Possible EU Embargo on Pentium III 437
A reader writes "The brand new and yet unreleased STOA report (European Union Technical Committee) recommends an inquiry of the possible roles of the NSA [?] and the FBI [?] in the creation of Pentium III serial number. Possible consequences could be an European Union [?] -wide embargo against Pentium III-powered equipment. Read the scoop here. The article is in German, use our beloved BabelFish. " Just a note: this potential embargo not in place - it's just a possibility. But given recent Echelon fears, this is interesting news.
Bad Euros. (Score:2)
Here's a clue guys, let the market decide. If people are really in a tizzy about this, they won't buy the chips. If they don't care (like me), they will. See? It works out fine that way, and no government intervention needed.
Excellent. (Score:2)
Insert something about US not caring about privacy rights here.
But why use BabelFish for something about England? No primary source?
---
pb Reply or e-mail rather than vaguely moderate [152.7.41.11].
Way to go... (Score:2)
BUT, the offending product still remains, and NO REAL ACTION is taken.
It'd good on the EU to see this change. For once, a credible world body is giving attention to privacy, and this is a Good Thing.
Now that some REAL ACTION is being taken, maybe people will stop making offending products so that they won't end up on the wrong end of some embargo.
Threat (Score:1)
Could this actually be under the "Your Rights Online" heading?
Of course, there should be certain exceptions... (Score:3)
Now, that's not Windows, but another operating system close to all our hearts...
(Seriously, this is of course a silly suggestion. I'd sooner see a lot more attention paid to big databases than this sort of nonsense.)
--
Re:Excellent. (Score:1)
This decision will have been taken in Brussels I expect.
Why does it matter? (PIII serial number) (Score:2)
EU sticking up for personal privacy? (Score:2)
intelligence agencies vs. U.S. counterparts )
fighting over who gets to beat up the smaller
kids.
the effect of FUD (Score:3)
The truth is that your computer is filled with unique numbers on hardware (HDD, BIOS, MAC-address on your network card, some graphics cards), all of which are much easier to check (they cannot be disabled), and much easier to use for privacy invasion or to secure e-business.
I think it's sad to hear that high officials now want to use the fear for another serial in hardware as excuse to boycot a company, their decisions based on pure FUD. Which is what it is.
----------------------------------------------
Re:Bad Euros. (Score:3)
This is not a matter of free trade. If a device has privacy-fouling features which were inserted by the intellegence organizations of a foreign government, you probably don't want your country standardizing on its use no matter how popular it might be. This is truely a matter of national security. I don't know anything about the Intel/NSA/FBI connection, but if there were one, I would applaud the EU taking these steps. It's sort of scary just how hard our (US) government works to quash any shred of patriotism that we citizens might have once felt.
AMD sales increase? (Score:2)
IF the embargo comes, and I must say I find it unlikely, it's a good thing that AMD makes excellent processors. There aren't any big European processor manufacturers that I know of, so this can't be some new brilliant protectionist policy.
Re:Way to go... (Score:2)
Re: Good euros (Score:4)
- Michael T. Babcock <homepage [linuxsupportline.com]>
Re:Bad Euros. (Score:2)
- Michael T. Babcock <homepage [linuxsupportline.com]>
Re:Why does it matter? (PIII serial number) (Score:2)
More importantly, "big databases" mean that once a correlation is established between your PSN and your SSN, your anonymity is gone. And to the extent any logs exist of your activities before this correlation was established, your previous activites are now known.
Before you laugh too loud, making these sorts of correlations between "anonymous" credit card statements sold by your bank and data sold by your merchants is already a hundred million dollar (or more) industry in the US.
Add what is being done in the name of fighting terrorism and hate crimes, and (if you are a US citizen) you have no privacy. You just don't realize it yet.
This is fascinating! (Score:5)
The P3 serial number clearly violates European Law on privacy. Never mind the "free trade" argument someone else gave, if someone breaks the law, they don't deserve absolute freedom of trade.
Also, the P3 serial number disabling software doesn't always work, from what I've heard. And who's to say that Intel don't have some kind of "back door", which would let the NSA or FBI get the serial number anyway? Back doors are easy!
No, this calls for a total ban, though the British will probably take it to the European Courts to try and get any ban overturned. (After all, the British are involved in the SIGINT project, and any loss of intelligence, which could be profitable to them, would not be good.)
The Germans, though, are a force to be reckoned with. They have the most influential bank, one of the strongest economies, and most of the top indstries, without which Europe would not survive. And most of those will be people all too happy to deprive US competitors of vital intelligence, such as contracts under negotiation, trade secrets, confidential reports, etc.
I think it's great if Europe can collectively stand up and tell Intel where to stick the P3, and the US intelligence community what it can do with it's unlawful spy network.
Re:Why does it matter? (PIII serial number) (Score:3)
Say you plug said computer in, and sign up to an ISP. You probably need to pay via credit card, so there goes your complete anonymity. Then, though you'd have a different IP address everytime you dial in, if there were a function enabled in your browser to send the serial number back up stream, websites could collect a LOT of information on you, because they'ed all have the SN as a key to link it all back together.
It's not like you need so much to worry about Slashdot or anything. But companies like, my personal favorite, DoubleClick.net, who's ads appear across slews of websites, could learn for instance, what sites you like, what articles you read, when you sign on, when you sign off, etc...
Problem is, laws aren't in place that prevent the sharing of this information. Some information is protected, but other information isn't. And if one company abuses it's new found power, well then... I don't know about you, but i'd rather not have my complete psycholical profile stored in many computers across the internet.
