Förderverein Informationstechnik und Gesellschaft

CN: Follow-up Report on Hidden Perils in Pentium III and W

2 July 1999. Thanks to John Gilmore.

From: Guangming Daily newspaper, Wednesday, June 30, 1999

Translation by (and thanks to): Anonymous

Ministry of Information Industry (MII) Advises Government Agencies on Prudent Use of PIII

Follow-up Report on Hidden Perils in Pentium III and Win98

by Our Staff Reporter Yang Gu

Our report on the hidden security perils in Pentium III of Intel and Win98 of Microsoft has evoked strong reaction from all sides. The leaders of the information centers of a number of Ministries and Commissions have written to MII, in the hope of getting its advice and guidance. Heads of competent departments of MII have convened emergency meetings of domestic PC manufacturers and information centers of some Ministries and Commissions, at which they listened to opinions aired by all sides and discussed relevant policies and measures. Upon widely soliciting views and getting extensive information, MII will prepare a report on enhancing security management for electronic information products.

Administration: PIII sold to government agencies cannot be connected directly to Internet

In an interview with our staff reporter, the head of the competent departments of MII said that as the administration, we strongly believe that national interests are of overarching importance. We must first of all be responsible for the security of the information systems of government agencies at all levels, and place high emphasis on the security dimensions of all kinds of electronic information products (including hardware and software) and the system itself. We have conducted serious research and thus acquired a thorough knowledge of hidden security perils in PIII chips, Win98 as well as servers produced by different companies. We have also learnt about the response of the media and American end users toward Processor Serial Number (PSN) of PIII, including the fact that the U.S. Government is yet to use PIII on a massive scale. We are of the view that domestic PC manufacturers must turn off PSN, that such products sold in China must pass the necessary testing and that PIII machines sold to government agencies should not be directly connected to Internet. Government agencies at all levels, including those in such critical sectors as telecommunications, banking, finance and taxation, and the military must first and foremost turn off PSN when they buy PIII machines. Even then, computers of this nature should only be used either in a stand-alone way or on Intranet, and must never be used for direct Internet connection with the OA network of government agencies.