Slashdot Mirror
Intel Bows to Pressure- Changes PIII ID
Justin Cave writes "Intel states that they will change
the PIII's unique ID feature in response to
public pressure. They will disable the feature by default and provide software to permanently disable it. "
yea! for us!
I think slashdot does have an effect on people.
It was a very controversial topic anyway.
c706005@showme.missouri.edu
Of course the number is still there, and sites/software could require you to provide it... but at least now you can choose not to provide it, if you don't want their services.
We should call today VP Day (in the same vein as the VJ and VE days) to celebrate our privacy and independence and a big victory over the big bad corporations. Thank you Intel, for backing down.
AMD or Cyrix won't support this ID will they? I have an AMD K-2 now and love it, I will definitely stick with them given Intel's chip ID.
who cares.
Intel say they know what they _are_ said, they don't. Intel has no idea what they are doing.
Intel is too fucking cheap.
Many online are skeptical about the effectiveness of old-fashioned liberal devices like boycotts. Well, here's some pudding, proof included! How many hours was it from the time the boycott was called until Intel backed down? Protest, people, it gives you power!
If this can be enabled/disabled by software, what is to stop Windows 2000 from quietly turning this "feature" back on? After all, they do have a track record of quietly sneaking information off your machine without your concent already.
Unless this thing is removed completely, I plan to buy non-Intel and encourage all of the non-technical people who are always asking me for advice to do the same. Considering I am personally responsible for recommending roughly $4M in PC sales to my clients in 1998 alone, the missing CPU revenue will be a small but important dent in Intel sales.
I mean, without open source for the "utility," how do we *really* know it's disabled?
Sorry, I don't see this as a reason to stop the boycott.
_Deirdre (deeny aka deirdre@deirdre.net, logging in from work and not having either cookie or password handy)
>Among other things, the feature offers a boon for electronic commerce, allowing companies and shoppers to feel more secure in the transmission of sensitive data.
Yes, as long as you feel secure, it doesn't matter that you are not. I feel fine using 128 bit Netscape, and if the dopes out there would demand it be the default download for the whole damn world...
Yeah, right, then "terrorists could use their web browsers to launch a computer attack and bring down the internet (which is AOL, right?). What use could I possibly have for military grade encryption? Are you sure that is legal? Hmm, I better not install that, I don't wanna get arrested."
The Intel key is a problem, a big one. I hope Europe cuts off trade with us (/me US citizen).
They _do_ have the larger economy...
-k
If software can turn the feature off irreversibly, then that seems to make the situation even worse. Suppose I want the feature - whether it's a good idea for me to want that is none of your business, the point is that I should be able to control my own machine. Then suppose one of you maniacs decides to do the world a "service" by releasing a virus to disable it. (I'm sure there will be plenty of volunteers now that I've posted the idea.) Well then, if I catch the virus, I'm screwed! It seems like a really bad idea for software to be able to make changes that software can't reverse.
OTOH, if software *can* reverse the change, then Intel would appear to be lying to us. I think the most probable explanation is that some of the powers they ascribe to the CPU actually belong to the OS - "permanently" disabling the feature may mean flipping a bit that can't be flipped back without a system reset, and to make it survive reboots you tell your kernel to flip the bit every time you boot. There's precedent for this kind of misinformation, after all the claims they made about "your ID is transmitted over the Net" when that's obviously the kernel's decision, not the CPU's.
You are exactly right.
I am not willing to rely on the installed base
of not ID-ed machines to save me. This thing
has to be stopped before it gets started.
"Our server indicates you have disabled
your ID key. Please reboot and reconnect"
-k
If you don't like the idea of your CPU having an ID, don't buy one. If your ISP requires a CPU ID, get another ISP. If Microsoft requires CPU ID to get OS upgrades, get another OS.
You do have a choice.
Well, they won't be able to keep that secret long if they want this backdoor to be used. We should try to get some sort of legal commitment from Intel. Although they could always do what MS does and cry "bug!", such a bug could justify demanding a refund, at least while you're on warranty. We could sniff through proxy servers to verify whether anything is getting through. Only problem is if it's sent as part of an encrypted message.
The only way to get rid of this problem is to
make it so the feature can only be enabled or
disabled by physically changing a jumper setting.
I don't trust this software-on, software-off
thing, even if you do have to reboot for it to
take effect. How many windows programs tell you
that you have to reboot to complete their install
process?
Even some Linux goodies, e.g., kernel patches,
require rebooting to be fully installed. Do you
really READ all the source code to all your
downloads, when it is available? Here come the
trojan horses...
Wish they would have stood up for something instead of folding like a cheap deck of cards.
Are you implying that normal dynamic PPP addresses are somehow anonymous?
The ISP does keep logs you know...
---*Snip*
If this can be enabled/disabled by software, what is to stop Windows 2000 from quietly turning this "feature" back on?
---*Snip*
Oh, that's an easy one. Just don't install Windows on your system. Don't need to, with Linux, anyway.
The CPU ID was a bad idea not just because of it's police state implications, but for the simple fact that Microsoft, Intel, and everyone else who makes mass-market hardware and software benefits to some extent by software piracy.
On the hardware side, creating a system which removes the ability for the 'normal user' to pirate software removes the incentive for a certain percentage of users to upgrade their systems. On the software side, ask an honest IT manager -- "Why is your standard platform Office 97 and not Office 95?" - "Because we couldn't stop the users from installing (pirate) Office 97 themselves."
Furthermore, it's my understanding that Intel has left their chips 'untraceable' up to this point because they specifically allow certain slow moving chips to leave "through the back door" and into clone shops around the world. Traceable CPUs would kill this business.
However, I could see Intel placing CPU IDs on chips headed to Asia-Pacific markets, etc.
"News for nerds"? What a laugh.
Look, the only way that this ID number is going to get out on the net is if some piece of software sends it. Probably your browser (you are running MSIE, right?) but possibly your IP stack (because everyone runs Windows. No other operating systems exist!) The CPU, by itself, can't magically emit serial numbers "onto the internet".
So, you may argue, what if some e-commerce site requests this number when you do business with them? Well, for one thing, you can refuse --- refuse to give them the number or refuse to do business with them. It works for cookies and it works when they want demographic info; it'll work for a PSN. For another thing, since it's all done in software, it's utterly trivial to give a false or random PSN. (Whoops, I forgot, everyone here uses Microsoft stuff and therefore has no control over what their machine is doing. My mistake!)
