Slashdot Mirror

WestTexasWaltz writes "According to a teardown analysis, Toshiba is losing $200 per unit, of its new HD DVD player, in order to gain some marketshare. Interesting that integrated circuits account for more of the cost than the drive itself. Also, this particular analyst concludes that Blu-ray and HD-DVD will "not be a repeat of VHS vs. Beta" and that a stalemate is the likely outcome."

burnin1965 writes "According to EE Times interest in embedded linux remains low. I was surprised to see their headline considering I just purchased a Sony TV which runs linux and I assisted my brother in setting up an Actiontec DSL modem which runs linux. A few years back I had only heard of devices that ran embedded linux and now that they are starting show up everywhere interest is low? The survey did bring up three issues which should be addressed by the embedded linux community, whether those issues are misconceptions or actual problems. 1) Incompatibility with software, applications, and drivers. 2) Performance or real time capability. And 3) support."

TheSync writes "EE Times is reporting that Toshiba is delaying introduction of HD DVD players in Japan because of the unavailability of Advanced Access Content System (AACS) DRM system licensing. The Register reports that Toshiba is still planning a late Q1 launch of HD DVD in the US." From the EET article: "Toshiba hoped to introduce HD DVD players by the end of 2005, ahead of Blu-ray Disc players, but decided in September to postpone the U.S. introduction until 2006. In July, IBM Corp., Intel Corp., Microsoft Corp., Matsushita Electric Industrial Co., Ltd., Sony Corp., Toshiba, Walt Disney Company and Warner Bro. Studio formed the AACS Licensing Administrator (AACS LA) to develop license AACS technology. AACS LA has completed its version 0.9 of the technology."

mygadgetbox writes "Defense Advanced Research Projects Agency (DARPA) will be giving a consortium led by the University of Delaware nearly $53 million in funding to more than double the efficiency of terrestrial solar cells within the next 50 months. DARPA wants the consortium to develop and produce 1,000 Very High Efficiency Solar Cell (VHESC) prototypes that are affordable and that operate at efficiencies of at least 50 percent. The goal is to create solar cells that operate at about 54 percent efficiency in the laboratory and 50 percent in production."

Proaxiom writes "This week the NSA announced the new US government standard for key agreement and digital signatures, called Suite B. Suite B uses Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key agreement, and Elliptic Curve Digital Signature Algorithm (ECDSA) for signature generation/verification. This shouldn't be too surprising given that the NSA licensed Certicom's EC patents for $25 million last year. ECMQV is patented by Certicom. ECDH and ECDSA appear to be generally unencumbered."

Verteiron writes "Despite all the (mostly incompatible) flash memory/card formats out there already, a consortium made up of several Taiwan-based manufacturers are preparing to unveil a new one at the upcoming CeBIT. The memory itself, called M-Flash, will form the backbone of the new M-Card format. According to C-One, a member of the M-Card group and the maker of Pretec brand flash devices, the M-Flash memory architecture is cheap to manufacture and allows for devices 2/3 the size of existing MMC products. The M-Card format uses the USB 2.0 I/O specification, but C-One claims it will transfer data at twice the speed of USB 2.0 while using about a third the power required by current devices. To encourage adoption of the new card format, it has been designed to be compatible with the existing SD/MMC format at reduced speeds. C-One also plans to make the currently proprietary format an open standard. Palm Blvd. and the EE Times (free reg. required) have articles with a few more details."

Roland Piquepaille writes "Happy 2035! Thirty years from now, we'll use bionic eyes giving us 'zoom vision' for faster reactions. Nanobots injected in our bloodstream will complement our immune system. Artificial muscles built with electroactive polymers will help us to be stronger and faster. So you think it's science fiction? Not at all. You'll see that some people are so convinced that this kind of human enhancements will happen that they predict than in a few decades, all sporting events 'will be split up to accommodate enhanced and unenhanced athletes.'"

envisionary writes "Hewlett-Packard Co. and Intel Corp. have ended their partnership to co-develop the Itanium 64-bit processor line, according to a report from Reuters. The move follows disappointing sales for servers based on the processor, according to the report. Intel and HP developed the processor about 10 years, but the chip has been a flop due to delays, cost overruns and lackluster demand."

LucidBeast writes "Consumer appliances requiring more computing power Sony, IBM and Toshiba started 2001 developing "Cell"-processor that comprises of multiple processor cores and should give performance ten times of conventional processors. Now the CNN Money reports that details of the processor will be released Feb. 6-10 at the International Solid State Circuits Conference in San Francisco. Also reported by EE Times. Rumors also tell that Sonys PS3 development platform has already been shipped to some developers equipped with the cell processor."

SysKoll writes "EETimes is running an interesting story about the future of the video codecs for HD DVDs. The Redmond Beast convinced both the Blu-ray Disc Association and the DVD Forum to adopt its WMV9 video codec over MPEG4 for the upcoming VC-1 standard that is mandated for high-definition video devices. That was a huge coup for MS. Now it turns out that Microsoft cheated and lied: its code is not as good as MPEG 4, the WMV9 reference implementation is not available, and the WMV9 test suite does not exercise all the features. The SMPTE might drop WMV9 after all. Apparently, a highly technical standard body is harder to snowjob than the usual clueless consumers."

fw3 writes "Information week is reporting that IBM and Intel are opening up the standards for the eServer BladeCenter. 'The companies will make available the design specifications for IBM's eServer BladeCenter product... hardware vendors can build "BladeCenter compatible" networking switches, blade adapter cards, and appliance and communications blades for enterprise networks.' Not really a new strategy for IBM, ISA of course was open from the start, IBM's technical references for the original PCs contained nearly all of the engineering data needed to build a PC. Looking further back I've been told by a reputable source that RCA was able to fully duplicate the System 360 System/360, mainframe working just a month behind IBM's own schedule by using IBM's published tech reports. (Of course IBM *didn't* share the details of OS/360, leaving RCA with a box but no OS.) See also stories from EETimes, CNN."

saccade.com writes "EE Times has a fascinating article on how electronics companies are being sucked into a profitless spiral by the cell phone market. More and more of the small consumer gadgets are being folded into the phone: camera, music player, PDA, GPS, etc. So the market for non-phone gadgets is slowly going away as the phone picks up more functions. However, consumers don't buy most phones; they are given away (or sold very cheap) by the service providers as hooks to get people to sign up for mobile service. So the service providers are demanding (and getting) rock-bottom prices for fancy phones they can give away, and the micro chip companies are forced into brutal competition for a market that is shrinking into a single commodity gadget, the phone."