Bad Euros???? (Score:2)
You cannot buy a PIII without the serial number, so consumer choice is limited.
No government intervention is needed? What about no NSA/FBI intervention is needed.
Re:Why does it matter? (PIII serial number) (Score:2)
You could dead-end the trail at the place where you buy it in such a manner, but if someone important is looking for you it's still a pretty good lead. Also, if you're computer is confiscated for some reason, that ID could possibly be used as evidence against you, or even to manufacture evidence against you.
If you really want nothing to fear, just don't do or say anything that will make you stand out from everyone else.
numb
Re:the effect of FUD (Score:2)
What Intel is doing is moving access to unique fingerprinting into the realm of trivial. They are going to make it easy and consistent for software manufacturers to uniquely identify the users of software and the creators of documents. Besides all of the awful problems that arise from this (e.g. copy protection that breaks when you upgrade your processor) sort of crutch, there are already some very real-world abuses of such things in software. We do not need another ID, and what the EU is concerned about (US intellegence agencies weakening EU privacy) is a very serious concern, not to be taken lightly.
One good thing is that with the advent of the Athalon (which I understand to have no such ID) there IS a choice for high-powered PC computing.
Government publicity! (Score:2)
This is a publicity stunt. The fact that it is being done by a collection of governments doesn't negate that fact. They're testing the waters.. they are playing "paper tiger" politics. Let them.
--
Confusion of terms? (Score:2)
An embargo is when a mfgr/supplier refuses to sell a product to a potential customer.
A blockade is when a government(or governments) refuse(s) to allow a product into a country(or countries).
While I'm at it, a boycott is when someone refuses to buy a product (or refuses to buy a product from a particular source).
LK
Re: Good euros (Score:2)
At any rate, you ignored my comments outright -- no, consumers would buy lead paint because they did long before it was banned
- Michael T. Babcock <homepage [linuxsupportline.com]>
hmmm.... Interesting (Score:2)
Sometimes these European Decisions are somewhat strange...
Re:Bad Euros. (Score:3)
Does this mean that the EU will be considering an emargo on Sun workstations as well, since they contain a similar feature? How about Ethernet cards? IPv6?
Re:Way to go...Yeah Right! (Score:2)
The EU is just offended that the FBI and NSA could be involved in stepping on their toes. The EU should be the only ones able to spy on residents of Europe.
If you were to walk/drive/bike around London you could be tracked by video surveillance equipment every step of the way.
The EU is no hero for the cause of privacy.
LK
Re:nonsense! (Score:2)
People are a) used to bloatware and b) just don't look at these sort of things. Be honest - when was the last time you downloaded some util and checked its filesize to see if it corresponded with your idea of how big it should be? MS Word has Pinball in, MS Excel has a pseudo fractal "flight sim", all as little easter eggs. People don't look at the app and go "that's bigger than I thought, it must have something hidden in it."
Think I've thrashed that point to death now
--Remove SPAM from my address to mail me
conflicts on the horizon (Score:3)
For example, the credit rating agencies that collect financial information in the US on individuals are absolutely illegal in Belgium.
Except for a well-regulated database maintained by the National Bank on individuals who are behind more than 3 consecutive instalments on a personal loan, there is not one single publicly available, or against payment, financial database on individuals, because that's against the law.
It's also against the law to share or sell databases with information on individuals.
I don't understand how you can justify the buying and selling of information on private individuals, without their explicit consent. As far as I am concerned, I strongly believe that my private information is my personal property, and no one is allowed to trade in it, or disclose it otherwise, without asking me first for permission. I alone hold the copyright on my personal information, and I can assure you that I will prosecute any company that dares to disclose personal information on me to the maximum extent possible under the law, and I am sure that the amount in fines and punitive damages would drive this kind of company out of business right away.
If Intel manages to associate its serial number to my name, and then this serial number to any other personal information ot transactions I do online, they will very soon have to say goodbye to doing business in Europe.
I think the OS is more of a risk (Score:2)
As for random number generation, can I interest you in a noisy diode? Attach it to a DAC (Sound card'll do) and you're sorted.
Privacy laws ... (Score:4)
No such right exists under US law, although a right to privacy has been inferred on the basis of, for example, the fourth amendment. One consequence of this is that Americans take for granted a degree of corporate -- as opposed to governmental -- intrusion in their private affairs that would cause outrage in most of Europe. (And the European position is that at least the government is democratically accountable ...)
A lot of US companies act in a manner that would be flat-out illegal in other parts of the world, in much the same way that it would be illegal for a European company to try to do business in the US in a manner that, for example, was calculated to blow away the first amendment rights of their customers.
Over the past year, the EU member states have been trying to tighten up on the observation of the right to privacy, making it illegal to export personal data to countries with weaker protection (among other things). This would appear to be a rather dumb attempt to clamp down on what are seen as technologies of privacy invasion. (I say "rather dumb" because of course no equivalent attempt is being made to clamp down on sales of eeevil ethernet boards with embedded 48-bit ID's!)
While I think this action is misdirected, I happen (as a European) to think that privact is valuable. In particular, there should be no invasion of privacy without accountability. Intel is just the latest company (remember RealNetworks, last week?) to get their fingers burned by dismissing privacy as an issue. It isn't a matter of personal preference; it's a fundamental right.
Someone is smiling... (Score:2)
I never liked the PIII I.D. scheme anyways. Even if it could be disabled, the fact that it exists @ all irks me...
