Slashdot Mirror
Phoenix BIOS Phones Home?
Myrv writes: "There is an interesting thread over at DSL Reports discussing Phoenix Technologies new BIOS. This BIOS contains the PhoenixNet Internet Launch System . ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System. When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs. It's 3 a.m., do you know who your motherboard's talking to????" We've gotten a couple of submissions about this - another submitter pointed out this thread and this description by Phoenix. Phoenix has apparently been kicking this idea around for a while - see this old Slashdot story. Does anyone have any more information?
According to the thread linked to in the story, if the computer boots up with a cool new screen, it's probobly this new BIOS.
:)
The following venders have signed up: AOpen, Chaintech, ECS, EpoX, Giga-Byte, Jetway, Legend-QDI, MSI, Soltek and Zida. Notice no ABit
<possible troll> (but I don't think so...)
It was interesting to read in that thread also, that this could bypass the OS level networking code, and use it's own stuff. I don't think I could imagine the destruction that would be cause by millions of PCs with a backdoor/hole/bug in their firmware, that could easily be remotely exploited. If you thought DDOS attacks were bad now, you ain't seen nothing yet.
</possible troll>
I didn't notice anything about being able to actually turn this off in the BIOS. There is allready talk of using a hex editor to disable it... Just what we need, buggy roms because the vendor does what people don't want.
With tux running in the kernel, it was only a matter of time before we had the next step: web server in the BIOS.
I smell innovation. Thanks Phoenix!
< tofuhead >
--
It is still the dark of night.
This "feature" is built into the bios of my new AMD Thunderbird motherboard, the Iwill KK-266 (nice MB by the way). Its not quite as evil as this article suggests. It is an attempt to get you to sign up with their ISP.
;-)
Unless you activate it within the bios "phoenixNet-enabled PC" and agree to their ISP partnery, you never hear a word from the program. It sits quitely on your bios and never contacts the mothership
Also from my mother board manual:
1. User reads system information from graphic launch screen
2. User registers MS Windows and completes MS OOBE.
3. User accepts/Rejects PhoenixNet service
4. User accepts/Rejects PhoenixNet ISP Partnery
5. PhoenixNet and ISP icon appear on desktop.
I doubt this is beyond the realms of possibility, and once some clever hack has figured out how to do it the skript kiddeez will soon get hold of it. Hell, maybe it could even be tagged onto a VB app and turned into an Outlook worm - cue millions of cracked boxen that can only be made safe by flashing the BIOS, and how many regular (i.e. non /. visiting) users have the first idea how to do that?
Please someone tell me if I'm just scaremongering here (and give details), but I do genuinely believe this is a problem waiting to happen.
4.1 PhoenixNet Introduction
PhoenixNet is a service that provides PC users with best-of-breed, free, software services to support their PC hardware and software and to turn their computer into a powerful tool for communication,entertainment, education and business.
4.1.1 Internet Launch System The PhoenixNet Internet Launch System (ILS) is a patent-pending technology built into the firmware to enable online PC users worldwide to communicate with PhoenixNet and to receive the free PhoenixNet services. ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System.
4.1.2 PhoenixNet Online Services When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services from PhoenixNet's Internet Partners. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs.
I wasn't sure I wanted to post this, because it could possibly give away my "secret identity", but...
A friend of mine is reasonably high up at Phoenix. He had been working on a "secret project" that he wouldn't tell me anything about, but he told me that it was going to be big. Of course, I badgered him for information, but he wouldn't tell.
Well, I had lunch with him one day not long after PhoenixNet was announced. I asked him, "so what's up with this PhoenixNet thing?" He replied, "what do you think of it?"
I then went on to totally trash the idea, saying why it wouldn't work, that people wouldn't stand for their BIOS downloading advertising, on and on. I railed on for quite a while. I might've even called it a "stupid idea".
Then I said, "hey wait a minute... is this the secret project you've been working on??"
He said, "Yes. It was my idea."
Oops. I kind of grinned sheepishly. Huge case of "open mouth, insert foot."
--
Sometimes it's best to just let stupid people be stupid.
http://home.phoenixnet.com/privacy/pcusers.html
This is bios level spying and advertising, even from Phoenix's partners. I think most users will not even know it is installed (by default). The only way to get rid of it is flashing your bios, which is quite a dangerous operation for the common user
Hmmmm, what did you say your Phoenix Technologies BIOS serial # was?
clickity-click
Oh dear, looks like your hard drive has been disabled. No, I can't fix it from here, but I have a friend who lives by you and could fix it in his spare time, he charges about $200/hr. Uh-oh, looks like one of your RAM chips just went!
He who joyfully marches in rank and file has already earned my contempt. - "Big Al" Einstein
Remember the Microsoft anti-trust trial? One detail that emerged was that Microsoft does not permit OEMs to perform modifications to the desktop, startup sequence, etc. This means that the OEMs can't give the user a "custom experience" or differentiate their machine from others using Microsoft's software.
This Phoenix BIOS trick lets OEMs skirt the Microsoft OEM license by performing the customization after the user has the machine.
So, in one way, I say "kudos" to Phoenix for figuring out how to subvert Microsoft's restrictive OEM licensing agreements in this way.
On the other hand, I'd like to understand more technical details of the feature, whether it could bite me while I'm trying to use Linux, etc. Has anybody turned up relevant patents?
Hate stupid software on freshmeat? Laugh at
It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention.)
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
Yet another reason to switch to OpenBIOS.
This sig intentionally left blank.