[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

FWD: ZDNN: The biggest security threat: You

To: cypherpunks@toad.com
Subject: FWD: ZDNN: The biggest security threat: You
From: someone@somplace.org
Date: Sun, 28 Feb 1999 16:17:51 -0500 (EST)
Sender: owner-cypherpunks@toad.com

This message was forwarded to you from ZDNet (http://www.zdnet.com) by someone@somplace.org.

Comment from sender:
What gall!

---------------------------------------------------------------------

This article is from ZDNN (http://www.zdnet.com/zdnn/).
Visit this page on the Web at:
http://www.zdnet.com/zdnn/stories/p3/0,6424,2216772,00.html

---------------------------------------------------------------------

PALM SPRINGS, Calif. -- Who's the biggest threat to computer security?
A foreign spy? A malicious hacker?

Maybe neither.

According to an encryption expert from Intel Corp., just as potent a
threat could be none other than you -- the ordinary computer user.

"This is a new focus for the security community," said David Aucsmith,
security architect for chip maker Intel (Nasdaq:INTC) "The actual user
of the PC -- someone who can do anything they want -- is the enemy."

[TABLE NOT SHOWN] His comments came at the Intel Developers Forum here
Thursday as the company outlined its security plans. The discussion
included Intel's controversial chip ID registration technology in the
new Pentium III microprocessor.

Aucsmith said that more and more, software companies and content
creators are targeting users as a major threat to security.

The user threat
The reason: With a few keystrokes, users could freely distribute "bits
that have value," said Aucsmith -- copying such content as software,
DVD video and other valuable data.

Aucsmith pitched the problem as one in which Intel's processor serial
number scheme can help. "Security enforces trust," he said. "We want
to ID the machine that holds this data to be able to protect it."

[TABLE NOT SHOWN] In January Intel disclosed that it had added a
64-bit serial number to its processors that -- along with a previous
32-bit CPU ID -- can be transmitted over the Web as a means of proving
the user's identity, acting sort of like a vehicle ID number.

Intel is playing up the e-commerce benefits of the technology, while
privacy advocates fear the Big Brother implications.

On Thursday, in fact, the privacy and consumer group Center for
Democracy and Technology joined the protest. The organization revealed
that it would file a formal complaint with the Federal Trade
Commission citing Intel for dishonest trade practices.

Privacy fight may escalate
With such turmoil around the chip ID, such a revelation of the
industry's view of users might be construed as impolitic at best.

"Intel originally tried to convince users that the processor serial
number would make e-commerce transactions safer," said Jason Catlett,
president and CEO of privacy information firm Junkbusters.com.

[TABLE NOT SHOWN] "The real reasons have nothing to do with protecting
the user. They want to allow for better copy protection and, possibly,
tracking on the Internet."

Such tracking technology in computers is not new. Already, makers of
software for workstations and servers -- which can cost in the tens of
thousands of dollars -- have used machine-specific IDs to essentially
"bond" the machine and the software together.

[TABLE NOT SHOWN] The issue over putting a technology such as
processor ID into all PCs may be the catalyst in getting consumers to
join the discussion over who own personal information.

"Companies like Intel are all for restricting information when that
information is a patent or copyrighted material," said Catlett. "But
when it comes to their customers' data, they suddenly want free
access."

In fact, Intel's Aucsmith agrees ... to an extent. "He who owns the
bits sets the security policy," he said. "But if we are talking about
medical data -- who owns that -- then there is a big debate coming."

Not backing down
That doesn't mean that Intel is backing off, however.

During another presentation, Michael Glancy, general manager of
Intel's platform security division, told developers to expect the chip
ID in all the company's products soon.

[TABLE NOT SHOWN] "You should anticipate that this will be used all
across the major product lines," he said.

His statements were not just limited to PCs, either. Internet
appliances and portable devices based on Intel's StrongARM processor
will soon have the technology as well. "Those devices will need
technologies like this to be more secure," he said.

In the end, unless something comes from the privacy protests, Intel
will be putting the processor ID technology everywhere.

"We have announced this feature with the Pentium III," said Glancy.
"We intend to ship it."

---------------------------------------------------------------------

Copyright (c) 1998 ZDNet. All rights reserved. Reproduction in whole
or in part in any form or medium without express written permission of
ZDNet is prohibited. ZDNet and the ZDNet logo are trademarks of
Ziff-Davis Inc.

Prev by Date: Re: cutting your own phone lines is a felony?
Next by Date: Re: Algorithm
Prev by thread: Re: cutting your own phone lines is a felony?
Next by thread: ADD
Index(es):
- Date
- Thread