Tom
It isn't the numbers, it is the REASON they exist (Score:5)
Why would Intel serailize the CPU, with all these other "unique numbers on hardware" already present in every computer sold? Why on earth create yet another number for no (apparent) reason? The answer is obvious: serializing the CPU makes not just the computer, but the work that has ever been done on it, easilly traceable in ways MMAC addresses and HD serial numbers cannot. A word document written five years in the past can, on a serialized PII/PIII, be traced to a particular computer. It was this misfeature that led to the identification and arrest of the author of Melissa Virus. While I'm glad he was arrested, I must confess I am much more concerned about my own loss of privacy than I am in offsetting the terrible threat the Melissa idiot ever posed to me.
An MMAC address, BIOS or HD serial number, is at most only traceable while the machine is on-line. They do not get embedded into the aforementioned word document the way the intel CPU serialization did. This demonstrates that the "big brother" ramifications of CPU serialization are quite different (and apparently more significant) than those associated with unique MMAC or IP addresses, or BIOS serial numbers. And who is to say future generations of PIII hardware will even allow the OS to disable their serialization functions?
The Europeans are rightly concerned with respect to their privacy and attempts by our secret organizations to subvert it. They are also very lucky, in that, unlike us, they have governments which actively work to protect their rights and liberties.
Ban Network Cards! (Score:2)
Lead paint is nice (Score:3)
>Why not? I mean, who would buy it in the first >place? Can you see the advertising campaign? Try >our new foo paint, now with extra lead! >Guaranteed to cause cancer or double your money >back!
For the youngsters out there, lead is was put in paint for any number of good reasons. Some colours are easier to achieve with it, and more importantly it results in a smoother finish on the coat of paint, with drips and brushstrokes less of a problem. I'm sure technology has moved on since lead was banned, but when it was first banned it represented something of a step back from the painters point of view.
Of course it's a bit on the poisonous side, too.
Re:Bad Euros. (Score:3)
This is a matter of individual vs national consquences though.
Individually, if you are worried about your privacy and the implications of the P3, go buy an Athlon or install an OS you can be sure isn't fucking with you. But the European governments ARE mandated in worrying that while individual loss is minimal, there is a national risk about having a feature that caters to foreign intelligence running the IT of the country.
From that perspective there is ampal reason for the governments to act acordingly and on a national level.
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
Re:Pentium III Random Number Generator NSA Backdoo (Score:2)
When given a seed, numbers are generated in a fashion that "looks" random, but is not. If you give a program the same seed it will spit the same "random" numbers back out at you. What prevents this from happening is that many programs use the clock as a variable seed for random number generation. If you know the second when the clock was accessed, then you know the seed, from there you can reverse engineer any "random" numbers generated.
Even if you only know the minute you can make 60 tries to get the seed. If you're talking industrial espoinage it's well worth the time. If you'retalking about a government agency with millions upon millions of dollars at their disposal it's not a big deal.
True "randomness" is difficult to achieve, but I'd need a real math guru to explain it coherantly, because I can not.
LK
Thoughts on random numbers (Score:4)
Any good encryption program generates it's own random numbers from a random input source. PGP did this (still does, AFAIK) by getting keystrokes from the user, and using timings between them to generate a randomized sequence.
If a program uses the clock as the seed, it's probably not using a second, BTW, but the tick timer. There's a lot of ticks in a second.
Still, it's not an infinite number, and a good way to crack any encryption is to attack the random number generator. If you know the seed, you can generate the same key, and decrypt the message.
I recall that back on the C64, whenever I needed a good random number (the built in one was crap), I turned on one of the sound channels, set it to generate a lot of static, turned the volume off, and grabbed a number from the static. Worked pretty well, and didn't need a seed value. Still not truly random, but good enough.
---
RNGs: you'll need more than that. (Score:2)
--
Re:Pentium III Random Number Generator NSA Backdoo (Score:2)
Even if the P3's random number generator (RNG) is flawed, it still can be useful as an input of entropy into Linux's /dev/random driver. The way the /dev/random driver works is that there's a pool of entropy, into which inputs are mixed. The more stuff you mix in, the harder it is to predict what's in the entropy pool. If you mix in something completely predictable --- say, all zeros, or all ones, at worse it just doesn't add any entropy to the pool. If there's any amount of unpredictability in the P3's RNG, though, it can be a useful addition to the linux /dev/random Driver.
It's most likely that the P3 RNG is flawed in some way, so that its output is baised one way or the other. The simplest kind of bias is one where the 60% of the bits are ones, but there are more complicated kind of biases. For example, there might be a 60Hz component in the output, that would be noticeable if you ran a FFT over it. But the wonderful thing about the way the /dev/random driver works is this doesn't really matter, since the outputs of the P3 RNG is only going to get mixed into the entropy pool. The only question is how much entropy "credit" to give when you mix inputs from the P3. If you're really paranoid, you can mix in 0 bits of credit, in which case you're no worse off than if you weren't using the P3, and possibly better off.
The worst case scenario is one where Intel has completely lied, and is using (for example) the P3 serial number plus the time as a seed into some fixed function, and the RNG isn't really an RNG at all, but a total trapdoor to allow the NSA to guess session keys easily. I find this hard to believe, though, for two reasons. First, it would imply that Intel was really deeply enmeshed into the NSA and/or the FBI, and while some conspiracy theorists might believe that, I have trouble believing it. Secondly, Intel has far too much to lose. If they did something like this, the chances that the secret would eventually leak is just far too high (in fact, almost a certaininty) and once it did, Intel would never be trusted again. I don't believe that Intel would ever be quite that stupid, the mistakes the DVD consortium made notwithstanding.