stonedonkey writes "According to EE Times, Intel is planning a common system platform for the Xeon and Itanium by 2007, "creating a unified 64-bit motherboard with a new, one-size-fits-all socket." Intel's Jason Waxman says , "It has been something that customers have been asking us for for a while now...the reseller [currently] has to have an inventory of both boxes on hand." Feeling the heat from the competition, cutting losses, or just friendly customer service?"

nusratt writes "EE Times reports 'Design automation systems tailored to the task of genetic engineering . . . can lead to the accidental or deliberate creation of pathogenic biological components.' Design of molecular machines is analogous to doing system-on-chip work, and hackers 'will not need a detailed knowledge of biochemistry to effectively create complex biochemical machines.' A Harvard genetics professor says, 'Even if we don't have bioterrorists and teen-age biohackers, we will still create things that do not have the properties that we thought they would . . . Even if you are genetically resistant and recently immunized, you will have problems with artificial biological agents.' He also says that there are two big differences between this risk and nuclear weapons: (1) building weapons is harder; (2) synth-bio work is more accident-prone. Oh great, just great: script-kiddies with smallpox . . ."

levin writes "According to an article over at EETimes, magnetoresistive RAM chips are getting a little more practical. Infineon Technologies released info on a new 16M MRAM component on Tuesday and the read and write cycle times of this chip make it 'competitive with established DRAM.' How long before nonvolatile memory becomes the solution to crash-prone software rather than better programming?"

Eddy_D writes "The EETimes has a story about a group of undergraduate students at the University of Florida (Gainesville) that have developed a sticky sensor, fired from a paintball gun, to sense explosive compounds in suspect objects at a distance. The project is funded by Lockheed Martin (Missiles and Fire Control group), who is rushing to deploy this new technology to soldiers in the field in Iraq and Afghanistan."

c1ay writes "We've all heard the new buzzword, "grid computing" quite a bit in the news recently. Now the EE Times reports that a team of computer architects at the University of Texas here plans to develop prototypes of an adaptive, gridlike processor that exploits instruction-level parallelism. The prototypes will include four Trips(Tera-op Reliable Intelligently Adaptive Processing System) processors, each containing 16 execution units laid out in a 4 x 4 grid. By the end of the decade, when 32-nanometer process technology is available, the goal is to have tens of processing units on a single die, delivering more than 1 trillion operations per second. In an age where clusters are becoming more prevalent for parallel computing I've often wondered where the parallel processor was. How about you?"

celston23 writes "According to this article (near bottom), RedHat is intending to use their Open Source Now Fund to support open-source (GPL) developers who are sued for copyright infringement. Might be used during the SCO legal battle."

cheesybagel writes "In this EETimes article SCO claims to have shown their evidence to our independent analyst friends from the Aberdeen Group. The evidence, all 80 lines of it, allegedly even has identical comments."

MeCoward writes "EETimes reporting on working group that hopes to leapfrog 802.11 to create wireless 1394 links. Initially 100mbps but aiming for 400mbps." I don't expect to see this anytime soon, but it certainly makes things like wireless HDTV feasible. Sure would be cool. Of course Bluetooth is only now just catching on, so imagine how long it'll be before this becomes practical.

An Anonymous Coward, in name only asks: "I've been asked to write about the Future of DVD technology for a newsletter and I've been doing some thinking and research regarding this. It seems pretty clear that DVD is a dead-end technology, due to be replaced by Video On Demand. Already Disney is launching a VOD service, albeit through traditional broadcasting. It's to be a brief piece, and I plan to touch on how VOD will affect viewers as well as professionals. What is a realistic timeframe for beefing up broadband (such as Powerline Broadband?) and smartening compression (On2's VP5 , MPEG7?) to create a workable VOD system that will replace DVDs? Is delivery more likely to be based on an open or proprietary standard? What do you see as the future of Digital Video? Any input is greatly appreciated." While I don't think that Video on Demand will spell the end of DVDs, it would be interesting to know how far the technology has progressed, and how much further it would need to be developed before you could can pick-and-choose your movie-of-the-night from your own living room.

Jon writes "Remember jokes about clueless newbies trying to fax documents by holding them up to the monitor? Perhaps they were just ahead of their time. Toshiba has developed a combined LCD/optical sensor, according to EETimes. It isn't monitor sized yet, but in a few years, perhaps?"

securitas writes "In a dramatic reversal of Benetton's previously announced plans to embed RFID tags in all of its clothing, the retailer has responded to customer privacy concerns and canceled its plans to go ahead with the project. Wired News and ComputerWorld also have stories on this stunning turn of events, which RFID manufacturer Philips is undoubtedly unhappy about. Benetton says it 'reserves the right' to use RFIDs in the future."

securitas writes "In a dramatic reversal of Benetton's previously announced plans to embed RFID tags in all of its clothing, the retailer has responded to customer privacy concerns and canceled its plans to go ahead with the project. Wired News and ComputerWorld also have stories on this stunning turn of events, which RFID manufacturer Philips is undoubtedly unhappy about. Benetton says it 'reserves the right' to use RFIDs in the future."

An anonymous reader writes "Five Japanese TV manufacturers will form a working group to hammer out technical specifications by October for digital TVs with Internet access. They will develop a consumer electronics version of Linux to provide functions and performance required for digital products. The resulting source code will be made available through the General Public License procedure."

An anonymous reader writes "I noticed here that EE Times is reporting that the GDDR2 standard is finally becoming a reality. Both NVIDIA and ATI's latest chips offer support. ATI helped spearhead the initiative to develop the standard. The significance of this is great, since it may very well mean that every 18 months or so a new graphics memory standard will be released."

Steve0987 writes "EE Times Online has an interesting article on a deformable telescope mirror that the University of Arizona has built. It uses 336 magnetic coils to deform the 2 foot secondary mirror and change its shape to compensate for everything from wind blowing against the telescope to atmospheric aberations. It is purported to provide 3 times the resolution of the Hubble telescope. (And you don't have to go into space to fix it."

