip. If someone thinks they got burned on an overclocked chip, give them the tools to take their grievance to the BBB, the Police, or a pair of hired thugs if you're so inclined. As to theft, don't CPU's have Serial Numbers already? This won't make fraud and theft go away, it'll just make it more difficult to detect.
It also seems to me that a persons ID could easily be stolen. Just write a daemon to watch for the incoming CPU ID query, intercept it, and reply with a packet you stole from a remote system by sending it a query packet. The only alternitive is to have the CPU compare every bit of data that goes through it with what a query packet looks like, which seems to be quite a waste of valuable CPU space & time.
Incidently, the patch that intel offers seems more like placing a piece of tape over the bar code, rather than removing it. Can the CPU be un-patched?
Anonymous speach is extremly important in any society that claims to be free. Sometimes a responsible citizen is forced by honor to break the law. What of the political dissident who wishes to speak out, but can't because any message they send will cause them do dissapear?
A section of the chip capable of generating random numbers (utilizing quantum effects) would be extremly handy....In fact, I think it's the only good idea in this entire proposal.
This "revolutionary" (or is it counter-revolutionary) double-edged sword is very dull on the side I'd want to use, and I could shave with the other.
I stand corrected again....techweb has an article on it....it's going to be a standard feature on the Pentium III's (and the associated celerons).
0 17
http://www.techweb.com/wire/story/TWB19990120S0
Don't forget the "Win" in Wintel.Mr.Bill wants to charge a yearly license fee for his new 'doze 2000 and what better way to keep tabs on his investment.Can't have folks passing around the cd now can we? Let's see..to push it past the public we will need to utter the magic mantra.."it fights kiddie porn" and let's throw in .."it will help update your software so you won't have to think about it"..for good measure.
Tired of being another body in the flock? Linux ! We are not sheep anymore.
First they put them in you car, so it wont
:~(
get stolen
Then they put them in your dog, so he is easier
to find.....
Then they put them in your computer, so they can
lower cost, and reduce fraud......
Then they will put them in your children, so you
can be secure in knowing your child's whereabouts
.....
Finaly they will put them in you, so you can't
break their laws
-Master Switch
-Master Switch, one more element in the machine
Up to now, the only way provided by Microsoft to identify laptops for licensing purposes has been by the address of the NIC card, and that is an unreliable, quirky method. Three cheers for Intel.
You are free to buy some MSFT stock. Then you will be happy when they make more money.
Tracking can hurt you, even if you don't do anything illegal; your viewing and shopping habits can be used against you. e.g. if you buy a lot of beer, that could be brought up as evidence in court. Employers and insurance companies would also be interested in "what kind of a person you are."
See (http://www.msnbc.com/local/KNSD/119513.asp) for an example of what grocery club cards can to do you.
Avoid trading convenience/pocket change for privacy!
So the suggestion is that if we have done nothing wrong we should be willing to give up some freedom? This is absurd.
Their benefits arguments don't make sense. On the one hand, they claim that the major benefit is that if someone steals your computer, then uses it to connect to the internet, it will give itself away. On the other hand, they claim that they will make software available to easily disable the autoidentification... which is it, it can't work both ways!
IMHO, I think security takes a giant step backwards when you start authenticating machines instead of people. My take on this is that now anybody with physical access to my computer is me for the sake of ecommerce... I find this very disturbing. Also, unlike a password, once somebody figures out how to spoof your CPU ID, it can't be changed!. Finally, I don't understand what this will do for me that a good public key system won't do much better...
"Freedom means freedom for everybody" -- Dick Cheney
Well for one, I'd hate to have to buy all new software everytime I upgrade my CPU...
"Freedom means freedom for everybody" -- Dick Cheney
Intel doesn't need ID's *or* FSB/multiplier lock to stop false marking of CPU's! Just a few ROM bits to tell what bus/clock speed the chip is approved for, and maybe something to tell what it is actually running at.
> then it might be too late to write the configuration bits.
Couldn't you put the clock ID bits in some sort of microcode?
So, it says this will put an end to illegal overclocking: ie, companies buying lower Hz and selling as higher Hz.
The question is, will intel stop multiplier locking their chips so its easier for those who want to overclock to overclock.
Somehow, I doubt it.