John, re: PIII ID not a good idea for desktop
The PIII ID issue is not a matter for sarcasm. Unfortunately Intel seems to have inadvertently injected itself to the center of a growing controversy over personal privacy. This is a national issue and an emotional issue with widespread interest.
You know I am a sincere supporter of Intel and a significant shareholder. This in fact is my first post on this thread that is critical of an Intel business action. Intel rarely disappoints due to their huge employee talent pool and top quality management. I am troubled, and think this is one of the rare instances requiring serious feedback and consideration.
At the surface, hardware security appears an beneficial feature, but in reality it cannot be trusted. It can be easily misused as it may be used to bypass the will and expectation of the PC user. Computer security is nothing more than enabling hardware to say "no" when its owner's request a service.
As a compliment, security allows the desires of others to override the will of the PC's owner. For instance a user may wish to remain anonymous where his PC instead stealthily discloses his identity. Today users control their PCs as their tools, under their command. I believe many individuals fear their PC becoming a device of others used to control their own behavior, most likely coercively but perhaps flat out against their will.
In a nutshell; for an individual person, a private person, it is fearful to have hardware argue with its owner.
I am sure you have heard this value, and the rebuttal that "honest people have nothing to hide", and arguments to the point that one can just software disable the ID. These points are not valid in the face of widespread, uniform security feature deployment. With this capability widespread such issues become a power struggle between people and institutions.
But security is a matter of trust between people, not tools. PIII ID, or any other hardware gate will not generate interpersonal trust.
Yes, others, such as Sun, have CPU IDs. All NIC cards have ethernet IDs. I doubt there is any controversy with PIII ID in server applications.
The PIII is different in that it promises to become the ubiquitous consumer internet client terminal processors. Only Intel PC chips have the market presence to have this type of feature exploited by marketers and other "big brother" institutions. I for one do not want to ever see a message like this, "VISA transactions require your CPU ID to be enabled". So I must reboot my PC in order to complete a transaction. Then Intel expects the user to reboot again to turn it back off? Not likely.
For Intel - there is little to gain and much of the companies image and reputation to lose. If perceived to be effective, then the company will be detested for usurping PC control from own customers. If Intel backed security fails, the consequences can be dreadfully worse.
There is grave danger that hardware will be trusted only to later be found to be ineffective. In this case Intel will lose all trust, and will be subject to class action scale liability recovery actions on a grand scale. For the proffer of security entails the transfer of responsibility. In this case from the PC user for due diligence, to the door of Intel.
Security proffers will be quicksand for Intel. The company's image stands can only be sullied with the muck of emotions rampant about security aspects and privacy erosion. Stay away. Leave security to the users, implemented in trusted software. This is not Intel's battle. This can never serve Intel's customers or its shareholders.
Now what to do with this mess? Intel has proven it's superior nature by having the courage to recognize and fix its mistakes. It should do so now.
Intel has erred by not anticipating the widespread attention that the ID feature has generated. Yet another negative publicity fire has ignited. At this time it has clearly kindled. Response is necessary lest it flash over in the wider press. Intel risk becoming - unfairly - the whipping boy for the privacy erosion issue. Now only a dramatic, immediate response will quench the looming firestorm.
The PIII must have a mask change to either eliminate the ID or to render the ID physically inaccessible in all operating modes. Perhaps the ID "switch" can only be set once after boot. Then technically BIOS can control it reliably. This is now moot given the current publicity. A mask change is the only action that the press will now believe. Few souls will believe a publicity white paper assurance release. If fact such defenses will only become more fuel for further groundless, but effective attacks on Intel's credibility.
I believe the current fury will ebb with an announcement of these changes. I do not think that product recall is necessary as no software company will exploit the current ID'ed chips with so few devices in the field. Additionally today's PIII's are being sold in the Xeon line where the PIII Id is to customer advantage.
There is no need to negatively affect the PIII production pipeline. This plan will cost Intel little, where inaction or defiance will cost Intel greatly.
It is separate matter whether to keep the existing product for the Xeon line. Although this will cost Intel more, maintaining separate masks for Xeon, this is routine for Intel and probably best for the market.
I hope Intel's learns well the larger lesson here. Stay away from proffering security. It is business quicksand without sufficient return for investment risk.
Thanks John, for your attention. I hope you can help air these thoughts, or similar thoughts, to Pat, Albert, or others in position to act effectively.
Jeff |
