![]() ![]() It’s just too easy to hack the software that queries the hardware. Because Intel didn’t bother creating a secure way to query the ID, it will be easy to break the security.Īs a cryptographer, I cannot design a secure system to validate identification, enforce copy protection, or secure e-commerce using a processor ID. Likewise, if a piece of software queries its processor’s ID, it has no way of knowing whether the number it gets back is the real ID or whether a patch in the operating system trapped the call and responded with a fake ID. If a remote Web site queries a processor ID, it has no way of knowing whether the number it gets back is a real ID or a forged ID. Yes, the processor number is unique and cannot be changed, but the software that queries the processor is not trusted. The same problem exists with the Intel scheme. This system is only secure if you trust what the person says. They had to ask the person for his ID number, and then accept whatever number the person responded with. Now imagine that the merchants were not allowed to examine the card. Such a system works, provided that the merchant, doctor, or whoever can examine the card and verify that it hasn’t been forged. A person would have to show this card in order to engage in commerce, get medical care, whatever. To see the problem, consider this analogy: Imagine that every person was issued a unique identification number on a national ID card. Unfortunately, it doesn’t do any of these things. Intel said that this ID number will help facilitate e-commerce, prevent fraud and promote digital content protection. announced that its new processor chips would come equipped with ID numbers, a unique serial number burned into the chip during manufacture.
0 Comments
Leave a Reply. |