[4038] in cryptography@c2.net mail archive
Re: A different take on Intel's RSA announcements
daemon@ATHENA.MIT.EDU (Alan Olsen)
Thu Jan 21 21:50:45 1999
From: "Alan Olsen" <alano@adams.pcx.ncd.com>
Date: Thu, 21 Jan 1999 10:23:05 -0800
In-Reply-To: Tom Weinstein <tomw@netscape.com>
"Re: A different take on Intel's RSA announcements" (Jan 20, 5:08pm)
To: Tom Weinstein <tomw@netscape.com>, Rob Lemos <Rob_Lemos@zd.com>
Cc: cryptography@c2.net
On Jan 20, 5:08pm, Tom Weinstein wrote:
> Subject: Re: A different take on Intel's RSA announcements
> Rob Lemos wrote:
>
> > http://www.zdnet.com/zdnn/stories/news/0,4586,2189721,00.html
>
> This just seems like FUD to me. ID numbers should help detect theft and
> fraud. They aren't going to compromise privacy. I expect it's going to
behave
> just like the debugging registers. Nobody is going to be able to get at your
> chip's ID without running software on your system.
"What part of ActiveX do you not understand?"
When you are running an application designed by a third party on your system,
how do you know if they are not accessing that information and leaking it via
some covert channel? You don't.
Chip IDs will be used for the causes of evil as long as marketing has a hand in
the design process. (For the process of obtaining customer demographics of
course.) Not a far step from governments demanding the ability to track down
and stomp on those who violate their rules or just plain noseyness. (When you
have them by the Chip ID, their hearts and minds will follow.)
Of course they have to run software on your system. This means that we just
have to worry about the software we run. I expect that this will give rise to
programs that will scan binaries looking for the chip ID instructions and
replacing them with nulls or something more "interesting".
--
Alan Olsen