Steve0987 writes "EE Times Online has an interesting article on a deformable telescope mirror that the University of Arizona has built. It uses 336 magnetic coils to deform the 2 foot secondary mirror and change its shape to compensate for everything from wind blowing against the telescope to atmospheric aberations. It is purported to provide 3 times the resolution of the Hubble telescope. (And you don't have to go into space to fix it."

DeAshcroft writes "EE Times has a piece on progress with the four-year-old DARPA-conceived Smart Dust self-organizing sensor networks. Based on Berkeley's TinyOS and TinyDB open-source projects, the article reports several companies are demonstrating both military and civilian applications. Ars Technica adds background and commentary on issues not discussed in the EET article."

We ran the "Call for questions" Monday, January 13, under the headline, Discuss BIOS and Palladium Issues With an AMIBIOS Rep. Note that Brian Richardson, AMI sales engineer, is a real engineer, not just a salesperson, and is also a staunch Slashdot reader who knows we have low tolerance for PR whitewashes around here. Brian's answers are real, not laundered, and he responded not only to the 10 questions we sent him but also to some he felt deserved answers even though they weren't moderated all the way up. Please note that in much of this interview he is speaking as "Brian Richardson, individual," and that his opinions do not necessarily reflect those of AMI's management. With that said, be prepared to learn a lot about the BIOS business, and how TCPA and Palladium relate (and don't relate) to it.

Preface:

I thought it might be handy for the audience to know who's handling their questions ...

My name is Brian Richardson. I work for American Megatrends, Inc . (AMI). AMI is a privately held company located in Norcross, GA (just north of Atlanta). We employ approximately 400 people worldwide (about 200 in the United States).

I am a "BIOS Sales Engineer", responsible for handling technical issues related to selling and marketing the AMIBIOS8 , our latest BIOS code revision. This includes writing whitepapers, demonstrating products, answering technical sales questions, speaking at industry conferences and handling requests from the press that may require more than a passing knowledge of technology (like this one).

I started at AMI in 1996. I've been in this job for two years. Before that I wrote BIOS code for our notebook team and helped design our Software Quality Automated Testing (SQuAT) system. I also maintain several company intranets and our Bugzilla server, used for tracking bugs during BIOS development.

In spare time, I serve on the board of directors of Tech Corps Georgia. I also managed the Hardware section of linux.com (old articles are archived at linux.omnipotent.net).

This interview covers BIOS in general, but the questions have a heavy slant towards TCPA & Palladium. I'm sure I won't address everybody's TCPA related questions here. AMI has a "TCPA and AMIBIOS8" whitepaper at our website which discusses AMI's implementation. There are also links to other information on TCPA.

To answer some of the more unusual questions that didn't make it into the Top 10:

• You use XOR to clear a register instead of a simple MOV instruction because of the instruction size (XOR uses a two byte opcode, MOV uses three bytes). The savings in space really adds up after a while.

• We haven't finished 1394 boot yet, but we do have USB & USB 2.0 boot support

• I don't know, I've never met Satan ... but I have been to WinHEC

Now on to the questions ...

1) On the Exclusionary Uses of TCPA

by the-banker

Is it (will it be) possible to use TCPA to effectively lock-out certain operating evironments from various services (software, media, etc) solely because the operating environment is not backed by a company, and has no mechanism for paying certification fees and licenses? Specifically, could TCPA be used against free OS's like Free/Open/netBSD and Linux to prevent those users from accessing the same content users of commercial OS's can?

Let me start out by reminding the audience I am not a security expert. I have been reading specs like a madman the past week, expecting such a question from the /. audience. I'm also not a professional TCPAadvocate ... my understanding of TCPA is in relation to what AMIBIOS must do to enable the TPM(a hardware component required by the spec). I'm going to refer toTCPA specifications & FAQ a lot, so verifying my answers will be an exercise left to the reader.

Your question brings up a lot of common issues people seem have with TCPA:

1. What does TCPA do?

2. What does AMIBIOS have to do with TCPA?

3. What is the licensing structure?

4. Can open-source software make use of TCPA?

5. Does this have anything to do with Digital Rights Management (DRM)?

Let's see if Brian can hash his way through these items in some sort of order ...

a) What does TCPA do? TCPA is an industry specification that defines mechanisms for "trusted" client/server interaction ("trust" and "security" are two different things).

TCPA works in a very similar fashion as other key-based security mechanisms (SSH, PGP, SSL). Transmissions are secured by hashing against a key. Keys tend to be very long (128 bits or more), so it is difficult for "bad people" to guess your key. In many mechanisms, the key also serves to identify the user (proof that they are who they say they are). This key is often contained in a file or some sort of removable media, like a smart card.

TCPA adds a few elements to this security scheme:

1. More keys and longer keys (some keys are 160 bits, most are 2048 bits)

2. A crypto-processor to speed key computations

3. Secure key storage on the system mainboard

4. Establish platform "trust". The two excerpts below are taken from the TCPA FAQ:
   12. What do you mean by trust?
   The ability to feel confident that the software environment in a platform is operating as expected. This is done by reliably measuring and reliably reporting (using aliasing) information about the platform.
   
   Another such benefit is improved control of access to data. Previously such access has depended upon authorization or authentication. Now such access can also be linked to the state of the software in the platform. This enables the denial of access to data if rogue software, such as a virus, is introduced into a platform, because such introduction necessarily changes the software state of the platform.

The crypto-processor and key storage are provided by the Trusted Platform Module (TPM). A TCPA enabled system will have a TPM on the motherboard. This TPM can be disabled, as per TCPA specification, if the user wants to opt-out.