This is a software issue, not a hardware issue. If the software wants to make you trackable, it already has plenty of information available to it. Especially commercial software with all those license keys and stuff. Having a serial number uniquely tied to the CPU you happen to be using this week will not make this any easier.
Having a machine-readable serial number on each piece of hardware is, OTOH, very useful for inventory and failure-tracking purposes (inside a lerge organization, say). And, just like the serial number stamped on everything else you own, it can be used to identify stolen physical property --- as far as I can tell, this is what Intel actually has in mind. But it's no more useful for electronic security than the date-codes stamped on the outside of the chip are.
It's amazing how many slashdotters haven't the vaguest conception what's going on inside their machines.
wiml@hhhh.org
whois and a telephone can be very helpful for idenifying whole subnets. "hello, i was interested in getting a static ip, i was wondering if you provide them? really, how many do you have? any idea what my address would be? great, ill call back later today with all the info you'll need."
granted that's alot of phone calls, but much of the information can be gathered from web sites. also a few periodic port scans would give an idea if a subnet changed it's characteristics too often. the main thing the snoopers have working for them is that isp's don't change policies so often anymore. one check per subnet is all it takes to know that subnet for a few years. people change email addresses, that doesn't stop people from selling them.
Actually, I agree that some of the more Nazi-minded corporations would love CPU IDs. (Have you heard about places where every MAC address has to be registered?)
Regardless of Linux's technical superiority, Linux is now and will for the foreseeable future be the underdog. Many of us here run Linux while our less technical relatives run Windoze. What they don't know will hurt them which is why, even if it won't effect the Open Source community, we need to sound the alarms for the Windoze community as they will be the victims of what is to come.
So Intel add a unique ID to the Pentium III. Well, what's the big deal? After all, there are not only other chips which have that already, but also even Intel's own Xeon processor already does.
It seems to me that the only people whining and complaining about this are those that are somehow involved in selling their own protection stuff...
I want to keep my clients.
I meant that rather than advocating Intel boxes, I would be recommending AMD or Cyrix machines to my clients for desktop machines and Alphas for servers.
Thank you! I was going to make the same point that the only way that software would not be involved in getting your ID out onto the net would be if all the logic from the top of the network layer on down through the physical interface to the media you're using were hardwired into the CPU. Ridiculous! Even high-end routers rarely involve that level of integration, let alone a consumer-oriented CPU.
It's nice to see that at least one other person here has a clue; I was beginning to wonder.
Isn't this P3 ID similar to the serial number in
all SPARCs? I'm not talking about hostid, which
can be re-engineered, but the SPARC CPU serial number, which can't be faked.
>...Intel is actively seeking...
Intel can't do this on their own. OS code has to be involved, and Intel doesn't write OS code. All Intel has done is provide a technology that could be abused the way you fear...or could be used in other, positive, ways. Are we going to jump all over every new technology because it _could_ be abused? What if we find out that the CIA is using a Beowulf cluster to eavesdrop on Internet traffic! Down with Linux as an Enemy of the People!
Get real.
>I will absolutely refuse to do any business with e-commerce sites that support Intel's CPU ID scheme
Great. Super. I have no problem with this. I happen to think it's a paranoid attitude, but it's still one I can respect. Just bear in mind that it's the site's abuse of technology, not the technology itself (which several people have already pointed out is pretty redundant anyway), that's the culprit.
I'm just curious, but how hard would it be for someone to write a program that would enable the number and extract it without telling you? If they can write software to disable it permanantly, someone could write software to turn it on, and stick it onto a web page or something.
Forget a Winblows control panel, make it switchable by the BIOS. In the bios how about modes like:
Always off
On by default, software selectable
Off by default, software selectable
Always on
Intel still intends to ship the chips with the ID tag. This is still unacceptable, even if it *can* be turned off.
Boycott Intel. I don't want Big Brother inside my computer, even if I can _technically_ turn him off.
Well, sure it won't be a problem "for a long time." There are other reasons to upgrade to a PIII. Speed, newest-thing kewlness, default configurations from assembly-and-shipping companies come to mind. The PIII market will grow with or without the GUID, and it'll grow faster with (possibly bogus) assurances from Intel that you can always opt out.
The point is, if the GUID goes through, we'll see the PC market steadily get tagged. In 2005, how many people will be using an ancient P1 or P2? THAT's when the "sorry, you can't use our site/services/software until you send your GUID" messages start.
If I read the article correctly (and if the article was written properly), you would have to reboot your computer in order to reenable this "feature". IMHO, this is a better implementation than simply having a dialog box appear.
Damn, you're trusting. Have you forgotten how Microsoft grabbed directory trees of all the clueless users that upgraded to Win95? And how they later claimed that it was for tech support, even though MS tech support was claiming they didn't have access to the data?
Have you forgotten the MS vs DR-DOS bogus-bug scam? Have you forgotten Intel's "the FDIV bug will only affect high-end scientific numerical modeling and other Power Users (TM), don't you worry your pretty little prole heads about it" line?
Oh, I doubt this ID would be used in a promiscuous fashion. And I'll buy that bridge, too, since you're offering.
How about having Slashdot check for the number and warn users if it is turned on. Might be useful.
A quote: And, just like the serial number stamped on everything else you own, it can be used to identify stolen physical property --- as far as I can tell, this is what Intel actually has in mind.
/ pg012099.htm
Well, then they should _say so_ instead of expecting everyone go gaga when they promise "us" that "we" will feel safer when doing commerce online! Read the news releases again, the whole thing is about making online commerce more secure.
http://www.intel.com/pressroom/archive/speeches
From the horses mouth. He basically just jokes about people trying to build a Pentium and then rambles about how peripherals will get the same treatment in 2001. Lesse, what else does Intel
make that they could bury an ID number in???
It's not us dorks that order 300As over the internet they're aiming at, it's the pointy hairs who will be buying big blocks of PIIIs this year because they want to be "secure", they want to know what their Dilberts are up to.
It just has the side effect of pissing (some of us) off!
-k
I am not the originator of these idea, but "secure" e-commerce can be modelled on some existing methods. For instance, if I wanted to get money at an ATM using my visa card, I would have to scan the magnetic strip and then enter a password. Why can't similar magnetic card readers and requisite software be sold and installed on one's computer? I know that adds costs but it can't be that great.
:-)) that could serve as a computer credit card? This would entail an additonal link to the verifying bank then back to the vendor, but it is technically possible.
