Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Intel Corporation (INTC) -- Ignore unavailable to you. Want to Upgrade?

To: Scumbria who wrote (72169)	1/26/1999 4:50:00 PM
From: Chris Carlson	Read Replies (4) \| Respond to of 186894

Scumbee, re:"Do you really believe that this feature is going to make it into the stores?" I was merely responding to P.F.'s scenario. His premise was that a store would somehow read the CPU ID and then document it!! THis would of course be in addition to the PC serial #. I agree that this was egg on the face, only because Intel backed down so easily, though. One could read that fact two ways: 1) Intel is an extremely adept corp. that has learned from missteps in the past, or 2) this was a bad Idea from the start. I think #1! ciao! Chris

To: Scumbria who wrote (72169)	1/27/1999 1:06:00 PM
From: Saturn V	Respond to of 186894

eet.com Pentium ID concerns were unfounded, expert says By Craig Matsumoto EE Times (01/27/99, 11:05 a.m. EDT) SANTA CLARA, Calif. — Concerns that the indentification number Intel Corp. had planned to put on Pentium III processors could have been used to track Web activity might have been unfounded, as the ID mechanism masks the ID number from any Web site requesting it, according to a security expert who has worked with Intel. In fact, any two Web sites verifying the number will get different results, making it almost impossible to correlate their visitor lists. The ID mechanism also would have operated outside of Windows by using a proprietary software agent that was intended to prevent "spoofing" of the ID number. This approach makes the ID number far more complex than a car's license plate or vehicle ID number. "The processor number says if you write down my license plate number and someone else does, they'll be different numbers," said Shawn Abbott, chief technology officer at Rainbow Technologies Inc. (Irvine, Calif.). These factors might mitigate the concerns of privacy groups such as the Electronic Privacy Information Center (Epic; Washington), which declared a boycott of Intel products over the ID numbers in Pentium IIIs. Intel subsequently withdrew plans to include the ID number in response to those concerns. Epic and others feared that the ID number could have been used for surveillance of consumer Web surfing; another common concern was that the ID number could be easily faked in software, rendering the concept useless. Technology to keep the ID number blinded was developed by Rainbow for its own hardware "dongles," which for years have been sold to corporations for PC security. Intel approached Rainbow last year to develop the security setup for the ID number. "Very early on, when Intel described it, they were very, very careful to address certain concerns," Abbott said. The final scheme was defined after deep scrutiny by Intel and Rainbow, addressing problems such as traceability on the Web, he said. Under Intel's scheme, every Web server has a unique, randomized ID number that's transmitted along with a request to verify a PC's ID number. At this point, a trusted agent intercepts the request and submits it to the microprocessor. The agent then takes the Web and Pentium numbers, runs a complex set of calculations, and returns a third number, which is uploaded to the server. It's this third number that is used to identify that particular Pentium. The process will return the same number every time that particular machine accesses the server in question, verifying the machine's identity. But because every Web server has a different ID, the hashed number uploaded from the PC will differ from one site to the next. No site will know the Pentium's actual ID number, nor will any two servers use the same hashed number to represent a particular Pentium. The setup also prevents "spoofing" of the serial number, another fear among privacy advocates. The agent that intercepts the ID request is an example of "tamper-resistant software," which is difficult to replicate or alter and manages to tap the processor ID number without divulging the number to the outside. Tamper-resistant software is a "black art," Abbott said, and several companies in the security industry have tried their hand at it. "Think of them [tamper-resistant agents] as armor around something. They can always be taken apart and defeated, but the effort becomes too much," he said. Intel was unavailable for comment late Tuesday. <Picture> <Picture: Print> Print this story <Picture: e-mail> Send as e-mail