The end of Internet privacy?
Michael Silence writes today about the end of Internet privacy, as we know it. The Internet is not private today but a new chip being designed will remove what remaining privacy exists. Your ISP knows who you are and if you violate the Patriot Act the Government will knock on your door.
But when you are blogging only the blog owner knows your IP address. If you are behind an AOL Proxy Server or use Anonymizer no one will know who you are from day to day.
So these new chips will mean the end of Internet blogger sock puppets. People will see your unique identifier. Buying a new network card or cable modem can change Mac addresses but the ID in these new chips will be difficult to defeat. While there may be a few benefits like the end of sock puppets in blogging the end result is a very bad idea for privacy and liberty.
So what can you do if you don’t like this idea? Just keep your old computer for Internet use. The value of used computers just went up.
December 15th, 2005 at 2:02 pm
Bleh… there’s plenty of ways around those things.
It’s impossible to put a device entirely in control of the end user and expect everything to work the way YOU want it to. He who posesses the device makes that call.
December 15th, 2005 at 2:15 pm
Well, you can turn off the existing CPU identifier on some Pentium chips. How can this new ID be defeated.? A software hack is all I can think of.
That will be beyond the ability of the average person. I doubt that the manufacturers would allow a “shrink wrap” software product to be on the market to defeat the ID chip. When you purchase the new computer there will be some legalize that you will not tamper with the ID.
What ways are there to get around these types of chips other than software?
December 15th, 2005 at 2:42 pm
I would think this would be vulnerable to a man-in-the-middle attack. A router or some other device could change the IDs in the data packets. Of course, that won’t work if the data is encrypted. But encryption schemes can be broken, so that’s not foolproof.
Additionally, someone may produce modchips to get around this. Those have already been used to get around copyright protection on XBoxes and PS2s.
December 15th, 2005 at 2:46 pm
Nothing wrong with a software hack, try Linux. The basic philosopy is that you own the machine, so you ought to be able to control it. If the unique identifier is buied deep in the CPU, it’s not likely a hardware hack will be able to do anything.
December 15th, 2005 at 3:05 pm
Or do what I do and blog from a state computer 😉
December 15th, 2005 at 3:40 pm
Or do what I do and blog from a state computer
Heh
December 15th, 2005 at 3:55 pm
Can’t I just ssh into a computer somewhere off in oblivion and then use its ip to do my sock pupettry?
December 15th, 2005 at 4:27 pm
Within a year of this, Windows will have a feature to block or spoof the ID. If not, third-party software will do it for people.
And _nobody_ who uses Linux will broadcast that number. If it’s not necessary for routing, it can be faked.
December 15th, 2005 at 4:41 pm
Can’t I just ssh into a computer somewhere off in oblivion and then use its ip to do my sock pupettry?
Doing so only masks the IP address. This unique ID would still be transmitted.
This is bad stuff. The easiest thing to do is keep one of your old computers instead of giving it away. Or learn Linux. I think the concern over databases that could show what sites you frequent has merit. There are laws to keep people from going to the video store and learning what videos you have rented.
If you think Spyware is bad now you have no idea what the future would be with this ID.
This Wild West Internet has it’s flaws but it is the great invention of this time. Keep it free and secure.
December 15th, 2005 at 4:44 pm
There is a lot in that article where the examples are useless.
Having your “TPM” tied to your bank account number, for example, is dangerous and stupid. PC’s fail and many PC’s are used by multiple people. That is a niche usage – at best.
As a previous commenter mentioned, the software drivers would need to be written to share or hide this ID. If a person who can write a driver wants to write one that doesn’t send the TPM of the PC, it will get written. Even if Congress writes a law that makes that illegal, the driver will still get written and still get used.
Network communications occur in “layers”. The lowest is the device driver. Even if the higher protocols (for example connecting to the Internet) required a TPM, hackers could (and would) modify the driver to return a bogus value. For example, have you ever installed a game on your PC that *required* the CD to be in the PC for the game to run? Well, in order to get rid of that annoyance, there are many people who will figure out the copy protection of the game and release a “patch” to the game that disables the CD check. These patches or files are readily available on many sites. I am *certain* that if the TPM ID became a problem, these hackers would spend a little of their time reverse engineering the device driver for whatever piece of code that spewed the TPM ID and disable it.
It is not cost-feasible on a computer to lock it down to the point where drivers cannot be modified.
And to give you an example of how far these hackers will go, you can download an entire replacement OS for an XBox.
TPM may become handy for inventory control of corporate PC installations. It may become a headache if you hate being positively ID’d. But if you are willing to learn how to machine your own AR15 parts, I’m confident you can find the programs to keep your identity hidden.