Why can't credit card companies or banks send you a special floppy disk (woops, too bad if you have an iMac
If someone stole your card or disk, there is the possibility that they would have a computer setup to automatically crack your password. Okay, so setup some sort of password system like kerberos. I think that should help.
There are other ways that e-commerce can be performed other than using a cpuid. If people want to use these, well, it's their choice.
You're presuming it can _really_ be disabled, and thet Intel isn't just spewing forth the bullshit they think you want to hear. Just because they SAY it can be disabled doesn't mean it can be.
Intel has no credibility, and obviously can't be trusted with a defacto monopoly on the x86 instruction set.
Hey, FTC - look at Intel.
Don't buy Intel or Microsoft because the only purpose in my mind for Intel hardware is a cheapo machine for NetBSD or Linux. With the price performance of AMD and Cyrix-333 for $60US why use a PIII instead of that go at and buy a risc system like an Alpha. Me Personally will wait for the K7 with the ev8 logic board and a copper K7 with throughput of up to 1.3 gigabytes.
Intel has ALREADY approched RSA about just such an encryption scheme. This IS a serious issue. It must be stopped before it is implemented.
Actually, we have more to worry about from individuals that from companies. E.g., I'm much more concerned over my static IP address leaking to some loser on a Quake server who is really annoyed because I'm kicking his ass all over the level and will waste ny time trying to crack me than I am that some big company will get it and use it to target their advertising.
To just disable it is not enough. I don't want any sofeware turning it back on. Intel has not done enough. They cripple thier microprocessors all the time, but why do they want to manipulate this one with software? Hmmm... I'm afraid big brother is still inside.
Speaking of "ignorant," this dude doesn't seem to know about the Wintel monopoly. Geez.
>>To re-enable it, you must reboot, which
>> would not be a "quiet" act on the >>part of the OS.
This assumes we can believe what they are telling us, which I do not assume, particularly not since they've been forced into this concession. In any case, I think a backdoor for the NSA or FBI to pull your CPUID (and break your encryption too) is at least as likely as something to catch software pirates, though never underestimate the sneakiness of the Bill.
But it's not being enforced. There has been some hand-wringing about it not being enforced, but Europe doesn't want to cut off oodles of US websites, as their laws say they should, and the US is pushing the envelop to see how long they can get away with it. So far, so good, from the US viewpoint.
True, for this to be usable MS would have to cooperate with Intel. In case you haven't notice, this is not unprecedented, recent backbiting notwithstanding. BeOS could also be pressured to tow the line. In theory, so could Red Hat but Open Source does present a problem for bringing Linux in line with this. So let's assume Linux is out: 1) Linux still has little desktop penetration, so it's not a great loss to Intel 2) MS users have rights too. The Net should be structured to protect everyone's rights, not just those technical enough to use Linux or to hack around the problems. Just like weaklings have as much right not to be mugged as athletes.
Yes, many of those things are a problem. I wasn't aware of this aspect of IPv6. Thanks for the info, if not the attittude. It's amazing that those whose basic position is simply to trust and obey authority believe they are showing such sophistication when it is difficult to see when this has ever been the mark of a strong mind.
The old game. Special offers. No credit card required (in house credit). Etc. Give the marketeers credit for some intelligence; they've been at this awhile.
The only reason Intel backed down was to get some relief in their anti-trust lawsuit.
Can one person make a difference? is the question people often ask themselves when it comes to protesting. There's some truth to the negative answer. If I, alone, one person, marches about in front of Inrel with a "Stop Big Brother Chip ID tracking now!" sign, few will listen to or even see me. If I put up a small web site and post a few articles linking to it, thousands and perhaps even millions will at least glance at it (and read if interested). A true instantaneous public press, the internet is indeed the great equalizer.
/. puts up a link to a protest page, well, than that's better than CNN! :)
Now if
ipchains -P forward MASQ
:)
What do you think happens when a couple hundred people concerned about privacy and having high-bandwidth lines do that?
- RF (dfelker@cnu.edu)
Intel changed nothing except the default
setting of the hardware. This is like a
car company shipping all their cars with
cameras pointing at the driver, then saying
OK, we'll ship the cars with the cameras
turned off. Later, when some drive-ins,
toll roads, and neighborhood associations
start requiring that visitors transmit live
driver images, then people will have to
choose: either turn on the camera, or don't
go there.
The analogy only goes so far. But the point
is, once you have an installed base of hardware
that enables things like tracking, you can not
turn back. Basically all Intel has done now
has issued a press release for damage control,
and said they will write some software, which
will end up being suspect in any case since no
OS will ever get lower level than the hardware.
I'm just amazed and disappointed at how
effective their damage control has been with
some gullible folks here.
Definitely boycott Intel, especially after their
latest move, which turns out to be just a press-
release ploy.
It's as if they are selling cars with cameras
built in pointing at the driver and transmitting
the signal continuously, and now their saying
they'll ship the cameras with lens caps. Just
guess how long it will take before anyone who
keeps the lens cap on is labelled as paranoid.
I don't believe it is enougth, because the simple fact that the feature is there opens a window to sites requiring that the feature is turned on in order to work well. (not counting mainstream OSes, major programs and stuff like that, since most of uses linux anyway)
Most likely the 'what's related' feature that follows people's browsing to find common area's of interest.
Now if that's turned off in the options, and those strange packits still apear, worry.
You dont know anything about intel cpu's do you? Intel cpu's have been able to take microcode updates since the P54C (using special equipment).
PII's have a utility to patch new microcode into a compatible flash bios, that will load upon boot. There have already been fixes to the pII that most people dont even know about.
It is entirely possible that Intel works with the motherboard manufacturers to allow cpu microcode updates to be saved in the chip.
Stupid people. I'm convinced now. People are just stupid.
You better burn your Internet Browser software. It can do a better job of tracking your use of the Internet than a processor serial number ever could!
Good feature; poor marketting.
This (crashing the PC if found to be overclocked) would be ILLEGAL. And it's not illegal to overclock your processor, it's just Intel don't want you to. Imagine if Ford took implanted a bug which made your car blow up if you fitted a nitro boost to it? (Ok so it's not the same at all- but the image was too funny to resist).
I think, based on your comments, you seem to feel you must be a revolutionary to have "strong mind".