One concern is that TCPA is equivalent to a unique identifier on your computer, which causes a large number of privacy concerns. There's a large section of the FAQ (Item #13) that covers this topic:

The solutions support privacy principles in a number of ways:

1. The owner controls personalization.

2. The owner and user control the trust relationship.

3. Provides private object storage and digital signature capability.

4. Private personalization information is never exposed.

5. User keys are encrypted prior to transmission.

6. Supports multiple certificate authorities giving the user choice.

It is also important to know what the solutions are not:

1. They are not global identifiers.

2. They are not personalized before user interaction.

3. They are not fixed functions - it can be disabled permanently.

4. They are not controlled by others (only the owner controls).

b) What does AMIBIOS have to do with TCPA? The TPM requires initialization during BIOS POST. This allows what they refer to as "metrics" to be stored that help establish that the BIOS & OS can be trusted (i.e. haven't been h4x0r3d). Our "TCPA & AMIBIOS8" whitepaper has more information.

c) What is the licensing structure? There isn't one. From the TCPA FAQ:

10. What are the licensing and/or royalty arrangements for the technologies outlined by the TCPA specification?

The TCPA spec is currently set up as a "just-publish" IP model.

d) Can open-source software make use of TCPA? Yes. From the TPM FAQ:

18. Does the TCPA support open source systems?

Yes. The ability to use the TPM functionality is available to all developers of software. An open source project could determine to use TPM functionally today. The concepts of measurement, protected storage and attestation of measurements are fundamental concepts that hold true for any type of OS or application. The platforms that support TCPA today are not limited to only one OS and if open source developers provided applications that used the TPM functionality they would find support.

Remember ... SSH, GPG and SSL aren't any less secure because they're open-source. The whole point of key-based security is that you can't see the data without the key, even if you know the decryption mechanism.

e) TCPA & DRM? This question wasn't directly asked, but it's on everybody's mind ...

TCPA has been connected to proposed legislation that would require "content protection" on most digital media devices (including PCs).

While somebody could write a DRM application using the TPM, they could also write one without it. Non-DRM applications can be developed under TCPA. The example I thought of is an improved VPN for companies that are super-paranoid about their data (think about it ... 2048 bit keys, no hash load on the system CPU, ability to tie accessibility to a unique platform).

Adding TCPA & a TPM to a system doesn't automatically add DRM to a platform. Some application has to tie the TPM to the "media" being "protected". Merely adding TCPA to AMIBIOS doesn't constitute DRM:

Captain: What happen?
Mechanic: Somebody set up us the DRM.
Cats: How are you gentlemen !! All your BIOS are belong to us.

2) Advantage

by TedCheshireAcad

What is the advantage to me, a Linux using consumer, to buying your product over those of your competitors?

First, the short answer: a proven and stable product based on nearly two decades in the PC industry, with support for the latest technology.

Now, the long answer: Let me give a little background on how BIOS gets onto your average motherboard. I know that's not what you asked, but it will explain product design and benefits to the end user.

AMI markets AMIBIOS directly to the motherboard manufacturer, who we see as the actual "BIOS customer". So many of our features are oriented to motherboard manufacturers or BIOS developer. The end result of using our codebase is to produce a stable BIOS for the motherboard manufacturer's customer (that's you, the end user).

You can break these down three major areas:

1. Code structure (ease of development, tools, source management, etc.)

2. Technology support (OS, chipsets, processors, peripherals, etc.)

3. Support after the sale

a) The "BIOS core" is a different code component from silicon support code. The same applies to our technology support modules (ACPI,USB, TCPA, ASF, SMBIOS, APM, etc.). This allows board developers to pick just the code they need for their system. An embedded Linux board for an industrial controller has different BIOS requirements than the typical "white box" motherboard (OS compatibility, supported hardware, power management, etc.).

AMI also developed a custom GUI to make BIOS development easier (Visual eBIOS, or VeB). Believe it or not, most BIOS development happens at the DOS prompt in x86 assembly code. We found it harder to get new engineers comfortable with DOS-based development (DOS is 22 years old, so is the average college graduate). VeB also incorporates source control, so engineers manage the code from the same place they edit the code.

b) Technology support is pretty broad. We have to work on new chipsets, technologies and devices while keeping backwards compatibility for older hardware we'd rather forget about. This involves a lot of work with hardware vendors (Intel, AMD, ServerWorks, nVIDIA, etc.), software companies (Microsoft, RedHat, etc.) and technical specification groups (there's one for most every acronym out there). As you might imagine, there's a lot of testing to make sure all these things play well together.

Technology support also applies to features that don't have cool three letter acronyms. One example of this is "Fast POST" (POST is Power On Self Test, BIOS execution from power-on to OS bootloader). There was customer demand to boot the PC faster. This pressure came from Microsoft for a better overall user experience (yes, the obvious joke is "boot speed doesn't matter when you don't have to reboot so often" ... but I'm taking the high road). So now Fast POST is standard in AMIBIOS8.

c) "Service after the sale" sounds like something you hear in a men's clothing store, but it applies to BIOS as well. Customers expect bugs to be fixed, new features to be added, and a voice on the phone when they can't quite figure out which bit goes where. Some customers develop using our source code (as a licensee), while others use our engineers to create their BIOS (as contractors).

That might have been more of a sales pitch than you were expecting (sorry). There's more product information at the AMIBIOS website.

3) Performance hit

by oliverthered

I assume that data pathways will be signable or encrypted in some way. What performance hit will the [operating system] take when using trusted system? e.g. How much extra data is added to form a signature, what methods are used for signing. and how will this benefit the end-user?

A: I assume this is in reference to TCPA, so I'll use what I know of that spec to answer the question.

Everybody who's used SSH or SCP has experienced computation overhead from data encryption. That's the main reason TCPA has the Trusted Platform Module (TPM). Along with storing keys, it had a dedicated crypto-processor to handle random number generation, hashing and digital signatures. Due to the size of a security key, these hash computations add overhead (overhead == delay).

In TCPA, the hash/generation stuff is offloaded to the TPM. Since this dedicated processor does the work, the main system processor doesn't have to. The TPM is also a function specific processor, meaning it's optimized for security tasks (translation: faster than your general purpose x86 CPU). This is a good thing, since most of the TPM keys are 2048 bits.

If you look at Transmeta's recent security press release, you see the same functionality. Although this story was reported as Transmeta releasing DRM, they are actually providing an integrated crypto-processor in the TM5800. This function-specific processor is accessible through an extension to the x86 instruction set (similar to MMX or 3DNow!). The difference between this & the TPM is how you access the functions.

Sidenote: does any open-source developer want to check if these extensions could be used to improve SSH, SCP or GPG performance?

The signing methods and potential benefits are outlined in the TCPA specification and FAQ.

4) Why are BIOSes closed source?

by mcelrath

Having recently had a lot of trouble with my laptop's BIOS, on an issue that I could most certainly fix if I had access to the code... I started wondering what benefit AMI and other vendors have by keeping BIOS code secret? I can think of none whatsoever.