Re:This is fascinating! (Score:2)
Actually, it's fairly evident Echelon exists. The Australians have confirmed it, on a number of occasions, and the prohibition of any British person near Menworth Hill (including members of the Government), is indicitive of a project a bit more secretive than conventional wire-tapping. Then, there's first-hand (NOT second, or nth) accounts I have heard of massively parallel arrays of DSP chips being constructed, as part of Government contracts. I've a nagging feeling those weren't embedded into transatlantic cables to play musak.
A related story... (Score:2)
Re:Bad Euros. (Score:2)
What a load of ******** (Score:2)
I think this Intel serial number debate is silliness too. I could understand if EU wishes full disclosure of such privacy issues; though, the P3 id is pretty insignificant. The consumer has multiple ways to restrict such information. Identifier is a RESOURCE. One that your software does not need to use. The consumer has a choice, as long as he is provided with pertinant information I have no problem with it. The government argument that it would affect EU national security on the aggregate if Joe Consumer were to buy it....well I just don't buy that. This strikes me as petty nationalism, a strike against Americanism, protectionism, in the name of "privacy". If the US were to take similar steps against, say, Toyota for putting GPS units in their cars (with the possibility for "tracking"), we never hear the end of it. These same people would call it racism and protectionism (et. al)--such hypocrisy.
the serial number means NOTHING. (Score:2)
it is amazing how much publicity the P3 serial number is getting when it has almost no use in any way, malicious or otherwise. look at any internet protocols. none of them have a spot for the P3 serial number reserved. if you were to grep all the documents you give out none of them would have the number in it. the number has to be read by software running on your personal machine. if you are running untrusted malicious binaries on your system then you have bigger problems. if you find a program which was grabbing the number then dont run that program or modify it. You ultimatly have complete control of all software running on your machine, you dont even need source, just edit out that opcode, if they use self-modifying code, fire up gdb.
There is no way to link this number to anything or use it as a trusted value in any way. since the software that ultimatly retrieves the number has to be running on your machine you can just fake any ID with some creative hex editing making it unuseful as a secret key or secure identifier. in any case CPUs are alot easier to swap than hard disks, and they already have unique identifiers. sorry for the semi-rant all the press about a PR stunt gone bad by intel gets to me after a while.
Re:Way to go...Yeah Right - huh? (Score:2)
You imply that the EU spies, this is not true. The motivation to protect ones own citizens from foreign snooping should be present. Were I an elected member of a local council, I would be offended enough at the thought of a foreign nation gathering data on my constituents without their explicit knowledge or authorisation that I would do something about it.
You perceive Europe as a super-government, which it isn't. Europe's four main entities, the Council, Commission, Parliament and Court of Justice, deal directly with governments and legislatures, not with individuals. They initiate, debate, pass and enforce legislation with governments - not vis-a-vis individuals.
Directives which are passed by the EU are then enacted in each of the nation states by being passed as laws in those nation states. Europe has no FBI, no CIA and no NSA - it has loose bodies that try to co-ordinate the many national forces, but these bodies are neither funded by nor answerable to the EU - rather they are multi-national initiatives in their own right.
If you were to walk/drive/bike around London you could be tracked by video surveillance equipment every step of the way. The EU is no hero for the cause of privacy.
First of all, the centre of London being covered by cameras has absolutely nothing to do with the European Union - it has everything to do with the British Government and the Police Forces in London. The EU does not spy on it's citizens, individual governments do what they want so long as it isn't illegal or they don't get caught.
The EU as a separate entity doesn't police individuals (other than - perhaps - it's employees, hence the recent resignation of the entire Commission subsequent to a report on their working practices), it has neither the resources nor the remit.
The centre of London is indeed heavily laden with CCTV cameras. Whether this is a good or a bad thing is really material for another debate, where we can discuss the balance between catching rapists, thieves and murderers, and our right to not be spied upon by our respective governments. I think it's irrelevant here because you can't compare observing someone in the street to a foreign entity (government or otherwise) tracking their activities in a medium where they believe they have privacy.
Re:Bad Euros. (Score:2)
Re:conflicts on the horizon (Score:2)
Personally, I doubt you -do- like people knowing that much information about you. I suspect that if you found a person you knew gossiping about you, in detail, to a complete stranger, you'd probably not be absolutely over the moon by it.
If one of the idiots on Slashdot got totally sloshed one night, ran some checks on where posters lived and shot up anyone with a higher Karma than them, I think those being targetted might be a trifle upset.
You can't stop people being insane, dangerous or simply downright rude. On the other hand, actively encouraging them in their insanity, and providing the crazed with the means to get crazier is as insane as the lunatics who are the problem in the first place.
No, I =DON'T= think that laws which give people control of their own lives are the "antithesis" of freedom. I LIKE the idea of having some say-so over who says what about me, and to whom. It's my life, damnit, and if any person on this planet should have a right over it's contents, it's me!
If companies can sell secrets, they won't keep them to other similar organisations. Not for long, anyway. Can you imagine MacDonalds or Burger King doing a police search, based on the licence plate, to determine if they should serve you or turn you in? And what happens if the software goofs up? You get hauled out by an ear, your pic gets in the national press, and all cos information was being shared by glitchy software, with the assumption that computers never make mistakes.