No, not all strong minds are going to agree. I was countering the previous posters sarcasm that anyone who didn't share his indifference to privacy was part of the "stupid masses". He ascribed superior intelligence to himself with no evident backup other than his support for the position that power currently is imposing on us (it's happening anyway, we all have to justify our opposition ot power, but it does not have to justify itself to us). If one feels that violation of privacy is legitimate and that those who feel differently should be disregarded even if the majority (the clear anti-democratic implication of screaming at the rule of the "stupid masses"), one should have an argument from principle (to trump the democratic argument from principle at the least), not simply "it's happening anyway, get used to it!" which could've been used to justify any atrocity in history - the Holocaust, communism , all were "happening anyway" largely because people reprehensively "got over it" This is the mark of a weak, and probably venal, mind.
(BTW, does a strong mind post as an AC???
Since my position is pro-privacy and anonmynity is a form of such, this is entirely consistent.
The point is not one of sophistication, but one of pragmatism. Businesses don't take mail orders from people
they can't identify.
Then let businesses negotiate with me individually, not sneak into the infracstructure of communication. Frankly, I don't give a rats ass about ecommerce and the majority of Internet users have never used it. The problems of big business of no concern of mine.
Those that do are shortly put out of business by frauds. Governments like to identify
people too.
And frequently make murderous use of the information, to the tunes of tens of millions dead in this century alone.
That's why people have things like passports, driver licenses, credit card numbers, etc. There are
also many technological cases where things (chips, people, cars) need to be uniquely identified. It's just part
of life.
It is a very recent phenomenom. Therefore, it clearly is possible for "life" to proceed without it. It is not part of life, it is how we do things at this moment. This can change.
Rather than staging a protest, I think it makes a lot more sense to be aware of when your identity is being
exposed, and behave accordingly. Every time you use mail order, or a credit card, or a passport, recognize
that you are giving up a piece of your identity in exchange for some convenience.
But the "conveniece" is being converted to necessity. There is a huge movement in the banking community to eliminate cash - at that point, dealing with the banks is not convenience. In fact, it is not anyway. This money on which my government has an enforced monopoly is supposed to be a store of value but actually loses value continually (inflation). Therefore I need to accrue "interest" simply to have the money be functional as money.
Ironically, in order to use a lot of privacy tools (for example PGP), you actually need a unique identifier.
don't know about you, but I have a hard time believing people would rather have (and society would benefit
from) the ability to send their friends e-mails without them knowing who sent it, or whether they'd like to be
able to send their friends e-mails without anyone else being able to read it.
I like both of these features. Both the American and the East European revolutions were built on forbidden and often anonymous literature. When we lose this, we will have lost much of what is necessary to rebel and rebellion, while not always desirable, is often necessary.
Although I cheer getting rid of this unique ID on users, don't DSL connections used fixed IP addresses. Though that won't identify the machine, it will effectively identify the household. Maybe we should push for annonymized DSL (the *new* ADSL), now that we've seen how powerful we are.
don't ruin my security (in knowing the chip i paid 700 bucks for is genuine) just because you have no technical/economical/political sense!
software houses would love for people to repurchase licenses with each hardware upgrade but they KNOW that people will not stand for it. the only company that could possibly get away with it would be microsoft, but they stand on such shakey legs now as it is i doubt they'd be stupid enough to ever do such a thing.
anyways, i can think of so many more reasons why this cpu id would never be used to track customers, and never be required by anybody for anything. except of course intel, who would use it to assure customers that the $700 piece of silicon they just bought is the real deal, and to assist in tracking down the source of counterfeit chips.
and on the later, i can see how intel might want to track batches, of say 100 cpus (or however many fit in a 'case'), keeping tabs of which distributors the chips pass through. now if a customer buys a counterfeit chip, it can be tracked somewhat through the distribution channels, and hopefully to the culprit. end-users should not and probably couldn't be tracked--too much burdon on the distribution channel.
okay, i feel a little better.
jcr@e-orchard.com
Not necessarily. When you purchase commercial, propriety software, you buy a *license* to use the software. Thus, if I buy MS Office, then my CD gets destroyed, my friend can legally lend me his CD so I can make a copy for my use. Of course, most companies will deny this, just like Nintendo denies the right to a backup.
temptation for various e-commerce and other companies to *rely* on Processor ID. They know that IP addresses can change, MAC addresses may be nonexistent, and every piece of hardware that has ID, is changed so often, and may be not present in user's box, or move between boxes, so its ID is meaningless for user identification. Not so with CPU. One thing is, to say "Install Ethernet card, and our software will identify you by MAC address", another is "Since you already use Pentium III (or otherwise you couldn't make to this web site anyway), we will use your Processor ID to identify you, so please let our software to read it, or at least enter it by hand if you for some reason want to use a web browser". If there will be guaranteed that large number of people will choose not to have such ID, the idea will be useless because large number of people will be unable to provide ID even if in that particular case they had agreed if they had one, but otherwise company will be tempted to use it just like a lot of places [ab]use SSN.
Contrary to the popular belief, there indeed is no God.
This isn't about privacy at all, and never has been. I'm shocked people aren't cluing to this quicker, but maybe a lot of you are too accustomed to Windows and Intel to realize what you are saying.
This is about setting up tollgates. It doesn't matter a damn whether the PIII ID is on or off by default- or what the ID even is! They could all be the same for all the difference it would make. This ID says _one_ message above all else- 'I am a Pentium III chip!' 'Okay, you may pass'.
Who here has seen the 'Comic Explorer' effort on the Dilbert website? That's what we're talking about, not privacy issues. If I'm not mistaken Comic Explorer (and a silly idea it is, too- they seem to be confused about why anybody'd even want to play with such a toy) can be used by non Pentium II computers. However, Intel have paid off many people to suggest or demand that Pentium IIs, specifically, be used on their sites.
Expect payoffs for people to not only demand, but _require_ the PIII ID on their sites. Yes, this cuts down the demographics- but it is not the site's idea, it is _Intel's_ idea and they are getting desperate for a way to _force_ people to get PIIIs and not keep buying those damned celerons. I picture them trying to cut a _big_ deal with some major player like Amazon.com or somewhere else that is a key web location- Microsoft might well be a target, but again this doesn't benefit the web site at all, only Intel, which is why Intel will pay off people to do it, and why it probably cannot get Microsoft to require this. MS has its own fish to fry and will refuse to play along, but Intel will surely find _somebody_ who is willing to get paid to cut off access to non-PIIIs, and then goodbye AMD, goodbye Celerons, PPC? What's that? It'll be Intel- it's not just a good idea, it's the law.
