Sign in with
Sign up | Sign in
Your question

Intel about to make the same error as with processor ID?

Last response: in CPUs
Share
Anonymous
a b à CPUs
April 18, 2004 5:03:12 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

I just got this from German ARD teletext

567/0 ARD-Text 18.04.04 14:53:26

Multimedia / Internet
Intel-Chips mit eingebauter Sicherheit
Der Chip-Hersteller Intel hat jetzt die
n{chste Generation von Prozessoren fuer
Mobilgeraete vorgestellt, die fest inte-
grierte Sicherheitsvorkehrungen gegen
Hackerangriffe und auch Urheberrechts-
verletzungen besitzen.

Translation:
Intel chips with build in security.
The chip manufacturer Intel has now
announced its next generation processors for
mobile computers, that have fixed integrated
security measures against hacker attacks
and also copyright violations.

JP
April 18, 2004 5:03:13 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Sun, 18 Apr 2004 13:03:12 GMT, Jan Panteltje <pNaonStpealmtje@yahoo.com> wrote:

>I just got this from German ARD teletext
>
>567/0 ARD-Text 18.04.04 14:53:26
>
>Multimedia / Internet
>Intel-Chips mit eingebauter Sicherheit
>Der Chip-Hersteller Intel hat jetzt die
>n{chste Generation von Prozessoren fuer
>Mobilgeraete vorgestellt, die fest inte-
>grierte Sicherheitsvorkehrungen gegen
>Hackerangriffe und auch Urheberrechts-
>verletzungen besitzen.
>
>Translation:
>Intel chips with build in security.
>The chip manufacturer Intel has now
>announced its next generation processors for
>mobile computers, that have fixed integrated
>security measures against hacker attacks
>and also copyright violations.
>
>JP

Is the same as the code found in Itanium and AMD 64?
Anonymous
a b à CPUs
April 18, 2004 10:01:10 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Sun, 18 Apr 2004 13:03:12 GMT, Jan Panteltje
<pNaonStpealmtje@yahoo.com> wrote:
>Translation:
>Intel chips with build in security.
>The chip manufacturer Intel has now
>announced its next generation processors for
>mobile computers, that have fixed integrated
>security measures against hacker attacks
>and also copyright violations.

Intel has started including a Trusted Computing Group chip in their
newest chips. The first one that's available (the one I think this
article is talking about) is the new XScale (ARM) PXA27x. The TCG
chip is also expected to find it's way into both AMD and Intel desktop
processors in the near future.

There are some potential benefits to this, despite what all the
tin-foil crowd like to say, this TCG technology CAN be used to improve
the security of a system. In fact, that is a primary goal of it.
However it can also be used to implement "Digital Rights Management"
(more than a bit of a misnomer, as some poster on /. said recently
"rights do not need to be managed"), something that many people object
to. It could also be used, for example, to better enforce company
computer policies, another thing many people don't much like.

So, is this like the processor serial number? Not exactly. The TCG
technology has some potentially very useful technology while the
Processor Serial Number did not. On the flip side, there are some
potentially downsides to this TCG stuff, while the serial number was
pretty much pointless.

-------------
Tony Hill
hilla <underscore> 20 <at> yahoo <dot> ca
Related resources
April 19, 2004 1:40:33 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

Tony Hill wrote:


>
> So, is this like the processor serial number? Not exactly. The TCG
> technology has some potentially very useful technology while the
> Processor Serial Number did not. On the flip side, there are some
> potentially downsides to this TCG stuff, while the serial number was
> pretty much pointless.
>

I'd think if they eliminated buffer overruns in hardware, most security
issues would be solved, at least from where I'm at. Almost all the linux
security issues are caused by that and many of the windows ones as well or
so it seems from reading all the patches.

--

Stacey
Anonymous
a b à CPUs
April 19, 2004 7:00:32 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Sun, 18 Apr 2004 21:40:33 -0400, Stacey <fotocord@yahoo.com> wrote:
>Tony Hill wrote:
>> So, is this like the processor serial number? Not exactly. The TCG
>> technology has some potentially very useful technology while the
>> Processor Serial Number did not. On the flip side, there are some
>> potentially downsides to this TCG stuff, while the serial number was
>> pretty much pointless.
>
>I'd think if they eliminated buffer overruns in hardware, most security
>issues would be solved, at least from where I'm at. Almost all the linux
>security issues are caused by that and many of the windows ones as well or
>so it seems from reading all the patches.

