It's hilarious reading this 1999 article about the great blow we struck for freedom in getting the CPU serial number removed. Since then CPUs and the rest of our hardware have way more unique identifiable information embedded in the hardware. Not to mention dodgy random number generators and reprogrammable microcode enabling all sorts of hardware-level backdooring. But that's all low level, at the high level we all tolerate tracking HTTP cookies with a level of global surveillance Jeremy Bentham couldn't have dreamed of.
The idea our computers should not be uniquely identifiable has long since flown out the window.
What I don't understand is Intel's rationale for developing this feature in the first place, especially back in the dark ages when the current ideas about trusted software had not been developed (for instance, in the Windows environment, replacing a dll with one that passes-through all calls except the interesting one, which would simply return arbitrary data)
I always turned off this feature in the BIOS-setup of machines that gave the option.
The industry realised that pushing out the whole platform at once would cause intense opposition, and figured out that if they did it incrementally and convinced the users that it's "for your security", they could "boil the frog" while almost everyone remains blissfully ignorant. First code signing, then enforced code signing, secure boot and TPMs, now SGX, ...
In fact, mobile devices today are already more locked-down than PCs, and both their SoCs and recent Intel CPUs (due to remote management/antitheft) contain unique identifiers which are even harder to disable than the PIII's serial number, yet the majority of users are not aware; furthermore, because they are "security features", anyone thinking of disabling them gets accused of being a terrorist/hacker/thief/pirate/etc.
Meanwhile, the media producing a near-constant stream of news about hacks, leaks, and security bugs has made the population easier to convince in giving up freedom for security... it's immensely scary, and I'm not referring to the security issues; it's the long-term effects of the effort to eliminate them.
I want code signing, TPM, and secure boot. I just want it to be exclusively under my control. CPUID, this could be useful for business asset management.
Asset management was one of the use cases presented by Intel. But, unless you are Intel, you don't manage processors as assets. You manage computer chassis or blades. Processors are just one more component.
The real reason it was there was all about DRM. The idea was that software or media would be restricted to a particular device.
This also reminds me that NT4 before SP6 had a check that CPUID leaf 0 returned a maximum CPUID value less than 4, and leaf 3 was taken for the PSN. When Prescott arrived, Intel had to add a MSR to limit the returned value.
The idea our computers should not be uniquely identifiable has long since flown out the window.