And the boycotts will not stop this, and the notion that sites 'would never' do this is wrong because the site has to make a decision to intentionally hose their whole readership, or cordon off an area and deny it to their whole readership (like the Dilbert Comic Explorer?) for the purpose of requiring PIIIs alone, and getting paid off by Intel.
Be ready to keep an eye out for these, because they _will_ be turning up here and there, despite how unpractical the idea is. How much would you personally have to be paid to make an area of your site PIII-only? I think I'd only require a hundred thousand bucks. How about making the whole site PIII-only and hosing everybody? That would be more like a million. Intel won't be paying _me_, but they will be able to get to some webmasters.
Pretty useful for Intel to track stolen chip too!
That's all fine and good for trying to save face in the wake of a massive boycott but it doesn't change the problem! When I'm FORCED to toggle it BACK ON just to dial into my ISP to "make sure no one is stealing my account" then I will blame INTEL. When I'm forced to turn it BACK ON just to download the latest Windows '98 patches (you can damn well bet that Microsoft LOVES this idea!), I will blame INTEL. The only solution to this problem is the removal of the ID all together. End of story.
If you can read this message, your threshold is too low.
I have a hunch that many people won't be pleased until the feature is completely removed. Nevertheless, opt-in is a lot better than opt-out. At this point, the only thing that I can see that would make a lot of people turn the ID on would be requirements from vendors for it.
I still don't understand how a CPU ID is supposed to help commerce, though. It's just a number, with little to corroborate if someone spoofs it. Add that to the fun involved with multi-user systems (or even a household PC with a single-user OS), and insecure host identification makes very little sense. A much better solution is for the vendors that need it to use public-key cryptography for verification of identity.
--Phil (Not that this affects me directly--it'll be a while before I can afford a PIII-class processor.)
355/113 -- Not the famous irrational number PI, but an incredible simulation!
God, this is further proof that a paranoid, reactionary bunch runs things around here. There are so many OTHER unique identifiers in a persons computer it's just silly. There are so many ways to bypass this also silly.
Next thing you know, we'll be arguing that digital certificates, ethernet MAC addresses, IP addresses, credit card numbers, and phone numbers violate our privacy! I can't wait until they figure out that IPv6 will mean your IP address will effectively describe exactly how to route packets TO YOUR HOME!!! My God!! Imagine!
sigs are a waste of space
No. I can have the same IPv4 address here or in New York, without a problem. In IPv6 your IP address pretty much defines the routing rules on how to get to your system.
sigs are a waste of space
XV *is* open source, the source is just not *that* far spread. (I once downloaded the xv-3.1a source when the PNG file format was new and there existed only a patch to xv...)
Sure, xv is not free (like free beer), but it comes with quite a lax license: Only commercial use has to be paid, IIRC. So what is your problem? It is a rather similar license to netscapes, except you can get the source. :-)
Simple things should be simple, complex things should be possible.
Really, they make substandard products.
Even if the chips are shipped with PSN "off", don't buy them. The marketing numbers on sales of these chips will prevent PSN requirments for authentication from becoming a standard. Something no sane netizen would want.
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
I'm not sure, but I think they can only be DISABLED by the software. To re-enable it, you must reboot, which would not be a "quiet" act on the part of the OS.
I believe it's been stated above and in the article that there will be a method to permanently disable the feature, so if for whatever twisted reason Microsoft decided to be deceptive enough to trick you into rebooting just to get the ID re-enabled, you can have it forced off forever.
Both the mechanism involved and an objective method for determining whether or not it's disabled will certainly be used in the near future. If Intel were really trying to deceive us by secretly keeping the ID turned on, they would have some SERIOUS PR problems when it was discovered. It's not in their best interests to lie, and besides, what would they gain?
Why in the world would your ISP/favorite web site require you to use the exact same computer to connect to the Internet?
Why in the world would your ISP/favorite web site require you to use a PIII just to connect to the Internet?
Why would you blame Intel for your ISP's stupid policies (requiring you to use the same Intel PIII PC to connect to the Internet)?
Come on, guys, stop freaking out over this and put some reasoning behind your frightened arguments.
I agree that rebooting the computer is not likely to raise any concern for the user. But consider that applications must talk to the *OS* to get these things done. If the OS were designed in such a way as to request verification from the user before performing such a risky thing, there's nothing to worry about.
Why must there be a way to re-enable it in the software? You have no idea how the hardware implements this particular CPU instruction (though I'll admit neither do I). It's trivial to build the CPU so that a permanent-disable command can be sent that can't be undone by any other instruction.
That doesn't rule anything out. You'd think that the instruction to disable/enable the id would be a kernel mode instruction, but we don't know.
Somehow I don't think it will be THAT hard to find out.
Also, that doesn't prevent windows itself from doing it.
So write Microsoft and make sure that they put in some sort of verification before allowing the CPU's ID state to be changed. This is an OS problem, not an Intel problem.
Windoze/Office 2000, both have an online registration, during the install doze2000 re-enables the id. Office also has an online registration. Both register your cpu id number with microsoft.
What if you've permanently disabled the CPU's ID mechanism since then? Does that mean you can't run the program anymore? There are so many things you're not considering.
Now on te subject of the disable, i'm pretty sure intel could easily design the chip so the id can be *permanetly* disabled. But we'll never know...
Why would we never know? I wonder how many people with PIII's will "permanently disable" their CPU ID and then proceed to use every conceivable trick and instruction in an effort to get it enabled again. I'd wager quite a few. At some point you've just got to concede that it can't be turned on again with software.
I say stick with linux, how long do you think it will be before we have "Disable CPU ID" as an option in the kernel config.
"stick with linux"? Since when did this become a Linux vs. _____ debate? I doubt we'll ever see a "Disable CPU ID" option in the kernel. It will probably end up being a user-land util requiring root privileges.
OK let's assume that 90% of the computer owners decide to scrap their equipment for a PIII (or equiv) or better in the next 10 years.
So, now all these processors have these ID's built into them.
What about those that have their ID's permanently disabled? Do you expect that Intel and the other vendors are going to go against the public's wishes and remove the permanent disable ability?
What about that other 10%? Do you think that they're going to be all-but-ignored by ISP's and software developers?
Consider one more thing: the hardware may make the ID available, but it's the SOFTWARE that actually uses it. If you don't want your ID going out over the Internet, configure your software so that it doesn't send it! Don't buy software from companies that mandate one of these ID's (which just seems silly considering the volume of customers they'd be losing).