If this bothers you... (Score:2)
The serial number thing is really one of stupidest misfeatures ever dreamed up, but its an opportunity for MB manufacturers to offer users a choice. Heck I could imagine a box with a privacy switch and two color LED -- when the LED is red, the MB reports a bogus number and when the LED is green it reports the real one.
Re:What will happen ... (Score:2)
Well, you can look at this two ways. If people really cared about this, no one would by P3s, and the number would be removed. So either people really don't care about this (since sales of P3s seems to be good, or at least not bad enough for Intel to change this). Or people are really stupid, right? I mean, I'm well informed and I wouldn't not buy a P3 becuase of this, isn't possible other people came to the same decision?
Re:Why does it matter? (PIII serial number) (Score:2)
That's kind of parallel to direct marketing, where it's now illegal for a vendor to say "Hey, since we have your credit card number already, what we're going to do is ship you this product and charge you for it if you don't return it to us in 10 days. If you do return it, we'll still recoup a 30% restocking fee."
Things like that have been tried in the past until they were explicitly outlawed. Why must an individual have to opt out of providing this information, rather than being asked to provide it. It makes a big difference, in my eyes...
And on to a slightly different subject. Has anyone figured out what the point of this ID is? Intel won't use it to track counterfeiters. You can't look up your own ID on intel's site to see what the speed of your chip is supposed to be. A unique ID doesn't aid e-commerce really. Instead it's the Random number generator... The ID just seems to have been rolled into that, where they say the ID aids e-commerce.
CPU's worked fine before they put ID's in there
This happened to me! (Score:2)
Nick
PS Yes I did try calling and writing to the state telco regulator - not a single response.
technocracy in action (Score:3)
This decision (or attempt to do so) is late, intel launched the PIII months ago, by the time the decision will be taken (if ever) intel will be busy producing its next generation of cpu's.
It's also a technocratic decision since nobody (as far as I know) is asking for this decision. The EU people decided on its own (most likely with the help of some lobbying, amd?) that it might be a good idea to do this.
BTW. I think the trend of both the EU and the US changing into technocracies is caused by free market. So I don't think it would be a good idea to just let the market decide.
The free market serves only one interest: making as much money as you can. Free speech, privacy and human right are not a free market concern. Early this century we had free market, the results were horrible: big companies stressing their employers to the limit. Then we got labour movements, socialism and communism. After communism collapsed, capitalism became a little more socialistic (at least where I live).
Pure communism and pure capitalism are both a bad thing since they both suffer from the same problem: people are greedy and will try to abuse the system to suit their own needs. In the case of communism this leads to a repressive regime. In the case of capitalism it also leads to a repressive regime (taiwan, singapore, south korea).
"If people are really in a tizzy about this, they won't buy the chips"
One problem: most people lack the technical skills to make a well founded technical judgement of what this chip has to offer. Most users are not aware of the differences between a PII, a PII and a K7.
Personally I'm not so worried about this ID thing, there are other, easier ways to identify somebody. So, I think the EU is overreacting a little.
I think it is very well posible that the NSA made a deal about this ID with intel. At least I can't think of a good technical reason to introduce it and I refuse to believe that those intel guys are that clueless. So seen in this light, the european reaction is not so stupid.
Hmm... (Score:3)
Re:This is fascinating! (Score:2)
This is exactly why moderators should moderate UP instead of down. Any moron can repost over and over, whereas marking UP will make for a richer slashdot experience for those people who are finally driven to browse at score 2 or 3 now that the segfault trollers have all come here.
That is not a logical conclusion--flawed thinking (Score:3)
Though I concede that they make some mistakes, many wish are harsh on the individual, it works on the aggregate. The mere fact that you and others have been burnt, does not mean you or creditors would be better off without it. Nor does it even necessarily mean that the system could be further optimized.
One thing you must remember, is that creditors are in the business of making money. This means that they want to lend as much money as they can, and get paid back at the highest rates possible. They worry about the aggregate. If there are enough individuals such as yourself, with only few minor "cosmetic" blemishes (if you are to be believed), the odds are high that someone will look past it, as you represent potential profits. Though I readily concede that the system occasionally hurts the individual, it works on the aggregate. Lacking mindreading devices, you should know that banning of credit reporting in its entirity would cause immeasurable damage on the aggregate.
Re:What will happen ... (Score:2)
Re:Stupid Politics Accidently Cause Good (Score:2)
A moment's thought would reveal that this can't be about American-versus-EU manufacturers. All the principal CPU-makers are American companies, so causing trouble for one of them is of no net benefit to the EU. Also, the EU market for Intel chips is served almost entirely from the plant in Ireland, while the same market for AMD chips is only partially-served from the German plant (if it's even operational yet). So a shift from Intel to AMD would actually cause harm to EU manufacturing. Think , people!
Re:Lead paint is nice (Score:2)
Re:If this bothers you... (Score:2)
Re:Pentium III Random Number Generator NSA Backdoo (Score:2)
Re:Ban Network Cards! (Score:2)
Re:If this bothers you... (Score:2)
Hehe. Maybe I wasn't. Care to elaborate?
Re:Um, it IS disablable (Score:2)
Tom
Libertarian? Try again. (Score:2)
> whatever reason then they are to be applauded.
On this point, we agree.
I actually believe, now, that the best friends the citizens of the U.S. have are foreign governments that won't put up with our government's bullshit anymore.
Germany subverting the Wasenaar agreement is a prime case. This possible action by the EU is another.
Where privacy is concerned, our government is becoming as bad as the Soviet Union or China; the policies of this government, from a bird's-eye view, see this country falling more and more toward a socialist society. This is troubling to me, and to most people I know.