An open-source TCPA BIOS might go a long way to alleviating the fears of the open source community, since we could see exactly what it is you're forcing on us. And hey, no doubt you'd get a few bug-fixing patches in return for your efforts.

So, is an open-source BIOS a possibility? (TCPA or otherwise)

Just to get this out of the way:

1. AMI isn't forcing anybody to take any product offering, TCPA or otherwise.

2. TCPA doesn't block open-source (see #18 in the TPM FAQ @ trustedpc.org).

3. The TPM Memory Present (MP) driver BIOS uses during POST isn't open-source (it's provided by the TPM manufacturer).

This was the focus of a linux.com article several years back. There's plenty of advantages to open-source, but there are two main reasons for closed source BIOS: Legal Restrictions & Economics.

The creation of an open-source BIOS isn't limited by the BIOS itself, but by the information required to create the BIOS. Let me take a second and explain how the BIOS works at a programming level. This may seem like a tangent, but it helps explain issues faced by open-source BIOS developers (just think of it as Good Eats for BIOS).

There's three major components of any BIOS:

1. Core Routines

2. Silicon Support Routines

3. Board Specific Routines

The core can be equated to the kernel of an operating system, except that it comprises a larger percentage of the codebase (both in functionality and actual code size). This is everything that's generic from one BIOS to the next.

Silicon Support applies to the chips on the board initialized by the BIOS (processor, northbridge, southbridge, I/O, flash). BIOS core routines will call silicon routines when hardware configuration is required. These routines are created according to an API, so swapping any of these code modules doesn't affect the structure of the core.

Board Specific Routines represent the motherboard manufacturer's configuration. If you look at motherboards from two manufacturers that use the exact same silicon components, you might expect the BIOS from one board to work on the other ... but you'd be wrong. The small hardware changes that differentiate Board Vendor A from Board Vendor B have a large impact on the BIOS. PCI Interrupt routing, chipset General Purpose I/O pins and other parts of vendor's "secret sauce" go into this BIOS layer.

"Fine," you say, "but what does this have to do with open-source BIOS?"

I'm sure you've noticed that there's a BIOS ready for a chipset the day it is announced. AMI and other BIOS companies don't just come along the day of the silicon release and slap a BIOS together. We work hand-in-hand with the chipset vendor for months before the release. They send us an alpha board, we boot it ... they send us a beta board, we add more features ... they send us final silicon, we validate it.

Now remember that this hardware isn't public when AMI gets it. AMI has to sign a has to sign a Non-Disclosure Agreement (NDA) to get a development board or advance specifications, which means we can't tell anybody what we know about the product. Vendor-supplied reference code (memory detection, bridge configuration, etc.) is also covered under NDA. AMI also signs NDAs to cover the motherboard manufacturer's confidential information.

So the BIOS that ends up on those motherboards is constructed using information we can't release to any party not covered by NDA. You might be able to understand how this doesn't fit into to the open-source model.

So an open-source BIOS developer has a big dilemma ... they need access to information, but legally can't include it in open-source code. Many chipset vendors provide information after their chipset is released, but not many board vendors hand out schematics. Reverse engineering might reveal this information, but some items controlled by the BIOS can damage the system if not set properly (data corruption, overheating, smoke, flame, etc.) ... so random bit flipping may not be the answer. And nobody wants to get into the legal issues of using disassembled code in place of reverse engineering.

I think the closing statement from the linux.com LinuxBIOS article still applies ... "The real question isn't if an open source BIOS will ever work on a handful of platforms, but if it will ever become viable for mass market across many platforms."

There's another issue that comes into keeping AMIBIOS source code closed (or for that matter anycommercial source code). This has to do with economics.

This is where I change hats from "AMI company representative" to "average techno-Joe". The next few paragraphs are my feelings, not necessarily those of my employer or anybody else on the planet.

I personally like the idea of open-source, and I use a lot of open-source programs at home and work (Mozilla, OpenOffice, RedHat, Mandrake, ClarkConnect, PostNuke, perl, php, Bugzilla). But I also buy and use regular closed-source programs (my DV editing and VCD/DVD authoring tools). The choice isn't whether or not the source is accessible, but if the tool fits my needs.

In either case, those programs are the product of somebody's time (in most cases, a large group of bodies). They're a conglomeration of people's ideas, a manifestation of their talents, and monetary investment (open-source isn't free to develop, somebody bought that computer hardware). Those people, and whatever company funded their efforts, have the choice to distribute their product anyway they choose.

If a company wants to go open-source, then they can't make money selling source or seat licenses. RedHat doesn't make money selling code, they make money selling a code package and support for that package. My company doesn't operate that way ... in the realm of BIOS, money is made licensing source and selling per-board licenses. That's the way every BIOS vendor makes money.

That doesn't mean there's no open-source within AMI (perl/php/PostNuke/apache intranets, Bugzilla bug tracking, ucLinux on our MegaRAC G2 management card). But the choice to go open-source is done product by product, company by company.

In an industry driven by innovation, many companies feel they loose competitive advantage by opening their source ... if everybody has access to their ideas, then why buy their product over another? That mentality may not fit well with open-source, but these inexpensive computers we currently enjoy are the product of market forces. If there was no profit in computing, would Intel and AMD even exist?

Thus ends my personal views ... back to the actual interview ...

5) Technical Explanation of BIOS Settings

by doppleganger871

I have been doing research on BIOS settings for many years, and I have found good articles on what the settings do, and how to tweak them for the best performance/stability mix. But, I would like to know if the BIOS manufacturer itself would be able to provide an in-depth manual of all the BIOS settings, and what exactly they do. All the manuals that come with motherboards are very short on explanations, and I would like to see someone within the company actually explain to us hardware enthusiasts the down 'n dirty, nitty gritty, dirt under the rug, needle in a haystack type of information that we could use to make our computers run the absolute best they can. Because, as we all know, optimizing software and firmware is a lot cheaper than upgrading parts.

A: I wish I had a great answer for this. Despite my verbose nature, there's not enough room in this interview to discuss every setting that is or will be in the BIOS. Some of the basic settings are covered in BIOS setup manuals, and a few websites do a good job of explain the ugly details. The problem is that those "cryptic" options change for every chipset on the market.

