How to obtain serial number in linux
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Wed Jun 20 16:52:41 EDT 2007
Jim Gettys wrote:
> Serial number is/should be easily available; after all, it's printed on
> the machine.
This is a complete non-sequitur. Remember the bloody mess that was PSN?
http://www.cdt.org/privacy/issues/pentium3/
That a machine's SN# can be identified by opening its battery
compartment by absolutely no means implies the number should be
available to userspace applications.
While it is true that our recent kernels will expose the SN and UUID
information, they will do so only to a privileged and closely audited
security service that can broker the information for the user's benefit,
such as for backups and authentication to the OpenID identity provider.
In those cases, the data will follow the Bitfrost requirement of no
unencrypted authentication, meaning the security service will only use
the data to respond to a cryptographic challenge rather than send it
over the wire directly, and any such uses will be tightly-controlled and
whitelisted only after we determine that extensive assurances can be
provided of the user's privacy not being adversely affected.
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | GPG: 0x147C722D
More information about the Devel
mailing list