But, onward...
> If you want to really live out your Libertarian dreams I suggest you move to Russia NOW and leave
> Western Civilization to those of us who value it.
Pardon me, but are you out of your mind? Do you know what Libertarianism is, or are you simply speaking from your small end?
What is happening in Russia (I originally misconstrued your intent to mean "go and live in a backwards Communist place", but I finally caught a clue) is FAR from Libertarianism.
The criminals are running the show, rather than duly elected representatives. The people have no say in matters, and must pay extortion to the criminals in charge. In such a system, there is no freedom. Nobody in Russia can simply tell the crime syndicate to "fuck off". If they did, they would simply cease to exist. In that way, it is much like the old socialist government of the Soviet Union.
Western Civilization, or, at least, American Civilization (of old) is based more around Libertarian principles than you seem to believe. The idea that someone can conduct their life with a minimum of interference by some governing body, be it a criminal syndicate, a monarchy, or a government like the one we have today (I really don't see a difference, to tell you the honest-to-God truth!), is a Western idea, and the central idea of Libertarianism.
It's all about LIBERTY.
--Corey
Re:This is fascinating! (Score:2)
Hooo hhooo heeee heeeee. I still smile to this day when I hear the word Merkin!
Re:What a load of ******** (Score:2)
I'm curious what you mean by this. I've never had a credit card in my life, yet there is most surely a credit rating report on me. Perhaps you mean I can choose not to pay utility companies or anyone else that reports to credit agencies? Doesn't seem very practical really.
Re:What will happen ... (Score:2)
Link to the full reports (Score:2)
Best wishes !
Intel deserves this for other reasons (Score:2)
Of course, Germany has a stake in AMD's Fab 30, so they are looking for ways to assist them, but there are other reasons other than this "privacy" bullsh^H^H^H^H^Husiness.
Let's start with false advertising. The claim of "making the Internet more fun" is highly subjective, and I haven't been able to have any more fun with a PIII than any other Intel chip I've had in the past two years. In fact, my Athlon 500 (are there any distros that *do* work with Athlon/FIC SD-11 mobo?) is indirectly making the Internet much more fun -- I can apply the cost savings over a P3-550 towards DSL!
Anticompetitiveness. We've been hearing about Gateway using Athlons (after backing out just before the release) for about a week, and this article [theregister.co.uk] at The Register [theregister.co.uk] is the most telling so far. Sounds like the kids from Santa Clara are going yet another step farther than the gang in Redmond.
People complain about Microsoft's "monopoly power", but Intel doesn't have a foot to stand on compared to them...
Not good. Expect to see US and Euro versions. (Score:2)
North American ignorance? (Score:2)
The North American public seems to be more relaxed about the invasion of privacy issues. Accidentally (?) this is the continent, where the public does not seem to be bothered that the general grocery stores carry about 60% of goods which are genetically modified, and not even labelled. Some scientists call this the experiment on the largest scale in human history - with unforseenable threats to a huge segment of population. Companies, like Monsanto even seem to manage to reverse a fundamental principle: previously producers of new products had to prove that it will not cause harm for customers.
These days these 'new economy' companies want to put the burden of proof to govertment regulation agencies. They think that the product should be able to be marketed - untill someone proves that it's harmful.
In Europe there was a real riot about GMO-s (genetically modified organism), led by customers, who refused to buy these products, forcing new labelling, etc. As a result, European countries have higher standards to protect their health and safety than Americans and Canadians.
Mind you, they had the mad cow desease experience, which hit home very closely.
If Europeans gets pissed off about privacy concerns by the P-III, Intel had better watch out. Again, Europe is a place, where these issues can be really heated: there are deeply rooted memories there about all kind of dictatorial political systems there.
Can you imagine if Hitler or the communist dictators could have had the power of collecting, processing information the way it is possible today?
Re:This is fascinating! (Score:2)
I know the EU is very strict on privacy, but what exactly is it about the PIII that is so clearly illegal? Is it illegal to put a serial number on your products in Europe?
Of course, the point of the PIII serial number is that it can be transmitted to other computers for identification purposes, but that's not something that the chip does, that's the software -- software which, incidentally, doesn't exist yet, and may very well never exist.
This isn't a flame... I'm assuming you must have some reason for saying the PIII serial number violates the law, and I'd just like to hear it.
this is Austrian and non-official. (Score:2)
The EU moves very slowly anyway, and the P-III is already selling here.
The German governments (as opposed to the Austrians) have always accepted Echelon in the past. While this *could* change, it has not done so yet.
Re:Why does it matter? (PIII serial number) (Score:2)
The ID number would just be a piece of the puzzle. Assuming they have no other evidence, and never find any other evidence, then you're correct--they'll probably never find you since you bought leg extensions, dyed your hair, and learned how to speak with a phony accent prior to purchasing the processor.
As far the part about the intelligence of law enforcement... I do agree that most law enforcement people are not as smart as those that work for "the Smoking man" (ie: Chris Carter.) However, the FBI, CIA, NSA, governments, and corporations most assuredly do have people that smart with more resources and tricks up their sleeves than you would imagine.
If you are a typical nerd, destined to make a good clean legal living, and don't engage in political discussions against an oppressive government, etc then it doesn't matter to you.
However, if you are doing something, for good or evil, writing or sneaking information out of the country, or anything that could potentially hurt a powerful organization then that ID number becomes a serious worry.