It's not really possible to eliminate buffer overruns in hardware,
just to limit the amount of damage that can be caused when a buffer
overrun occurs. With the non-executable memory pages that AMD has in
their x86-64 chips a buffer overrun tends to just become a DoS attack
instead of a remote exploit. Definitely an improvement, but by no
means a surefire fix, and it is still possible (though somewhat
difficult) to get a remote exploit with a buffer overrun, even with
non-executable pages.

The Trusted Computing stuff takes this a step further, and in that
regards it should be a welcome addition. However it's the other stuff
that makes it seem rather.. umm.. frightening I suppose.

-------------
Tony Hill
hilla <underscore> 20 <at> yahoo <dot> ca
Anonymous
a b à CPUs
April 19, 2004 9:14:55 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On a sunny day (Sun, 18 Apr 2004 18:01:10 -0400) it happened Tony Hill
<hilla_nospam_20@yahoo.ca> wrote in
<aoq580pcj5tvqde7kd6ht8ji13n9ktoh3j@4ax.com>:

>So, is this like the processor serial number? Not exactly. The TCG
>technology has some potentially very useful technology while the
>Processor Serial Number did not. On the flip side, there are some
>potentially downsides to this TCG stuff, while the serial number was
>pretty much pointless.
But does it have some unique ID?
Not that give a .... my IP address and ethernet Hwaddr already uniquely
ID me.
But this I KNOW, in my view users should be informed if they are traced.
JP
Anonymous
a b à CPUs
April 19, 2004 9:41:44 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Sun, 18 Apr 2004 18:01:10 -0400, Tony Hill
<hilla_nospam_20@yahoo.ca> wrote:
>So, is this like the processor serial number? Not exactly. The TCG
>technology has some potentially very useful technology while the
>Processor Serial Number did not. On the flip side, there are some
>potentially downsides to this TCG stuff, while the serial number was
>pretty much pointless.

I think so far, in the hands of folks with power, the potential
downside seldom has the word "potential" after a while. The potential
usefulness often remains at potential.

--
L.Angel: I'm looking for web design work.
If you need basic to med complexity webpages at affordable rates, email me :) 
Standard HTML, SHTML, MySQL + PHP or ASP, Javascript.
If you really want, FrontPage & DreamWeaver too.
But keep in mind you pay extra bandwidth for their bloated code
Anonymous
a b à CPUs
April 20, 2004 12:50:33 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

Stacey <fotocord@yahoo.com> wrote:
> Tony Hill wrote:
>
>
> >
> > So, is this like the processor serial number? Not exactly. The TCG
> > technology has some potentially very useful technology while the
> > Processor Serial Number did not. On the flip side, there are some
> > potentially downsides to this TCG stuff, while the serial number was
> > pretty much pointless.
> >
>
> I'd think if they eliminated buffer overruns in hardware, most security
> issues would be solved, at least from where I'm at. Almost all the linux
> security issues are caused by that and many of the windows ones as well or
> so it seems from reading all the patches.
>

I thought most windows issues were caused by outlook and window's
bad habit of executing carefully crafted email attachments. Things
like mypictures.jpg.exe, or one of the newer ones, something.jpg<bunch
of spaces>.exe. MS seems to be trying to fix their poor design
decisions by yet more hardware.

The linux security issues do seem to be mainly buffer overflows,
although an occasional kernel security issue does creep in.

--
a n
gapeters @ t . e
t t
Anonymous
a b à CPUs
April 20, 2004 1:04:28 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

Stacey <fotocord@yahoo.com> wrote:
> I'd think if they eliminated buffer overruns in hardware, most security
> issues would be solved, at least from where I'm at. Almost all the linux
> security issues are caused by that and many of the windows ones as well or
> so it seems from reading all the patches.

So long as variable length data (usually local char arrays)
are stored (on the stack, usually) where they can walk over
return addresses, then buffer over-runs will exist with severe
security consequences.

