Disclaimer: The contents of this
article are the opinions of the author, and 'EvilSoft' is not
meant to represent any actual existing company, but a
hypothetical business entity that would engage in such
anti-consumer practices as outlined below. Trademarks mentioned
in this article are the properties of their respective owners.
Tom has an excellent article discussing
Intel's new "Platform Security" initiative, with
comments from a data security expert - you can find a link to it
at the end of this article. While I think that all of the points
Tom and his security expert made are valid, I am afraid they
missed the obvious use of such a CPU serial number: Copy
Protection.
In the PC software world at one time
hardware dongles were common - they still are in low-volume,
high-priced niche applications (i.e. CAD, industrial control,
medical imaging, etc.), however hardware (and disk) based copy
protection has pretty much disappeared from the world of consumer
software.
Currently, when you install Microsoft (and
quite a few other) software products, you are prompted for a
unique "serial" number. If you get it wrong, the
software may not install (the numbers have a built-in
verification check, conceptually similar to "CRC" error
checking used to ensure the integrity of data packets).
With Intel's new CPU serial number, the
software could easily be locked to run only on that CPU!
Just consider the following scenario:
Joe Smith buys "SuperSoftware
2001", and starts to install it.
The installation program shows a
"Registration Number" (based on the CPU serial
number) that Joe must enter on a EvilSoft web page to get
his "License Code" (this could be an automatic
"wizard" that just requires an internet
connection, no need to type long numbers!)
'SuperSoftware 2001' will not run
until Joe enters his "License Code"