Suppose a large organization is trying to silence someone that is leaking information to the public regarding wrong-doings. They're starting to take some heat because the guy, still anonymous, has been right on the money too many times for it to be coincidence. They've narrowed the number down to about 50 people on the planet that could have possibly leaked the information. Then boom, one day they get a lucky break, an a processor ID. They track to processor to it's last recorded location, which happens to be a retail outlet less than 3 hours away from one of the 50 suspects--and the other 49 suspects don't even live in the country where the processor was bought. This is what I mean by "a piece of the puzzle." It's not as bad as installing a GPS transmitter in each processor, but it still adds one more security hole in the whole process of maintaining anonymity.
Or maybe I've read too much fiction and watched too much X-files. Maybe there really are no good people fighting evil under the cover of anonymity. Maybe all the good guys already work for our governments, and it's only the bad guys that need anonymity.
--numb
Re:FUD (Score:2)
Re:If this bothers you... (Score:2)
http://slashdot.org/articles/99/02/23/106231_F.
Re:Privacy laws ... (Score:2)
The Council has no official connection to the Union as the Council has far greater number of members (inc. Russia) and is strictly an intergovernmential organisation.
However, the EU has quite officially recognized aforementioned Convention to form a binding standard to the the EU legistlation. Furthermore, EU has based on the Convention started to form its own charter of fundamental rights to be included to the Union treaties (those are the ones unanimously agreed by members in European Councils
Committees
Btw, I also think, that us Euros value privacy highly. However I hope that this isn't just a publicity stunt that has been designed to increase to the pile of disagreements between the US and EU, amount of which has increased as EU has gained in intergration and influence. But if the cause is real, I applaud..
Below is a link to the full text of the Convention and the privacy clause:
CONVENTION FOR THE PROTECTION OF HUMAN RIGHTS AND FUNDAMENTAL FREEDOMS [www.coe.fr]
Article 8 footnote 1 - Right to respect for private and family life
1 Everyone has the right to respect for his private and family life, his home and his correspondence.
2 There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.
trading freedom 4 security & privacy 4 convinience (Score:2)
It is even more irritating to swap out a bad CPU (or upgrade to a faster one, or add a second one on an MP board), and have all of your licenses suddenly become invalid. When you lose a hard drive there is no way (short of RAID) to avoid reinstalling some software, but when all you want to do is swap out a CPU it really shouldn't become necessary to do so simply for licensing purposes. Reinstalling a serialized program over an existing, original installation may or may not work anyway, depending on what has been left lying around in various subdirectories, the registry, etc. It is far, far easier to look up and type in a serial number (usually printed on the CD case or documentation title-page) than to try and retroactively undo and redo whatever licensing shinnanigans the software has done behind your back.
If looking up serial numbers is too much work, use StarOffice or Excel and make a spreadsheet, print the think out, and tape it up next to your monitor. My God man, you have a computer to help make these kinds of tasks easier. Use it. Don't give up what little remaining privacy and anonymouty you have just for a little convinience.
It was once said (I don't recall the attribution) that those who give up their freedoms in exchange for security wind up being neither free nor secure. Even at their most cynical our forfathers never dreamed we'd be giving up the liberties they worked so hard to achieve, all for just for a little convinience.
Re:Ireland is part of the EU (Score:2)
Nick
PS Note for pedants: when Ireland gained independence the six predominantly protestant counties in the north remained part of the UK. The geographical entity known as Ireland consists of a sovereign country known as the Republic Of Ireland, and a province of the UK known as Northern Ireland.
Re:conflicts on the horizon (Score:2)
Speeding tickets are now sent automatically - the police cameras have built-in RADAR to detect your speed, the software does OCR on the licence plate to identify the owner, who is then cross-referenced in the police databases to see where they live. The ticket is then electronically printed and mailed. No appeals are possible, as there is nobody to defend against.
Re:This is fascinating! (Score:2)
The Pentium III is designed with the purpose of exporting personal infomation. It's irrelevent, for the purpose of European Law that the software doesn't exist, it's the fact that it CAN export personal information, with no controls.
Re:It isn't the numbers, it is the REASON they exi (Score:2)
In light of recent comments by Sun's CEO ("you don't have any privacy, get over it.") yes, one should worry about it. The fact that no one does is an entirely different issue than whether or not one should. FWIW I think Sun probably bears even closer watching than the NSA, but I wouldn't consider either one to be particularly strong advocates of individual rights, particularly when it comes to privacy.
Re:This is fascinating! (Score:2)
You obviously don't understand CREDIT. (Score:2)
No. (Score:2)
Europe is not doing "just fine". Those countries which enforce such stringent credit reporting laws, are, invariably, much harder to obtain credit in (relative to the US). The truely prosperous EU countries do not have such laws.
Re:Someone is smiling... (Score:2)
Re:This is fascinating! (Score:2)
There is nothing to explain. (Score:2)
Think about it this way, who would you lend credit to:
a) Joe Schmoe who earns 20 dollars an hour, but has never held a job longer than 6months. Period.
b) Joe Schmoe who holds the same job, with a long history of prompt credit repayments.
Obviously, you would choose B, information is key. Those who are superficially (e.g., job, education, looks, dress, etc) closer to the fringes are FAR more likely to be turned down in such a system, or charged far higher interest rates. Bankers are risk averse, particularly given much of EU's relatively weak economy. This have been demonstrated and charted numerous times.
Citibank makes a significant amount of money in Europe (mostly in the truely prosperous countries, not Belgium (et. al)), but nothing compared to the credit generated profits from Americans, proportionately speaking. My "theory " holds plenty of water, and is a well known fact amongst anyone who really knows banking. Yes, the American credit bureaus could be improved in regards to its approach to the individual; some without significant cost; many, though, are not without substancial economic costs.