These CPU ID's DO have some very valid and useful uses that don't have anything to do with your privacy. You need to be worrying about the software that uses these ID's, not the hardware.
True - and I shouldn't jump to conclusions. But this remains somewhat suspicisous. I always disable everything I cannot fully control.
This is probably a good policy.
You can try e-mailing Netscape too and ask them about the suspicious traffic. I'm sure they'd be happy to explain it to you.
I agree 100% that evil companies can put privacy-invading functions in their software that mines our PC's for confidential information.
Since you don't seem to be subscribed to BugTraq (where software and network issues like this are discussed frequently), let me just say that people are CONSTANTLY trying to break things with operating systems and software. If some experienced network administrators see some traffic that looks odd, they will investigate it and report their findings. Any attempt by a software company to do what you're describing WILL BE DISCOVERED eventually. In light of Microsoft's history and the publicized nature of this and other privacy-related issues, do you really think they're going to risk it?
I'm not saying we shouldn't be careful of the things we install. I just think that we need to contact the software/OS vendors and hear how they're planning on implementing the CPU ID stuff before we freak out.
--
I must say this is a huge relief. The mere fact that any of us were this worried is a testament to Intel's near-monopoly on chips, though. That's the sort of non-feature for the end-user that really only gets tacked on when the manufacturer has no real competitors.
--
The real Paul Vallee is slashdot userid 2192, and, what do you mean it's not cool to point out your low userid?
Since a number of posters said it doesn't matter
that Intel is doing this or that the patch will
fix the problem, I decided to see the arguments
against this type of technology. Seems to me
that they make more sense.
http://www.privacy.org/bigbrotherinside/
While I like the speed how fast things come and :) some concerns remain: ... (sorry no
go nowadays
What happens if a country like
names here ) releases a law, that its citizens
who want to connect to the Internet _have_
to enable the ID feature "for security reasons"?
Poor INTEL, as it looks you was caught pants down
because you didn't realize the consequences of
editing global licence plates. Time to rethink
privacy? These global licence plates will arrive
sooner or later. But if I can choose I will
prefer the second choice.
--
Is it just me, or does it look like you could pronounce it Intel Pill?!?
My mind wanders at work sometimes, I guess.
Send your friends messages of love at fuck-you.org
What's that supposed to mean? Blow a fuse through software?
-------
Warning: Slashdot may contain traces of nuts.
Hey - I *want* static IPs from my DSL provider. DHCP makes it so I have to use dynamic DNS services to do anything fun. Sigh.
I have a simple solution for this. A program that patches the OS to send a random CPU ID when ever the CPU ID is requested from a web site or software.
Instead of random numbers this patch could let you assign any number you want to send or we could even have the patch send the same numbers all the time. Imagine the effect on this if everyone sent the same number.
There, problem solved. When ever Microsoft request your CPU Id when you download a patch you can give it what ever random number you computer feels like passing it or with, a check box, you can give it the number of fleas on your dog.
I read at +2. If your post doesn't reach that level I will not see or respond to it.
Even with it on by default, how many sites would be in a position to require it "within months"?
Now, I don't have any numbers, but I know for a fact that there are still significant numbers of computers out there NOT running P2s after a year of having them shoveled down our throats. (or implanted directly into our brains ala Homer Simpson) Not to mention those pretty 'lil iMacs.
Considering how many NON-P3s are out on the market right now, IMHO, it would be the height of lunacy to put "This site designed only for the P3 processor" on your ECommerce site.
Personally, I think that if sites started requiring the CPU ID, it would be a major blow to the ECommerce industry as a whole. I don't know many ppl who will be willing to shell out $2-3K just so they can purchase a $20 item on the 'Net. And the majority of 'Net users aren't 3D-game-a-holics who 'need' the speed increase of a P3! I say this while typing away on my K6-200 (running Linux), which is still plenty fast for 90% of what I push through it. (Of course, that's not saying that I won't be upgrading to a K7 this fall...we've all got to have goals.)
"What do you mean, invalid parameters? 9000Gigs of RAM and it can't answer a simple question!" -- Earthworm Jim
I think the main-purpose of the CPU-ID feature is to allow for efficient copy-protection. I fear it wouldn't take too long until we see the first commercial software custom built to run only one particular CPU with the CPU-ID hardwired to critical code sections, which could easily be distributed over the Internet.
...
As long as this feature is there, no matter whether enabled by default or not, software companies will sooner or latter force their custumers to switch it on. Update "wizards" and digital signatures using the CPU ID will be other obvious applications and could be easily marketed as "security features" to the privacy-unaware public.
You don't have to be especially paranoid to imagine what happens if hardware vendors, software companies and certain three letter agencies begin to trade this information
No. Most DSL connections (especially those in the non unix world) are dynamic IPs which are leased upon reboot. You may have the same IP for a long time but its not really yours. If you go with business class DSL lines you can request and get static IP. Static IP is a good thing... thats one of the reasons we need to switch to IPV6 so we have enough addresses to go around. If you need to access a service there are many other ways to do it other than having a dynamic IP (and all of them are better in the long run).
And for the record "we" aren't powerful. It was the larger privacy groups which got Intel to change.
--- I do not moderate.
Intel is too fucking cheap
... she knows enough to optimise advert placement, work out where to put announcements ...
Um, Intel is notoriously expensive.
Or are you suggesting that these people should destroy the thick end of a billion dollars worth of perfectly-working chips, and reveal for public inspection several billion dollars worth of intellectual property (because I doubt you'd trust Intel's word that the feature was disabled), just so that reinforced paranoids can be certain that, whilst they're being tracked by their IP address and statistically sampled by their browsing habits, they're not also being tracked by which computer they use?
Remember, if you're trying to work out markets, you don't need perfect data and you don't need user names. With the present HTTP protocol, you can't avoid leaving an audit trail of the pages you've visited; if a webmaster knows that 37% of your users visit page A, 29% proceed to page B,
I think the magic word is 'internet', at least as much as 'boycott'.
Boycotts are no use unless you advertise loudly, widely and frequently what you're boycotting and why.
When I'm FORCED to toggle it BACK ON just to dial into my ISP to "make sure no one is stealing my account" then I will blame INTEL.
No, when you're forced to turn it back on to dial into your ISP, you'll change ISP.
When I'm forced to turn it BACK ON just to download the latest Windows '98 patches (you can damn well bet that Microsoft LOVES this idea!), I will blame INTEL.
