End user rights and privacy
SiidTech is committed to preserving individual freedom and privacy
SiidTech is here to help you serve your end users, the individuals who buy your products and use your services. Most people are rightly concerned about their personal electronics being abused to invade their privacy and restrict their freedom. Serving customers does not mean controlling them, or spying on them. SiidTech will help you protect the freedom and privacy of your customers.
When SiidTech was founded, the big news was Intel's "serial numbers on chips." While the news media got the story wrong, and the "cure" actually made things worse, we want to protect you (and us) from making the mistakes that got Intel in trouble. The best way to do so is to make ICID accessable only to the processes that need it.
Die Trace Privacy
SiidTech ICID used for die trace should only be accessable when the components are desoldered from the board, and never accessable from within an assembled consumer product. For example, a test mode can be enabled by the RESET pin, so that ICID and mission mode operation are mutually exclusive. Or the ID can be accessable from a JTAG IEEE 1149.1 scan chain, but only if the board scan chain is inaccessable in the complete product. There are many clever ways to keep the ICID private, and SiidTech can help you evaluate your many options.
ICID is licensed for system identification only when this is an essential and consumer-desired feature of a product. End users must always be aware that the identification system is there, even if the actual ID is protected.
Examples of identification systems include personal verification tokens, or personal goods tracking. Again, access should be restricted as much as possible; an ID token such as an electronic door key must not be readable by anything but specific and authorized door locks.
If you want to build a system to spy on unwilling subjects, such as systems can track employees around a workplace, please consider other options besides ICID. We don't want our technology used for spying.
Cryptographic keys can be a powerful tool to protect individual privacy, and we are proud that our Generation 4 ICID cells can be used to build cryptographic keys that can protect individual communication and personal transactions.
But cryptographic keys can be abused in many ways. For example, they can be used to prevent a user from making full use of the devices and media they have purchased. Businesses that depend on controlling and restricting their customers need a better business plan. ICID is not available for such freedom-destroying uses.
Even the best-intentioned individual-oriented cryptographic systems can be dangerous if they have design flaws. A user can place too much trust in a "secure" system that isn't, and expose secret data without knowing it. We strongly encourage our customers to work with reputable and experienced cryptographic experts to make sure that the system is well analyzed and uses the best known practices.
As exciting as a new idea for a cryptographic design may be,
please keep in mind that most new cryptographic systems, even
those designed by seasoned experts, are found to have subtle
and exploitable flaws.
If that new system is frozen in silicon, as many ICID-based
systems will be, it will be almost impossible to repair.
Please have your new idea carefully analyzed by outside experts.
A little hired expertise now can save a lot of grief and expense later.
ICID is a valuable tool, but it can be abused. Please work with us to maximize the value and minimize the abuse.
© 2007 by SiidTech, Beaverton, Oregon, USA. Page last modified Fri Nov 30, 2007 20:00 webmaster