We're always looking at product improvements, and that includes documentation. Our setup manual is a generic template, designed for the motherboard customer as a starting point for their manuals. The "chipset specific setup information" is part of a new documentation effort within AMI (we talked about in meetings this week).

Outside of that, optimizing settings for a specific combination of board, memory and processor is still trial and error (tweak, reboot, benchmark, swear ... tweak, reboot, benchmark, swear ...). I don't know if better documentation will change that.

6) "Trusted" computer

by michael

A few related questions:

a) Isn't the goal of "trusted computing" to allow entities other than the owner of the computer to control what the owner does with his/her hardware? For example, "trusted computing" applied to music implies that the music publisher gains control over what the computer owner can do with the music data files. Isn't this the exact opposite of "trust" as that word is normally used - a trusted computer is one that can't be trusted by the computer's owner to perform the tasks asked of it, because other entities have veto power over the computer's actions?

b) Companies like AMI have repeatedly claimed that they aren't part of Palladium. However, isn't it true that without AMI's trusted BIOS (and all the other components necessary to build a "trusted computer"), Palladium wouldn't work? Why does AMI think they shouldn't be held responsible for enabling Palladium and similar schemes?

c) In what way does AMI benefit, financially or otherwise, from introducing a BIOS designed to make the computer it is installed in less useful to the purchaser of the computer? Please avoid saying that this is "optional"; AMI wouldn't create this BIOS if it wasn't intended to be used.

A: Let's take these in order ...

a) The Goal Of Trusted Computing: Despite the fact my company is a TCPA member company, the concept of trusted computing wasn't created by AMI (we're not even a founding member).

As far as the goals of the specification, I'm not the designated defender of TCPA. I'll let theTCPA speak to their own goals. You seem to automatically equate "trust" to DRM, but that's not what I get from reading the specifications and related materials (see part (e) of my answer to the first question).

b) Palladium & AMIBIOS: You are correct in understanding that Palladium will require some amount of BIOS support. The reason we keep saying "we're not a part of Palladium" is because Palladium doesn't exist in the marketplace ... it's a Microsoft initiative being developed under guarded care in a small circle of developers. It's not a public specification like TCPA, so our role in this scheme is unknown. My understanding is that we'll get a specification from Microsoft whenever they're ready to involve the BIOS developers, but I don't know under what terms it will be made public (my Magic 8 Ball says "Ask Again Later").

c) Financial Benefit: Yes, there is a financial benefit to supporting a technology that our customers ask for ... they continue to be our customers. Not every customer has asked for TCPA yet, but enough large customers have asked to make it financially reasonable. Keep in mind that this is just one more feature we offer, which the customer may or may not want to take.

So when a customer (or customers) comes to AMI and says "Our next motherboard will support TCPA, and we need a BIOS module", AMI has two choices:

1. Say yes, develop the code, make the customer happy

2. Say no

If we select option #2 (for whatever reason), our customer has one of two responses:

1. "No problem, we licensed your code ... we'll add the support ourselves."

2. "Too bad, you have a competitor who offers this support ... it was nice doing business with you."

Option B is an obvious downer, because customers give us money. Money can be exchanged for goods and services, like food ... and I find food to be an important part of a nutritious breakfast.

Option A presents another series of problems. Yes, we kept the customer, but now we have a forked version of our code floating around. If only one customer wants this feature, then it's not a big deal. If twenty customers want this feature, then there's twenty code forks. They're still our customers, so they expect support ... and this is a support nightmare.

Our decision to develop a TCPA option was driven by sufficient demand for the technology. We're not the only company in the marketplace offering TCPA. Phoenix, our largest competitor, has been working on TCPA for quite sometime. IBM is already shipping notebooks with TPM hardware (which run Linux, according to LinuxCare Labs). If AMI customers don't ship TCPA, they we spent time developing a feature nobody wanted (it wouldn't be the first time, but that's happens in cutting edge development), but we have customer goodwill because we're responsive to their needs. It's the same in our eyes as developing support for a chipset ... if nobody likes the chipset, then they don't buy the code to support it.

What we have done by choosing TCPA over any number of proprietary security solutions is present an option that isn't closed to third parties. If we enable TCPA on a board and you want to make use of it, read the spec and develop accordingly.

7) Hardware vendors

by cybermace5

Since a BIOS is only part of a motherboard: what steps will hardware vendors have to take, in order to incorporate your BIOS? Will they have to adhere to certain hardware design rules or controls in order to maintain the TCPA? Is there going to be a licensing procedure for hardware manufacturers?

A: Hardware vendors don't have to do much for AMIBIOS to support TCPA. The TCPA code module gets included as an add-on. The hardware manufacturer has to obtain a TPM to place on the motherboard, but that's available from a third party vendor.

The TCPA specification doesn't mandate licensing (see point #10 in the TCPA FAQ). It's not an AMI specification, so it's not our job to check for compliance. Third-party labs will most likely perform platform certification based on TCPA specifications.

8) Windows override

by Forkenhoppen

I have a question; on previous occassions on VIA hardware I've owned, I've noticed that occasionally, Windows will enable a feature even though I have turned it off in the BIOS.

My question is this; if I have TCPA disabled in my BIOS, will Windows drivers abide by this? Or will they still be able to use aspects of the BIOS originally put in place for use by TCPA even though I have it shut off?

What plans are in place to keep a Windows driver from hijacking TCPA-related information for it's own purposes?

A: A lot of that depends on how the motherboard vendor implements the TPM disable option mandated by the TCPA specification.

The TCPA specification has many options for disabling the TPM. It can be a BIOS setup question, jumper or software driven. The first two would be really hard to override in software (unless there's a robotic hand attached to the USB port). The third option could present a software override, but you would have to reboot to have the TPM enabled at power-on to set proper "root of trust" (you can't just turn it on midstream, since a TCPA system is supposed to hash the BIOS & bootloader).

9) TCPA & Palladium

by ignipotentis

Perhaps you can clarify the differences between the two (TCPA & Palladium). After reading up on both of them, i still find that they seem to be pretty much the same, just marketed differently.

A: From the information that's been made public concerning Palladium, I can try to elaborate on this. As I understand it, the major differences are listed below:

• Curtain Memory

• Control of Specification

• Intellectual Property (IP) Rights

The last two points are pretty self explanatory. Palladium it not a public specification, there may be licensing issues. TCPA is a public document created and reviewed by a number of different companies, with no licensing demands.