No, when you're forced to turn it back on to load Win98 patches, you'll complain in the same way and to the same channels as you did this time, and Microsoft will give way in the same way that Intel did.
This makes far more sense to me and in this particular case (though that's not to say this will be the only case), is no more intrusive than a cookie.
But, unfortunately, it's no more secure than a (properly-crypted, stored in a non-exportable database) cookie, either. Both are 'something you have'; fiddling the kernel to send someone else's CPUID is not technically harder than copying someone else's cookie.
Read the licence agrement on some of the software you have...A lot of mine(at least)says that it can only be run on ONE cpu ever.
Read the EULA on preinstalled copies of Windows, it says that it is licenced to the one machine EVER and may NEVER be used on any other machine!
This is stupid but Microsoft and others ARE doing it.
Personally, I like the ONE cpu AT-A-TIME licence.
If it is never being used by more than one person at a time, I see no problem with having it on multiple computers.
James
James Ray Kenney mailto:jrkenney@swbell.net
As for software piracy, I'd be very happy if MS's software wasn't piratable at all, but not if the same measure made the average user even more traceable with everything they do on the internet. In fact, I'd have welcomed and these processor ID's, if it wasn't for the idea that software should send them over the internet in any case. just use them locally to check your licenses on proprietary software, I have no problem with that.
my take is that, by having it disabled by default, the chip number is as dead as if it had never existed. most lusers wouldn't know how to turn it on, or want to bother to learn, which means that not many sites that care about their bottom line will actually require it. which means that no-one will bother to turn it on either.
there could be schemes to corroborate it... imagine Intel publishes a public RSA key, and every chip ID is a number signed with that key. you can replay them, but you can't make up your own. and I don't think distributed.net would even attempt to crack the key, because it woulnd't be neutral enough. to make the signatures non-replayable, they'd need to include the current time in them (which the processor doesn't know) and generate the signatures on the fly (which I doubt anyone feels like implementing in microcode), so my guess is that at the very least they willl be replayable.
huh? if you get a virus on your computer, you are at the whim of the virus coder. I'd rather worry about the virus trashing my data than about it turning off ID's.
well, if numbers are crypto signed, I'd expect sites to pop up with huge lists of valid signed numbers collected by various means... then you build a 10k list into the linux kernel or into mozilla (depending on how this works exactly -- i'd guess mozilla), and pick one at random. for extra cookie points, add a menu entry (or a /proc file if it's in the kernel) to turn this on and off.
Personally, I see a few places where this could come in handy.
#1, it would allow single processor tracking from production to end user. You can check with Intel and see if the Pentium II-450 you just bought started life as a P2-400... A big problem with a number of small computer manufacturers. I've no problem with overclocking, but when a company tries to sell me a re-marked processor....
#2, as a method of tracking stolen processors. Buy your computer, check the ID with Intel, and if it's listed as stolen, go back to the store to get a refund...
I think something along the lines of a BIOS utility that allows you to write your ID out to floppy, would be a better way to go. Then you could have the choice of "installing" the ID or not.
My thoughts.
The problem is that when a chip is remarked, they have fake serial numbers on them. Unless you have an internal unique identifier, it's impossible to know that it's an original chip. (except for the badly done remarks)
I know of an immediate and rather frightening problem:
- Check processor ID
- send it in an encrypted packet to Intel (somehow)
- Intel checks this against a database.
- Intel sends info back regarding max clockchip speed
- Program receives this data. Then spurious OS crashes occur if the computer is discovered to run at a faster clockrate than that permitted by the Intel database
- Luser goes out and buys a real chip at proper speed
Far off? Maybe now, but by the time the Pentium V comes out, ID's will be compulsory for most Internet access unless we have a good privacy lobby (or live in the EU;)- Microsoft [possibly] sneaked in some sort of secret evil function in IE that does the things you describe
I wouldn't necessarily assume that Microsoft is always evil and will always sell your soul out and Netscape is always good. Probably the opposite, as MS isn't about to go under (read: trying desparately to survive), and Netscape isn't being investigated by the DOJ, and as a perceived underdog it is less likely to catch so much bad press when/if they're caught.- It's pretty trivial to sniff network connections (especially HTTP, which is typically 100% human-readable).
I have in fact that done that with my own computer and I have found that my Netscape Communicator 4.5 has made some attempts to contact somewhere.spurious.netscape.com when I hadn't been there in a while and was probably slashdotting. Forgotten what it was that NS was trying to leak, but luckily it failed because of a draconian firewall that we have (didn't use the configured proxy: how thick is that?)ps: Any website that has sponsors is probably evil, ie they might be monitoring and selling your traffic as this may or may not be a condition of getting paid advertising money. I find that principles will fly out through the window remarkably quickly if your survival is at stake.
- I'm not. Quite the opposite. I was being sarcastic to counter the previous poster's silly arguments
Whoops - I thought I understood sarcasm - ought to read the whole thread before replying in future. There are a lot of people who seem to think that all evil is confined to one particularly rich and influential software company. They should get out a bit more...- There are a million reasons why your browser might be doing this that have nothing to do with Netscape violating your privacy or gathering privileged information...
True - and I shouldn't jump to conclusions. But this remains somewhat suspicisous. I always disable everything I cannot fully control. The proxy wasn't used and this suggests that this feature is embedded deep in the code somewhere, and not part of the regular picture retrieval service. Who knows, maybe I am just seeing red and confusing buggy programming with something more sinister...If you have NS, you might want to try the same trick yourself. I'd be interested if you found anything. I would myself but only kernel 2.2 seems to have broken my packet sniffer :-(
---
I'm not paranoid - it's just that everyone's out to get me
GDP for Euroland is $6.8trillion, but the Euroland only includes those nations who have adopted the single currency. The UK, Finland and Greece are outside Euroland but still fall within any other definition of the word "Europe" including "EU". These countries more than make up the $1.3 trillion gap, so they probably give Europe a bigger economy than the US. Or am I mistaken?
Aw c'mon folks.. It's a little early for kudos and high-fives for the power of public opinion. If 'big brother' says he's no longer watching, that means that this is what 'big brother' says. Nothing more.
Besides, how 'permanently' disabled will it be though software?? I'll believe it when I smell smoke, not before.
What they ought (moral issue) to do is 1) destroy the poisoned chips already made and 2) submit a RANDOM sampling of chips to independent review, just to make sure that 'feature' didn't make it back in. Brother Intel has openned a Pandora's box, and I think all free-source free-thinkers out there should seriously consider their alternatives.