The currently discussed "hardware protection" is nothing more
than making the stack-space non-executable. That will stop
those attacks which bring in executable code. But not those
which simply bring in data, and alter the return address to
a suitable fragment in the original, unaltered executable
(exec `/bin/sh`)

-- Robert
Anonymous
a b à CPUs
April 20, 2004 7:59:05 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Mon, 19 Apr 2004 17:14:55 GMT, Jan Panteltje
<pNaonStpealmtje@yahoo.com> wrote:
>On a sunny day (Sun, 18 Apr 2004 18:01:10 -0400) it happened Tony Hill
><hilla_nospam_20@yahoo.ca> wrote in
><aoq580pcj5tvqde7kd6ht8ji13n9ktoh3j@4ax.com>:
>
>>So, is this like the processor serial number? Not exactly. The TCG
>>technology has some potentially very useful technology while the
>>Processor Serial Number did not. On the flip side, there are some
>>potentially downsides to this TCG stuff, while the serial number was
>>pretty much pointless.
>But does it have some unique ID?

My understanding is that yes, you can uniquely identify a PC by it's
Trusted Computing Processor (or whatever the name of it is today).

>Not that give a .... my IP address and ethernet Hwaddr already uniquely
>ID me.
>But this I KNOW, in my view users should be informed if they are traced.

They should be, but aren't today. I don't think this Trusted
Computing stuff is really going to change things much here, as you
mentioned the ethernet MAC address is already unique as far as 99.9%
of all users are concerned (yes, it can be changed, but virtually no
one does change it). Similarly you can get a serial number from your
hard drive to uniquely identify a PC, or you can go the Microsoft
route and get a sort of hash of all the hardware in the system.

The TCG stuff works in almost the exact same way as all of this, it
just automates things a tiny bit more, ie the application just
executes one bit of code specifically designed to get this information
rather than pulling it out of a variety of sources.

Note that this doesn't mean that web sites can secretly spy on you
because of this. As long as your browser isn't COMPLETELY broken
(read: as long as you are not running Internet Explorer with it's
enormous multitude of security holes) it's not possible to execute
arbitrary code like this just by viewing a web page. However if you
install an app on your system it could well read the TCG number and
report back to the app writer.

-------------
Tony Hill
hilla <underscore> 20 <at> yahoo <dot> ca
Anonymous
a b à CPUs
April 20, 2004 6:30:57 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

"Tony Hill" <hilla_nospam_20@yahoo.ca> wrote in message
news:1ft6805u0mchvqbk69fkik41denbvgkm4v@4ax.com...
> It's not really possible to eliminate buffer overruns in hardware,
> just to limit the amount of damage that can be caused when a buffer
> overrun occurs. With the non-executable memory pages that AMD has in
> their x86-64 chips a buffer overrun tends to just become a DoS attack
> instead of a remote exploit. Definitely an improvement, but by no
> means a surefire fix, and it is still possible (though somewhat
> difficult) to get a remote exploit with a buffer overrun, even with
> non-executable pages.

I've said it before, and I'll say it again. If these OS designers had just
implemented the Intel segmentation mechanisms to separate out code from data
and the stack, this stuff would've never ever happened.

Yousuf Khan
Anonymous
a b à CPUs
April 20, 2004 11:42:04 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On a sunny day (Tue, 20 Apr 2004 03:59:05 -0400) it happened Tony Hill
<hilla_nospam_20@yahoo.ca> wrote in
<9pf980dqa002h641n6p8ffe17diqvmv8h5@4ax.com>:

>On Mon, 19 Apr 2004 17:14:55 GMT, Jan Panteltje
><pNaonStpealmtje@yahoo.com> wrote:
>>On a sunny day (Sun, 18 Apr 2004 18:01:10 -0400) it happened Tony Hill
>><hilla_nospam_20@yahoo.ca> wrote in
>><aoq580pcj5tvqde7kd6ht8ji13n9ktoh3j@4ax.com>:
>>
>>>So, is this like the processor serial number? Not exactly. The TCG
>>>technology has some potentially very useful technology while the
>>>Processor Serial Number did not. On the flip side, there are some
>>>potentially downsides to this TCG stuff, while the serial number was
>>>pretty much pointless.
>>But does it have some unique ID?
>
>My understanding is that yes, you can uniquely identify a PC by it's
>Trusted Computing Processor (or whatever the name of it is today).
>
>>Not that give a .... my IP address and ethernet Hwaddr already uniquely
>>ID me.
>>But this I KNOW, in my view users should be informed if they are traced.
>
>They should be, but aren't today. I don't think this Trusted
>Computing stuff is really going to change things much here, as you
>mentioned the ethernet MAC address is already unique as far as 99.9%
>of all users are concerned (yes, it can be changed, but virtually no
>one does change it). Similarly you can get a serial number from your
>hard drive to uniquely identify a PC, or you can go the Microsoft
>route and get a sort of hash of all the hardware in the system.
>
>The TCG stuff works in almost the exact same way as all of this, it
>just automates things a tiny bit more, ie the application just
>executes one bit of code specifically designed to get this information
>rather than pulling it out of a variety of sources.
>
>Note that this doesn't mean that web sites can secretly spy on you
>because of this. As long as your browser isn't COMPLETELY broken
>(read: as long as you are not running Internet Explorer with it's
>enormous multitude of security holes) it's not possible to execute
>arbitrary code like this just by viewing a web page. However if you
>install an app on your system it could well read the TCG number and
>report back to the app writer.
What really worries me about all this, is that your PC will possibly
become just a terminal to a MS authentication server (or the States
or whatever regulating authority), where they will be able to deny
even net-access if you do not run THEIR software and hardware.
OR, force you to upgrade.
Something like customer binding.. but then with a big lead ball on your
foot.
Absolutely these systems should NOT be part of a processor, and given a
choice I would buy from the competition.
Not only that, it is technically very possible to have some logic in
the mobo chipset that stores keyboard strokes, and sends these over the
net upon request to some NSA(for example) URL.
With only 2 processor manufacturers and just a few chipset makers, this
is a real danger.
It would become a real disaster if the system was hacked, as every bodies
secrets would be out.
We should really do whatever we can both technically and politically to
avoid such a system becoming a reality.
I do not want to give up my computing to some big corporation, MS, or a
state controlled by it.
I do not want to see Linux killed by it (and that included IBM too) by
having a system that lets only 'authenticated' PCs connect to the net.
the servers will of cause be the next target from that group, and once
they get their hands on the servers, or routers even, they can do what
they want.
IF laws need making, let us start giving food to the lawyers by having them
look at protection of free Internet traffic, independent of system, country,
OS, and everything else.
JP
Anonymous
a b à CPUs
April 21, 2004 1:10:20 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Tue, 20 Apr 2004 19:42:04 GMT, Jan Panteltje
<pNaonStpealmtje@yahoo.com> wrote:

>What really worries me about all this, is that your PC will possibly
>become just a terminal to a MS authentication server (or the States
>or whatever regulating authority), where they will be able to deny
>even net-access if you do not run THEIR software and hardware.

<snipped>

>having a system that lets only 'authenticated' PCs connect to the net.
>the servers will of cause be the next target from that group, and once
>they get their hands on the servers, or routers even, they can do what
>they want.

Oh yes, this is precisely the worry. Once a standardized system is in
place, with the mass market volume of x86 consumer system, it would be
an easy, logical next step for them to start implementing surveillance
and control systems into the internet structure.

From then on, forget about free speech and all that nonsense.

--
L.Angel: I'm looking for web design work.
If you need basic to med complexity webpages at affordable rates, email me :) 
Standard HTML, SHTML, MySQL + PHP or ASP, Javascript.
If you really want, FrontPage & DreamWeaver too.
But keep in mind you pay extra bandwidth for their bloated code
April 21, 2004 9:55:50 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote
:

> .... it
> would be an easy, logical next step for them to start implementing
> surveillance and control systems into the internet structure.

