Apparently not many ppl find this idea disturbing...I wonder if they're going to provide info on how to disable this to the Linux community?
--- We have only two things to worry about: That things will never get back to normal, and that they already have. D'jinnie/Jinn, encountered on IRC and select MU**. ([EMAIL PROTECTED]) finger [EMAIL PROTECTED] for PGP public key ---------- Forwarded message ---------- This From: CNET News.com, January 22, 1999 http://www.news.com Trials Set for Intel's Embedded Security http://www.news.com/News/Item/0,4,31309,00.html?dd.ne.tx.ts3.0122 By Michael Kanellos and Tim Clark Staff Writers, CNET News.com The security codes to be embedded in Intel's Pentium III processor can potentially be misused to identify and collect data on Web surfers, some privacy advocates warn. But Intel argues that the technology will actually make the Net a safer place. The controversy has emerged as 30 Web sites prepare to conduct trials of the processor, to be released in February. Critics claim that the number scheme can be used to monitor the Internet habits of virtually anyone with a modern, Intel-based computer. Intel [ http://www.intel.com/ ] countered that the serial number will actually improve security. The Web sites in the trials, for instance, will use the serial number as a third form of identification, complementing the user name and password schemes currently in place, said Pat Gelsinger, corporate vice president of the Desktop Products Group at Intel. Ideally, hackers couldn't just assume your identity by swiping your user name and cracking a password; they would have to steal your computer as well. In any event, Intel won't be stepping into the shoes of Big Brother any time soon, Gelsinger added. "We are not keeping those processor numbers in any form at all," he said, which means Intel shipping records won't be turned into a police log. Users can also disable and re-enable the serial number scheme at will. The plan was developed as a way to provide greater security for PC transactions and communications, said Gelsinger. Intel will imprint a 96-bit identification number on Pentium III chips and their successors. The number cannot be erased, but users will be able to choose whether to disable the feature or to keep the number active to be "read" for identification by outsiders. Web sites, for example, may require user name, password, and processor serial number before giving access to certain pages. An agent from the Web site reads the processor number to ensure authenticity. The number will therefore foil common hacking techniques because hackers will have access to the PC so that the agent can read the identification number. The numbers can also be used to lock out users who have been kicked out of chat rooms and re-registered under a new name. Identification, Gelsinger said, is also a voluntary process. A blue number sign will appear in the Windows control shelf [the series of icons at the bottom right corner of the screen] whenever the serial number is enabled. By clicking the icon, users can pull up a control panel to disable it so outside agents can't read the serial number. Turning it off may prevent access for certain transactions, he said, but it returns anonymity. Users can then re-enable the number by re-booting. Most computers, however, will likely be using the enabled setting as their default. "Our customers have been asking for this for years," Gelsinger said. Will the system give Intel or its partners the power to monitor PC users? No, Gelsinger said. The company is not keeping a record of the serial numbers, so records cannot be used to trace Internet use. In addition, the numbers are technically serial numbers anyway. A program generates them randomly and they do not fall into a simple ordering sequence. Privacy advocates, however, see a high potential for misuse in the system, although they admit that the specific negative implications of the scheme are difficult to pin down because it hasn't rolled out yet. Many also seem to fear retribution from the company. Few are willing to go on the record so far. "Intel's product has some serious security and privacy implications. It is really incumbent on the folks who are developing technology, folks in the policy community, and folks in advocacy community to look at code as having serious social implications," said Deirdre Mulligan, staff counsel at the Center for Democracy and Technology, a nonprofit civil liberties organization focusing on the Internet "The hard part is figuring out the implications. Until it's put out into the marketplace, it is difficult to tell," she added. "Like law, software code has great social implications for privacy and speech." Gelsinger, in fact, acknowledged that Intel's decision to not keep a database on these numbers is strictly voluntary. There is technically nothing stopping the company from keeping a registry. Computer companies could do the same, he allowed, although he said he believes business considerations weighed against tracking these numbers, as they did with Intel. Copyright © 1995-99 CNET, Inc. --------------------------------NOTICE:------------------------------ ISPI Clips are news & opinion articles on privacy issues from all points of view; they are clipped from local, national and international newspapers, journals and magazines, etc. Inclusion as an ISPI Clip does not necessarily reflect an endorsement of the content or opinion by ISPI. In compliance with Title 17 U.S.C. section 107, this material is distributed free without profit or payment for non-profit research and educational purposes only. --------------------------------------------------------------------------- ISPI Clips is a FREE e-mail service from the "Institute for the Study of Privacy Issues" (ISPI). To receive "ISPI Clips" on a regular bases (1 - 6 clips most days) send the following message "Please enter [Your Name] into the ISPI Clips list: [Your e-mail address]" to: [EMAIL PROTECTED] . The Institute for the Study of Privacy Issues (ISPI) is a small contributor-funded organization based in Victoria, British Columbia (Canada). ISPI operates on a not-for-profit basis, accepts no government funding and takes a global perspective. ISPI's mandate is to conduct & promote interdisciplinary research into electronic, personal and financial privacy with a view toward helping ordinary people understand the degree of privacy they have with respect to government, industry and each other. But, none of this can be accomplished without your kind and generous financial support. If you are concerned about the erosion of your privacy in general, won't you please help us continue this important work by becoming an "ISPI Supporter" or by taking out an institute Membership? We gratefully accept all contributions: Less than $60 ISPI Supporter $60 - $99 Primary ISPI Membership (1 year) $100 - $300 Senior ISPI Membership (2 years) More than $300 Executive Council Membership (life) Your ISPI "membership" contribution entitles you to receive "The ISPI Privacy Reporter" (our bi-monthly 12 page hard-copy newsletter in multi-contributor format) for the duration of your membership. For a contribution form with postal instructions please send the following message "ISPI Contribution Form" to [EMAIL PROTECTED] . We maintain a strict privacy policy. Any information you divulge to ISPI is kept in strict confidence. It will not be sold, lent or given away to any third party.