The first point is technical in nature. Here's how the Microsoft's Palladium FAQ describes "curtain memory":

The ability to wall off and hide pages of main memory so that each "Palladium" application can be assured that it is not modified or observed by any other application or even the operating system

This type of mechanism doesn't exist in TCPA, and would probably require some sort of support at the chipset level (which means it couldn't be implemented using current northbridge hardware). The total system impact isn't known, and it's any body's guess what this does to application development.

10) What do you think about Linux BIOS?

by lanner

At first, I was going to ask you about how you have cooperated, if at all, with the Linux BIOS project. After all, you often have historically cooperated with Microsoft and Novell. What are you doing to help Linux?

But then it occurred to me, if Linux BIOS was successful, it would put AMI out of the BIOS software development business. Linux BIOS is a competitor of AMI.

What is your personal perspective about Linux BIOS, and what does AMI think about it?

A: There's a lot of overlap with question #4 here. But there are two points I'd like to touch on:

1. Cooperation with Microsoft, Novell & Linux

2. Perspective on LinuxBIOS

a) Saying that we "cooperate" with Microsoft and Novell is misleading. AMI creates AMIBIOS for maximum hardware and software compatibility. For years, Microsoft and Novell were the primary OS vendors used by our customers. Microsoft also drives many PC specifications, and the majority of our customers use Microsoft operating systems. Development and testing are focused based on customer demand.

In the past few years, that situation has changed. Novell isn't a major consideration for our customers, but we still test compatibility. Linux is demanded by more customers, and our testing efforts have been increased to match that demand. We test RedHat, SuSe, Mandrake, Xandros, Lindows and FreeBSD by default (along with various beta distros).

Microsoft is still key to our testing and development (we test everything back to Win98). Customers still need that "Designed for Windows" sticker. But Linux is a major focus in our testing and development ... not just because we develop for compatibility, but because our customers ask for it by name.

b) In some areas, people see LinuxBIOS as competition to the other BIOS vendors.

• As far as the source licensing (open vs. closed), see my answer to question #4.

• In features, LinuxBIOS does some things that our BIOS doesn't (mostly in the areas of cluster management) ... AMI has advantages over LinuxBIOS as well (boot from USB/USB2, JPEG graphics as boot logo, broader chipset support, ACPI/APM power management, etc.).

• LinuxBIOS was developed for a specific application, but has broadened ... AMIBIOS aims to offer broad support in many market segments.

• AMIBIOS has been tested against a larger number of system configurations, works with a larger variety of hardware, and has a longer product history.

I'm not sure how others at AMI feel about LinuxBIOS, but all I have to say is "go for it". There's some neat stuff coming out of that project, and it's interesting to see what they've accomplished. Competition in the market is what makes technology improve ... one notch better than the last thing, one step ahead of the next guy.

Thus ends the interview. Thanks to Slashdot for the opportunity, and thanks to the readers for wading through the text.

Burstwave writes "According to this story, investigators at Philips, in collaboration with researchers at the University of Amsterdam, have developed the first electrochemiluminescent material that can generate both red and green light, an effect that depends on current flow. The full report will appear in Nature on Monday. This significant advance in ECL technology will lead to smaller and brighter full-color LED displays."

An anonymous reader writes "This story on EE Times points out that Hollywood and major electronics manufacturers are in agreement on a SmartCard requirement for digital video interconnectivity. Note that the article talks about them 'closing the analog hole.'"

ahess247 writes "You probably missed it, but last week, the publication that helped give Silicon Valley its name announced that it will be shutting down its paper edition next month. Electronic News is one of the oldest trade publications covering the electronics and semiconductor industries. Launched in 1957, it predates its main competitor EETimes by more than a decade. One of its main claims to fame is it was the first publication to ever use the phrase "Silicon Valley" in print. A reporter for the weekly paper, the late Don Hoefler wrote a series of stories entitled "Silicon Valley, USA" that started the week of Jan. 11, 1971. The name, as we all know, stuck. It was also within the pages of Electronic News that Intel Corp. first advertised its 4004 Microprocessor. Once considered the bible of the electronics industry, its last printed issue will go out to subscribers on Dec. 2. According to this press release from its current owner, Reed Business, the publication will shift to an "all digital format." All but three staffers have been let go, and they will produce what essentially amounts to an online newsletter. Not a fitting end for a publication with such an important place in the history of the semiconductors industry."

OrangeTide writes "Using PCI host adapters and Xeon processors, engineers at Lawrence Livermore National Labs have achieved 10-TFlops relatively cheaply. More information can be obtained from this article at EETimes." Lately, Linux seems to be the operating system of choice for new supercomputers, and this one's no different. It's cool to see big iron made cheaply.

zero_offset writes "This article in EE Times details Purdue's efforts to create a material with negative refractivity. One of the important results would be the ability to create optical computers due to the effect's tendency to amplify and focus light at wavelengths larger than the thickness of the nanowires used in the transmission system. Purdue's School of Electrical and Computer Engineering's Vladimir Shalaev says, "Using these plasmonic nanomaterials, we hope to directly manipulate light, guide it around corners with no losses and basically do all the fundamental operations we do with electronic circuits today, but with photons instead." Nanowires, surface plasmon polaritons, optical computers, nanoscale metamaterials, unnatural refractivity -- what's not to like?" We did a story on the first material known to have a negative index of refraction last year.

Acid-F1ux writes: "Using a single cobalt atom as a switch, a research team at Cornell University has demonstrated a working transistor only 1.3 nanometers in length. Silicon transistors today are generally more than 100 nm long." We posted a slightly more general article about nanotransistors recently, too; this one concentrates on the Cornell researchers.

An anonymous submitter writes: "According to EE Times, the IEEE is working to develop an automotive black-box standard similar to what airplanes have. Forget Acme Rent-A-Car in Connecticut - get ready to have your insurance company jack your rates for going over 65mph."