There is nothing to explain. (Score:2)
Think about it this way, who would you extend credit to:
a) Joe Schmoe who earns 20 dollars an hour, but has never held a job longer than 6months. Period.
b) Joe Schmoe who holds the same job, with a long history of prompt credit repayments...
Obviously, you would choose B, information is key. Those who are superficially (e.g., job, education, looks, dress, etc) closer to the fringes are FAR more likely to be turned down in such a system, or charged far higher interest rates. Bankers are risk averse, particularly given much of EU's relatively weak economy. This have been demonstrated and charted numerous times.
Citibank makes a significant amount of money in Europe (mostly in the truely prosperous countries, not Belgium (et. al)), but nothing compared to the credit generated profits from Americans, proportionately speaking. My "theory " holds plenty of water, and is a well known fact amongst anyone who really knows banking. Yes, the American credit bureaus could be improved in regards to its approach to the individual; some without significant cost; many, though, are not without substancial economic costs.
How many times must it be said? (Score:2)
You are taking credit for granted. Credit bureaus perform a valid and important function (as I've explained elsewhere in this thread).
They should embargo Microsoft Word, too. (Score:2)
Seems to me that, to be consistent, they should also embargo word processing software (such as Microsoft Word) that stelthily embeds CPU addresses, software serial numbers, MAC addresses, and other such identification in its output files.
Oh gosh! How will you KNOW if the software does this? I guess you'll just have to READ THE SOURCE, won't you. B-)
(Semi OT) Re:hmmm.... Interesting (Score:2)
As a Canadian, I value the good will of the US military in protecting Canada (after some of the military exposures here) over our own military.. But I don't thnk the dew line was much of a deterent to the Russians (who were just paranoid about
---
K6-2 (Score:2)
I don't have any info on K7/Athawhatever. But I thought I'd pass on this info about the K6-2, so the truly paranoid would have an extra datapoint.
(Of course the really truly utterly paranoid won't trust me, or my unnamed source, either. B-) )
Re:This is fascinating! (Score:2)
Re:Someone is smiling... (Score:2)
Re:Knob (Score:2)
Well, a piece of software can certainly generate a 128 bit number. Uniqueness, on the other hand, is tricky. Most software that wants to do this (e.g. mailers, news clients, etc) will generate a pseudo-unique string/number by catenating lots of non-unique information, thus reducing the likelyhood of a collision. There is no standard way that everyone does this, and most software has no need to. One excellent example is Web browsers. The only time that, say, Netscape generates a pseudo-unique ID is when it wants to send mail or news. If the P3 becomes common, though, won't people like Netscape and Microsoft be tempted to offer Web site developers a "standard" way to identify customers? This is the concern. Not that having an ID causes your heart to explode in your chest, but that software companies, having an easy way to identify you, will. This sort of behavior has many precidents, so it's not very hard to believe that it would happen. MS and Prodigy are two classic offenders, but there were many others that were not so well publicized. Once this sort of tracking becomes common, anyone snooping on the traffic (oh look, it comes back to the NSA) would be able to start identifying the source of a session, even though dynamic IP addresses and moving a laptop around might mask every other way of identifying the user.... Now, what you have to ask yourself is if this will only be used for "good". Will the organizations that read your mail avoid using it for business advantage, military knowledge (if you think that's impossible from unclassified communications, ask around about what the collage project was), etc? This is all already possible, but the unique ID, coupled with some unfortunate tendancies in the software industry will make it that much easier, and this is, apparently, not where the EU wants to go today.
Re:Lead paint is nice (Score:2)
"Use of this paint may cause insanity, sickness and death"
People still smoke, don't they?
- Michael T. Babcock <homepage [linuxsupportline.com]>
Re:Boundaries of Privacy (Score:2)
Not me, I don't give my SSN to anyone when it is not necessary to benefit me. My employer, my bank, and my college have it. I don't give it to anyone else. Just FYI in many places here in the US it is not illegal to give false information as long as there is no fraudulent intent.
>>I could get really petty here by pointing out that it's been around a lot longer, had more ups and downs as a continent and had plenty of opportunity to learn from it's mistakes, unlike your own, however that wouldn't add to the debate so I won't.
I could get just as petty and tell you how we learn from YOUR mistakes and don't have to make them on our own, but I won't.
>>Reduced public perception of danger level and therefore personal protective measures required.
You seem to regard people taking their personal safety obligations on for themselves as a bad thing. I don't. The police can't be everywhere at once, if you want your family to be safe you have to insure it yourself.
LK
Re:(Semi OT) Re:hmmm.... Interesting (Score:2)
push every 100 years or so, would you not get "friendlies" around you? The US certainly made the countries west of Germany friendly with the NATO pact. The problem with pointing fingers, as you have done, is that it leads to problems. People will only build up a military if they feel they can't trust their neighbours. Canada and the US seem to not be afraid of each other (see the free, open border), whereas Pakistan and India are developing Nuclear Weapons to use in case "the other side" strikes first ("they may strike first, but we will WIN and make them PAY"). It's juivinile (sp) to always seek revenge, it only leads to more bloodshed.
Note: Now this thread is really OT
---
Lie: it is the REASON they exist (Score:2)
It's the compiler doing so. The same as with any other serial.
A pentium processor takes a 32 bit word, processes it, and writes it to memory. Fetch, decode, write. That's it!
----------------------------------------------