December 15th, 2005 at 5:01 pm
It may become a headache if you hate being positively ID’d. But if you are willing to learn how to machine your own AR15 parts, I’m confident you can find the programs to keep your identity hidden.
I am not worried about myself. I will find a way around it. The way I see it is if my neighbor loses some freedom then I lose some freedom. The average person will not be able to bypass this.
There are many other methods of inventory control that do not cost individual freedom. For example, if this was restricted to Netbios only in an Intranet and could not route beyond the router to the Internet the problem is solved. I don’t think the reason for this is inventory control. It will be interesting to see how this fisks out.
December 16th, 2005 at 1:37 am
Okay, I’m pretty much a card carrying member of the Tin Foil Hat Brigade and I admit that.
This doesn’t worry me, at least not yet.
Okay, so let’s presume that you’ve got a chip in your computer that can ID you. Further, let’s presume that you cannot prevent your local computer from “faking” that ID number, which is a pretty big pipe dream idea to start with. It’s never worked and there’s zero credibility to the idea in the tech world.
So… how does somebody “read” that number? How does that number get trasmitted along with your regular internet traffic?
It doesn’t. Network communications are a VERY fragile thing. You can’t just sneak extra data into packets without something breaking at the IP layer. Hell even IF your compuer is broadcasting nonsense IP packets they could be dropped by any number of routers in the process if they don’t make sense.
You can take it a step higher, and try and put it in the TCP layer – you still have the same problem! There isn’t room! Anything that doesn’t make sense will get dropped, or mangled, or jus zeroed out by routers.
Go ahead and toss it all the way up into the HTTP layer. Now you’ve got to have complicity with the hardware guys, the Operating System makers, the web browser makers, and every web serving software out there in order to get this to disk.
Oh, and every proxy vendor out there.
So, for this to work 100% of the time we have to have perfect hardware and device drivers that will NEVER give false data, which is impossible. We then have to subvert every web browser out there, even the open source ones, which isn’t possible. We then have to subvert every proxy server out there, even the open source ones, which also isn’t possible. We then have to subvert the webserving software so that it actually records the transmitted data and stores it to disk, even the open source stuff, which isn’t possible. Then we actually have to convince people that run webservers that recording said data is a “good idea” and have them give up disk space for the logging.
So, if the government gets their hands into Microsoft Windows, Mac OS X, Linux, Apache, Squid, Firefox/Mozilla, Internet Explorer, Safari, IIS, and Opera we might have a problem.
I wouldn’t worry… and I’m the type that worries about this type of stuff plenty.
December 16th, 2005 at 12:09 pm
Schneier spoke on this chip back in august.
http://www.schneier.com/blog/archives/2005/08/trusted_computi.html
He discusses security rather than anonymity. Though privacy is a concern with the original document proposing the standard.
It’s all based on work by the Trusted Computing Group. Here is an interesting bit from Schneier that discusses control of the technology. Check out the sections on controlability, privacy and security.
Quote————————-
In May, the Trusted Computing Group published a best practices document: “Design, Implementation, and Usage Principles for TPM-Based Platforms.” Written for users and implementers of TCG technology, the document tries to draw a line between good uses and bad uses of this technology.
The principles that TCG believes underlie the effective, useful, and acceptable design, implementation, and use of TCG technologies are the following:
* Security: TCG-enabled components should achieve controlled access to designated critical secured data and should reliably measure and report the system’s security properties. The reporting mechanism should be fully under the owner’s control.
* Privacy: TCG-enabled components should be designed and implemented with privacy in mind and adhere to the letter and spirit of all relevant guidelines, laws, and regulations. This includes, but is not limited to, the OECD Guidelines, the Fair Information Practices, and the European Union Data Protection Directive (95/46/EC).
* Interoperability: Implementations and deployments of TCG specifications should facilitate interoperability. Furthermore, implementations and deployments of TCG specifications should not introduce any new interoperability obstacles that are not for the purpose of security.
* Portability of data: Deployment should support established principles and practices of data ownership.
* Controllability: Each owner should have effective choice and control over the use and operation of the TCG-enabled capabilities that belong to them; their participation must be opt-in. Subsequently, any user should be able to reliably disable the TCG functionality in a way that does not violate the owner’s policy.
* Ease-of-use: The nontechnical user should find the TCG-enabled capabilities comprehensible and usable.
End Quote————————-
December 16th, 2005 at 12:49 pm
Does the new TCP/IP standard have provisions for this new ID? Anyone know when the new TCP/IP standard will go into effect?