An anonymous submitter writes: "According to EE Times, the IEEE is working to develop an automotive black-box standard similar to what airplanes have. Forget Acme Rent-A-Car in Connecticut - get ready to have your insurance company jack your rates for going over 65mph."

hondo77 writes "The U.S. Federal Trade Commission and the Justice Department are holding hearings on intellectual property laws over the next few weeks (the first one was Feb 6). They're looking at the balance between IP rights and the free market."

cadfael links to this EE Times story, excerpting: "Philips is attempting to start yet another industry initiative to tackle digital rights management, this time focusing on the wirelessly networked home. 'At stake here,' said Leon Husson, executive vice president of consumer businesses at Philips Semiconductors, 'is the "free-floating" copyrighted content that will soon be "redistributed" or "rebroadcast" to different TV sets throughout a home by consumers using wireless networking technologies like IEEE802.11.'"

cadfael writes: "The EETimes reports that "a new working group within the existing Copyright Protection Technology Working Group (CPTWG) will review a technical method for flagging video content that is not authorized for Internet transmission. ... The group was formed at the suggestion of Gary Shapiro, head of the Consumer Electronics Association (CEA), in a letter sent roughly two weeks ago to Jack Valente, head of the Motion Picture Association of America (MPAA)." Does this make sense in the light of this article?"

cadfael writes: "The EETimes reports that "a new working group within the existing Copyright Protection Technology Working Group (CPTWG) will review a technical method for flagging video content that is not authorized for Internet transmission. ... The group was formed at the suggestion of Gary Shapiro, head of the Consumer Electronics Association (CEA), in a letter sent roughly two weeks ago to Jack Valente, head of the Motion Picture Association of America (MPAA)." Does this make sense in the light of this article?"

Fly writes: "According to EETimes, an Austin startup company is close to producing CRTs with cold-emission electron guns. They claim this will reduce the parts needed for electron guns as well as allow for greater control and deflection of the electron beams leading to thinner CRTs. Their technology uses older chip-manufacturing techniquest to deposit diamond tips for the guns on silicon wafers. They hope to enter the CRT market next year."

As you might know, Slashdot runs on Greenwich Mean Time. That means that you're reading the last story posted in 2001, in which we've gathered some more year-end submissions. Happy New Year to all, no matter what time zone you're in! Zargo writes: "Infosync.no has a great collection of articles named Rewind 2001 looking back at the best stories of 2001. Lots of cool gadgets in there. Samsung 3G prototypes, a car designed by Bella and Nokia, soft hardware by IDEO, Siemens wristphone, Compaq's project Mercury, the Agende VR3 Linux based PDA, the Pogo, Psion's über gadgets, Handspring's Treo, Fathammer's X-Forge, Samsungs YOPY (Linux PDA), Sharp's Zaurus SL-5500 including screenshots. Lots and lots of cool stuff to read."

Speaking of Stuff, Dave Gould writes: "I have published my picks for the 2001 Stuff of the Year. Here's hoping for lots of neat new stuff in 2002!" I bet high that stuff continues to arrive. Maybe even more IT.

Weedstock writes: "EE Times has a list of 15 interesting articles about technologies to watch in 2002. One of those articles, Software model needs overhaul, explains the current problems with computer processing and describes new technologies (Such as the Reconfigurable Architecture Workstation processor from MIT) that will affect this domain in the next year."

uninet writes: "'Looking back over the past year, I think most people would have to agree it has been a ground breaking time for open source. While it is true that open source companies suffered just like the rest of the tech sector from poor economic conditions, those same conditions have also made open source appear even more attractive.'" Here's the rest of Open For Business' analysis of the year past and coming.

There are plenty more year-end wrap-ups filled with bulleted lists and instant nostalgia, but few can top Llewyn, who writes: "The couple who met on Slashdot two years ago are celebrating their first wedding anniversary! you can email them at scott@asofyet.org and elysse@asofyet.org or visit their reminiscing website." Congratulations!

For those into New Year's festivities of the more athletic (and semi-athletic) variety, burntfungus writes with words on "Security and open 802.11b WLAN Access Points along the Rose Parade route, Pasadena's yearly event that allow anyone to be a street person for two nights a year! If you get cold there are many places to get a hot cup of coffee or hot chocolate. Watch floats (on webcam, blimps and low flying stealth bombers! Find a public WLAN access point or two."

At least partly wrapping up one of this year's oddest stories, several readers have submitted a link to a CNN story which says that Dmitry Sklyarov has returned home to Russia, and has already raised a toast with his wife and children. I hope Dmitry's treated a little differently on his next visit to the U.S. suwain_2 adds a link to this Newsforge story as well.

An Anonymous Coward writes: "Atsushi Kasuya, verification engineer at Juniper Networks Inc., didn't like any of the existing languages used for verification -- so he wrote his own. Now Kasuya is offering his C-like language, Jeda, to the design community on an open-source basis under the GNU Public License."

bluephone writes: "The EE Times has a story on a new chip from Winbond that can take ASCII or UNICODE text and convert it to either spoken English or Mandarin (the Chinese language, not the orange). The low-power chip scans the text and translates it into spoken phenomes and outputs it to a filter for smooth analog sound, or can directly output the digital signal. Imagine a cell phone with this, you can have your email read to you, rather than seeing a line at a time on a dinky screen, street directions from a website, or even Slashdot's headlines. :)"

bluephone writes: "The EE Times has a story on a new chip from Winbond that can take ASCII or UNICODE text and convert it to either spoken English or Mandarin (the Chinese language, not the orange). The low-power chip scans the text and translates it into spoken phenomes and outputs it to a filter for smooth analog sound, or can directly output the digital signal. Imagine a cell phone with this, you can have your email read to you, rather than seeing a line at a time on a dinky screen, street directions from a website, or even Slashdot's headlines. :)"

Bfaber writes: "According to EET, Purdue has created the first examples of quantum computing in a semiconductor. The story can be read here. Read the article for further links that include an audio interview."

nutty_kong writes: "The National Science Foundation apparently is helping to develop a reliable way to manufacture quantum chips. So far, there has been experiments but no reliable way to reproduce or in other words manufacture the devices." Part of the problem with the promised magic of quantum computing is that component manufacture is often custom to each project, and difficult to repeat. Eventually, they'll hit RadioShack though ...

A reader writes "Simplex and Toshiba have a new design tool that allows circuits to run on diagonals. They're calling it X Architecture. Applied Materials, KLA-Tencor and DuPont Photomasks have signed on according to the press release. They're claiming 20% less 'wire', 10% faster, 20% less power and 30% better yields. Here's an EET article."