Slashdot Mirror

← Back to Stories (view on slashdot.org)

Possible EU Embargo on Pentium III

Posted by ryuzaki0 on from the slamming-the-intel dept.

A reader writes "The brand new and yet unreleased STOA report (European Union Technical Committee) recommends an inquiry of the possible roles of the NSA [?] and the FBI [?] in the creation of Pentium III serial number. Possible consequences could be an European Union [?] -wide embargo against Pentium III-powered equipment. Read the scoop here. The article is in German, use our beloved BabelFish. " Just a note: this potential embargo not in place - it's just a possibility. But given recent Echelon fears, this is interesting news.

5 of 437 comments (clear)

  1. Re: Good euros by MikeBabcock · · Score: 4

    I don't mind being considered an intelligent consumer. I do mind you claiming that any of the people I've done consulting for in the last two years can think for themselves when it comes to processor choices. You do realize, of course, that most of them don't even know what a Pentium is ... as opposed to just being some chip thingy in a computer thingy that does Word faster, right? Anyway, I think maybe its a good idea for a government who feels that another is being bad to inform its consumers this way. You can't buy house paint with lead in it. Why not? Why not let consumers decide if they want lead in their paint? Why not let the market decide if mercury in your water is bad for you or not? Why not let people decide if they want to buy irradiated food or apples washed with deadly chemicals? Because consumers want experts to protect them against potentially dangerous practices of unscrupulous persons and corporations who are capable of anything given their mass wealth. Consider the US constitution; why does it allow for personal use of firearms? Specifically, there is provision for a rogue government and the need to protect one's self ... but there is encouragement to have militias so that this can be done by those trained to do so properly. If it comes down to it, I won't buy Pentiums with serial numbers, but I'd rather have my government (Canada) decide that the NSA or CIA involvement is a bad thing and protect consumers from those issues. I don't personally feel that processor serial numbers are anywhere near as serious as mercury in water -- the point is that a generalistic statement like yours needs to be considered in context!

    - Michael T. Babcock <homepage>

    --
    - Michael T. Babcock (Yes, I blog)
  2. This is fascinating! by jd · · Score: 5
    The Germans are a powerful group, in the EU, and they probably don't like that discussion of Echelon has been squished.

    The P3 serial number clearly violates European Law on privacy. Never mind the "free trade" argument someone else gave, if someone breaks the law, they don't deserve absolute freedom of trade.

    Also, the P3 serial number disabling software doesn't always work, from what I've heard. And who's to say that Intel don't have some kind of "back door", which would let the NSA or FBI get the serial number anyway? Back doors are easy!

    No, this calls for a total ban, though the British will probably take it to the European Courts to try and get any ban overturned. (After all, the British are involved in the SIGINT project, and any loss of intelligence, which could be profitable to them, would not be good.)

    The Germans, though, are a force to be reckoned with. They have the most influential bank, one of the strongest economies, and most of the top indstries, without which Europe would not survive. And most of those will be people all too happy to deprive US competitors of vital intelligence, such as contracts under negotiation, trade secrets, confidential reports, etc.

    I think it's great if Europe can collectively stand up and tell Intel where to stick the P3, and the US intelligence community what it can do with it's unlawful spy network.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  3. Privacy laws ... by charlie · · Score: 4
    The EU declaration on human rights -- a document about as fundamental to EU law as the US constitution -- explicitly enumerates a right to individual privacy.

    No such right exists under US law, although a right to privacy has been inferred on the basis of, for example, the fourth amendment. One consequence of this is that Americans take for granted a degree of corporate -- as opposed to governmental -- intrusion in their private affairs that would cause outrage in most of Europe. (And the European position is that at least the government is democratically accountable ...)

    A lot of US companies act in a manner that would be flat-out illegal in other parts of the world, in much the same way that it would be illegal for a European company to try to do business in the US in a manner that, for example, was calculated to blow away the first amendment rights of their customers.

    Over the past year, the EU member states have been trying to tighten up on the observation of the right to privacy, making it illegal to export personal data to countries with weaker protection (among other things). This would appear to be a rather dumb attempt to clamp down on what are seen as technologies of privacy invasion. (I say "rather dumb" because of course no equivalent attempt is being made to clamp down on sales of eeevil ethernet boards with embedded 48-bit ID's!)

    While I think this action is misdirected, I happen (as a European) to think that privact is valuable. In particular, there should be no invasion of privacy without accountability. Intel is just the latest company (remember RealNetworks, last week?) to get their fingers burned by dismissing privacy as an issue. It isn't a matter of personal preference; it's a fundamental right.

  4. It isn't the numbers, it is the REASON they exist by FreeUser · · Score: 5

    If the NSA/Intel connection does in fact exist, or their is sufficient circumstantial evidence to suggest that it does, then the European Union is only acting to protect their own (inter)national security and economic interests in banning the product. Their concern isn't necessarilly that the numbers exist, but the reason they were put there. Remember, they have already had industrial secrets stolen from their companies and given to their US competitors by the NSA, costing them real money and real jobs. With no sign that the NSA is at all repentant about what they've done, but rather that to all appearances they are pushing forward with even more intrusive and draconian approaches to gathering information, their concern is entirely warrented and their reaction very reasonable, even (one might argue) quite muted.

    Why would Intel serailize the CPU, with all these other "unique numbers on hardware" already present in every computer sold? Why on earth create yet another number for no (apparent) reason? The answer is obvious: serializing the CPU makes not just the computer, but the work that has ever been done on it, easilly traceable in ways MMAC addresses and HD serial numbers cannot. A word document written five years in the past can, on a serialized PII/PIII, be traced to a particular computer. It was this misfeature that led to the identification and arrest of the author of Melissa Virus. While I'm glad he was arrested, I must confess I am much more concerned about my own loss of privacy than I am in offsetting the terrible threat the Melissa idiot ever posed to me.

    An MMAC address, BIOS or HD serial number, is at most only traceable while the machine is on-line. They do not get embedded into the aforementioned word document the way the intel CPU serialization did. This demonstrates that the "big brother" ramifications of CPU serialization are quite different (and apparently more significant) than those associated with unique MMAC or IP addresses, or BIOS serial numbers. And who is to say future generations of PIII hardware will even allow the OS to disable their serialization functions?

    The Europeans are rightly concerned with respect to their privacy and attempts by our secret organizations to subvert it. They are also very lucky, in that, unlike us, they have governments which actively work to protect their rights and liberties.

    --
    The Future of Human Evolution: Autonomy
  5. Thoughts on random numbers by Otto · · Score: 4

    Well, first off, if your encryption uses any built-in random number generator, toss it, it's crap.

    Any good encryption program generates it's own random numbers from a random input source. PGP did this (still does, AFAIK) by getting keystrokes from the user, and using timings between them to generate a randomized sequence.

    If a program uses the clock as the seed, it's probably not using a second, BTW, but the tick timer. There's a lot of ticks in a second.

    Still, it's not an infinite number, and a good way to crack any encryption is to attack the random number generator. If you know the seed, you can generate the same key, and decrypt the message.

    I recall that back on the C64, whenever I needed a good random number (the built in one was crap), I turned on one of the sound channels, set it to generate a lot of static, turned the volume off, and grabbed a number from the static. Worked pretty well, and didn't need a seed value. Still not truly random, but good enough.

    ---

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.