uhm .. carnivore :/ 


Pozdrawiam.
--
RusH //
http://pulse.pdi.net/~rush/qv30/
Like ninjas, true hackers are shrouded in secrecy and mystery.
You may never know -- UNTIL IT'S TOO LATE.
Anonymous
a b à CPUs
April 21, 2004 9:49:03 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Tue, 20 Apr 2004 19:42:04 GMT, Jan Panteltje
<pNaonStpealmtje@yahoo.com> wrote:
>On a sunny day (Tue, 20 Apr 2004 03:59:05 -0400) it happened Tony Hill
><hilla_nospam_20@yahoo.ca> wrote in
><9pf980dqa002h641n6p8ffe17diqvmv8h5@4ax.com>:
>>Note that this doesn't mean that web sites can secretly spy on you
>>because of this. As long as your browser isn't COMPLETELY broken
>>(read: as long as you are not running Internet Explorer with it's
>>enormous multitude of security holes) it's not possible to execute
>>arbitrary code like this just by viewing a web page. However if you
>>install an app on your system it could well read the TCG number and
>>report back to the app writer.
>What really worries me about all this, is that your PC will possibly
>become just a terminal to a MS authentication server (or the States
>or whatever regulating authority), where they will be able to deny
>even net-access if you do not run THEIR software and hardware.
>OR, force you to upgrade.

That is a VERY big jump from what the TCG group in implementing.
There is absolutely NO WAY for the current TCG stuff to ever do what
you're talking about, it would have to be a SIGNIFICANTLY different
technology. Now, will one thing lead to the other? Well that's
another question...

>Something like customer binding.. but then with a big lead ball on your
>foot.
>Absolutely these systems should NOT be part of a processor, and given a
>choice I would buy from the competition.
>Not only that, it is technically very possible to have some logic in
>the mobo chipset that stores keyboard strokes, and sends these over the
>net upon request to some NSA(for example) URL.

You do, of course, realize that this could happen right now with
spyware applications. Implementing it in hardware would still require
software support (drivers at least), ie you would need spyware
installed regardless of what hardware you had. If this has to be
supported in the operating system anyway, why would someone bother
with trying to stick this on hardware? It would be much easier and
cheaper just to do it all in software.

>With only 2 processor manufacturers and just a few chipset makers, this
>is a real danger.

A bigger danger is that there is only one main operating system
vendor. As mentioned above, you need the OS to do this regardless of
any hardware backend.

>I do not want to see Linux killed by it (and that included IBM too) by
>having a system that lets only 'authenticated' PCs connect to the net.

I somehow don't see this happening. It's not in anyone's interest
other than Microsoft to allow this, and while Microsoft has a lot of
power in the PC industry, they don't have THAT much power.
Particularly companies like IBM, HP, Dell, Intel and AMD would all
gang up against such a plan.

-------------
Tony Hill
hilla <underscore> 20 <at> yahoo <dot> ca
Anonymous
a b à CPUs
April 21, 2004 9:50:10 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Wed, 21 Apr 2004 05:55:50 +0000 (UTC), RusH <rush@pulse.pdi.net>
wrote:

>a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote
>> .... it
>> would be an easy, logical next step for them to start implementing
>> surveillance and control systems into the internet structure.
>
>uhm .. carnivore :/ 

Is that thing still around, are they really using it already?

--
L.Angel: I'm looking for web design work.
If you need basic to med complexity webpages at affordable rates, email me :) 
Standard HTML, SHTML, MySQL + PHP or ASP, Javascript.
If you really want, FrontPage & DreamWeaver too.
But keep in mind you pay extra bandwidth for their bloated code
April 21, 2004 10:54:07 PM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote :

> On Wed, 21 Apr 2004 05:55:50 +0000 (UTC), RusH <rush@pulse.pdi.net>
> wrote:
>
>>a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote
>>> .... it
>>> would be an easy, logical next step for them to start implementing
>>> surveillance and control systems into the internet structure.
>>
>>uhm .. carnivore :/ 
>
> Is that thing still around, are they really using it already?

http://stopcarnivore.org/

Pozdrawiam.
--
RusH //
http://pulse.pdi.net/~rush/qv30/
Like ninjas, true hackers are shrouded in secrecy and mystery.
You may never know -- UNTIL IT'S TOO LATE.
Anonymous
a b à CPUs
April 22, 2004 2:21:05 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On a sunny day (Wed, 21 Apr 2004 17:49:03 -0400) it happened Tony Hill
<hilla_nospam_20@yahoo.ca> wrote in
<q7pd801apg0k4j64913tj9vs3ldk3f3eqi@4ax.com>:

>You do, of course, realize that this could happen right now with
>spyware applications. Implementing it in hardware would still require
>software support (drivers at least),
You make some good points, and I hope you are right.
But implementing in hardware in the chipset would need no software or OS
or anything else at all, hardware buffer for the keystrokes, compare
incoming request in on board ethernet versus (encrypted likely) Hwaddr
send to (encryped) url, be done, OS would not know.
Sort of the ultimate backdoor, right there on the mobo :-)
If it can be done it will be done.
Maybe by a Dr Strangelove, or some group with power in the gov, like that
Homeland group...
If you were in their position, well I would press for it to be implemented.
Fun times as always.
JP
Anonymous
a b à CPUs
April 22, 2004 9:07:46 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Wed, 21 Apr 2004 22:21:05 GMT, Jan Panteltje <pNaonStpealmtje@yahoo.com>
wrote:

>On a sunny day (Wed, 21 Apr 2004 17:49:03 -0400) it happened Tony Hill
><hilla_nospam_20@yahoo.ca> wrote in
><q7pd801apg0k4j64913tj9vs3ldk3f3eqi@4ax.com>:
>
>>You do, of course, realize that this could happen right now with
>>spyware applications. Implementing it in hardware would still require
>>software support (drivers at least),
>You make some good points, and I hope you are right.
>But implementing in hardware in the chipset would need no software or OS
>or anything else at all, hardware buffer for the keystrokes, compare
>incoming request in on board ethernet versus (encrypted likely) Hwaddr
>send to (encryped) url, be done, OS would not know.
>Sort of the ultimate backdoor, right there on the mobo :-)
>If it can be done it will be done.
>Maybe by a Dr Strangelove, or some group with power in the gov, like that
>Homeland group...
>If you were in their position, well I would press for it to be implemented.
>Fun times as always.

Yep - I think the point is that "they" don't take all your rights away in
one fell swoop. Nibble by nibble and bit by bit... one day you "suddenly"
find out that you have been disenfranchised, but that last nibble was only
a little one.

Rgds, George Macdonald

"Just because they're paranoid doesn't mean you're not psychotic" - Who, me??
Anonymous
a b à CPUs
April 23, 2004 2:20:01 AM

Archived from groups: comp.sys.ibm.pc.hardware.chips (More info?)

On Wed, 21 Apr 2004 22:21:05 GMT, Jan Panteltje
<pNaonStpealmtje@yahoo.com> wrote:
>On a sunny day (Wed, 21 Apr 2004 17:49:03 -0400) it happened Tony Hill
><hilla_nospam_20@yahoo.ca> wrote in
><q7pd801apg0k4j64913tj9vs3ldk3f3eqi@4ax.com>:
>
>>You do, of course, realize that this could happen right now with
>>spyware applications. Implementing it in hardware would still require
>>software support (drivers at least),
>You make some good points, and I hope you are right.
>But implementing in hardware in the chipset would need no software or OS
>or anything else at all, hardware buffer for the keystrokes, compare
>incoming request in on board ethernet versus (encrypted likely) Hwaddr
>send to (encryped) url, be done, OS would not know.
>Sort of the ultimate backdoor, right there on the mobo :-)

You're talking about involving the firmware of a motherboard to
reprogram the motherboard chipset and NIC chip, all of which are made
by dozens of different companies. This would be damn near impossible
to get functioning outside of single test-cases (change any one of the
above and it all breaks) and would cause all sorts of random other
problems, all for something that would be TOTALLY rejected by
everyone, and they DO have a choice here?

>If it can be done it will be done.

If something it unwanted by the vast majority of people, can be
avoided VERY easily (by replacing any of the three components
mentioned above), is mostly out of the control of any one company or
country... all the while there is a MUCH easier solution that is
entirely implemented by ONE company (Microsoft)?

>Maybe by a Dr Strangelove, or some group with power in the gov, like that
>Homeland group...
>If you were in their position, well I would press for it to be implemented.

They can press all they want, but it's not going to do a like of good
to convince some Taiwanese motherboard makers to spend billions of
dollars implementing something that their customers are going to hate!

I think your fears here are rather misdirected. What we should be
worried about is the fact that Microsoft could do this all on their
own with NO trouble at all and it would be very difficult to detect
without a network sniffer. Hell, even a decent spyware app could be
sent out, possibly as a worm, by the DOBH (Dept. of Black Helicopters)
and 95%+ of users would never notice it.

-------------
Tony Hill
hilla <underscore> 20 <at> yahoo <dot> ca
!