But then again, MS (as almost all other big software firms) has been putting serial numbers on individual copies of software. What's to stop them from sending data back to Redmond, each time we go on-line?? It's not as though we can look at the original code, right? With all those animated Easter eggs, who'd complain about a small auditing routine that runs each time you visit www.microsoft.com??
This, if nothing else, is good reason for open source software. The world is a truly scary place when you need open source hardware as well.
-- What you do today will cost you a day of your life.
That doesn't rule anything out. You'd think that the instruction to disable/enable the id would be a kernel mode instruction, but we don't know. Also, that doesn't prevent windows itself from doing it. And don't think microsoft wouldn't do something like this. Imagine, Windoze/Office 2000, both have an online registration, during the install doze2000 re-enables the id. Office also has an online registration. Both register your cpu id number with microsoft. You lend your cds to a friend, microsoft's servers detect a pirated copy of the software and reports you to the FBI. Spookey, ain't it?
Now on the subject of the disable, i'm pretty sure intel could easily design the chip so the id can be *permanetly* disabled. But we'll never know...I say stick with linux, how long do you think it will be before we have "Disable CPU ID" as an option in the kernel config.
-matt
I like the idea of a jumper, i'm very fond of jumpers. Unfortunately jumpers seem to be disappearing in favor of plug and pray. Also having a jumper for the PSN would require a new mother board.
-matt
It's about time an electronic based company listens to the public. If you think about it, the whole industry is getting scary. I'm glad Intel sees it our way.
Hey, wake up guys. We are talking about a CPU not a computer system. The serial number doesn't get sent anywhere on its own. Its just readable and usable by the system and applications software. If that software chooses to use or abuse the number it can.
It has absolutely no value whatsoever for e-commerce. It is another red herring, like encryption control laws. A dishonest person is not going to use the standard products. They will use software which doesn't use the serial number in the CPU, and which uses the very best encryption.
This isn't really a big brother issue. Its one of those "if you can't do something useful, do something easy" things. These are usually promoted with statements like "its not perfect, but at least we are doing something about the problem". In fact, as in the serial number case, they are doing something irrelevant to the e-commerce problem.
Attention, people: software can broadcast your identity with our without a chip ID number. And if your software doesn't send the ID number, then web servers can't see it. I haven't seen any Intel announcements about shipping magic fingers with which they can poke around inside someone your computer over a phone line.
A more realistic worry is that software companies will start using the serial number to restrict licenses to a single machine, but that doesn't have a whole lot to do with privacy issues.
Attention, people: software can broadcast your identity with our without a chip ID number. And if your software doesn't send the ID number (or sends a fake), then web servers can't see it. I haven't seen any Intel announcements about shipping magic fingers with which someone can poke around inside your computer over a phone line.
There could be problems with software companies that use the serial number to restrict licenses to a single machine, but that doesn't have a whole lot to do with privacy issues.
Anyone know where I can get a peek at the picture of the "Big Brother Inside" chip that they are talking about in the Yahoo News article?
Thanks.
Josh
Linux: The GNU is out there...
You'd figure that if the code is going to be sent out "over the Internet", it's going to use IP, probably UDP. Would it be broadcasted? No, you can't broadcast to the whole net for obvious reasons. You can broadcast to your local net (255.255.255.255), which routers are supposed to drop. You can broadcast to specific networks as well. Chances are, it will not be broadcasted but sent to a specific host (or perhaps a specific network) on a well-known port. If that's the case, filters in the router or firewall can keep it from being sent. Even if on Linux you had an app which tried to send to that port (I doubt this would ever get implemented into the kernel, though /proc/cpuinfo could be made to spit it out; the hypothetical /proc/cpuid should be root-readable only), you could use the kernel firewall rules to drop the packet.
OTOH, in a web browser, it could be embedded within the HTTP request. In that case, use a proxy server (squid) that can filter out the header. HTTPS is another story, over, however. Netscape allows a Security proxy. Presumably that uses HTTP to the proxy, which then does the encryption side. In that case, you could still filter the header (pre-encryption). So you run your own proxy on 127.0.0.1...
I don't think there is much chance of success (whatever "success" can be considered to be in this case), mainly because the Pentium III, as I understand it, is not a low-end consumer product. Perhaps in another year or so: The Pentium II is already nearly a low-end product. Net commerce that requires this chip-ID stuff is going to cut it's own throat, since they are excluding most of the computers out there.
Still, I would not buy a Pentium III because of this "feature", even if it is off by default. I'm not particularly a fan of the Intel architecture to begin with. As others have pointed out, this can be a boon for the Free Software/Open Source movement, since the "feature" is probably primarily a dongle for copy protection. "What, I have to buy my software all over again because I bought a new computer?!" If Intel wants to sink with Microsoft, that's their business...
-- Blame any errors on your own stupidity. All wrongs reserved.
In that other part of the world, where people use closed source software, this could be a problem.
send + more == money?
by the wording of the article, it seems that its off when it ships to your house but will require software to keep it off.
.. about software using it for dealing with Piracy, i worry about it for abuse by gov agencies and what not. what
Its a bad idea to begin with.
And if they want to keep software to a machine
but using Hardware, why not use the ethernet card?
that usually doesnt change or perhaps the HD sn#.
Frankly I dont give a flying
a great way to keep track of people surfing habits and their life online.
Dont you think if M$ is in bed with intel and internet exploder is a major M$ product that it will freely hand out your machine CPU ID to any web site that wants it, or uses a M$ server product.
-Zeb
long pointless rant i know.
I'm afraid. I'm afraid, Dave. Dave, my mind is going. I can feel it. I can feel it. My mind is going.
The Fed "must assure Europeans that the United States has adequate privacy protections or risk a prohibition against businesses in those 15 countries [of the European Union] from disclosing personal information about citizens there to U.S. companies."
Follow the money...
Why does Intel wants to add a SID to there CPU? They say it's for E-Commerce.. and maybe in some ways it is.. but from my point of view, I think one of the biggest things this SID will be used for is to License software.. Sun/HP/IBM/SGI/DEC all the unix companys have them and use them to aid in the licensing of software. I dunno.. call me crazy.. but I'd be willing to bet this would be the place you'll see it first.. no more dongles.. or stupid license disks.. just s License key, coded to you SID and only your SID.. it's still not perfect.. but much better and cheaper then some other solutions. *shrug* just a thought..
Lord Rion
Hired Net Grunt
--Hired Net Grunt