Slashdot Mirror
Phoenix's BIOS Roadmap
An anonymous reader writes "Phoenix Technologies Ltd. unveiled a vision and roadmap for a next generation of system BIOS firmware that the company calls "core system software" today, at its Strategy 2004 conference. As defined by Phoenix, CSS is a new category of core system firmware that transcends the boundaries of traditional BIOSes and to deliver "extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing," in a broad range of devices including desktop and laptop PCs, servers, and handhelds gadgets. Specific technologies that Phoenix is integrating into its d-NA CSS firmware include: support for the Trusted Computing Group (TCG) specification, remote diagnostics and error-checking, intelligent configuration checking and integrated system policy management, automated provisioning of servers and server virtualization, "radically enhanced" device power management, embedded TCP/IP, remote management functions including dynamic provisioning, load balancing and software resource control, and an XML and SOAP standards-based interface to CSS functions."
Trust -- Devices serving as network endpoints can be integrated into to an easy to implement "trustworthy computing" model that leverages secure, digitally signed core system software. This is the critical first link in a "chain of trust." In addition, Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and .NET applications.
.02,
Trust? I don't trust either of these two companies to do anything but take over computer applications and hardware forcing people to use them to "protect" their investments.
Manageability -- Intelligent devices and servers based on Phoenix d-NA are able to provide self-management, self-healing and self-authentication as standard capabilities. By leveraging Phoenix d-NA, software developers in a wide range of categories, from identity management to asset management, will be able to incorporate intrinsic "device authentication" into the fabric of their offerings.
In other words, we are going to give you a unique fingerprint that can be traced back to you. You better not try anything funny with our digitally signed OSs.
Is Microsoft taking over the BIOS?
No, they are forcing us to use them. They are also forcing us to have our computers be traced back to us.
Phoenix and Microsoft recently announced that they were collaborating on CSS firmware focused on WinPE (Microsoft's Windows Preinstallation Environment tool), security, and future Microsoft client and server OS releases, intended to "improve a device's reliability, usability, manageability, and security."
Bullshit. It *might* be for some of this. It's most definitely not their main goal. They want to be able to stop their programs from being run w/o their authority. While this is all and good I don't believe our privacy should be violated to do so.
Who's to say that the BIOS won't phone home and report usage statistics on what OS is running, if there are multiple ones installed, what hardware is in use, etc... Just what we need, direct marketing due to hardware installations.
Would this be different if it was a group creating an open standard? Perhaps but I still wouldn't like it. Being that it is one of the most sinister corporations ever teaming up with a single BIOS company it worries me. I wonder if they realize that they are going to become Apple. Didn't they make their money because of open hardware?
Just my worthless
The bigger the ROM, the more vulnerable and the harder it is to patch. What a cool target, especially if it does network stuff!
Which brings us to our four favorite letters - DMCA!
The idea of DRM being embedded into BIOS certainly is disturbing, and though I've never really cared whose BIOS is on the hardware I'm buying, this certainly changes things. You have to wonder though - will anyone stay 'rogue' and avoid DRM, or will everyone conform, thereby leaving consumers with no real choices?
extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing
:
Trust ?
Real trust or trust like in
"smoking cigarettes doesn't cause cancer. Trust us."
"Hell hath no fury like a hippo with a machine gun."
At least it always did in the past. MS has yet to learn the lesson (and someday it will) that IBM had to learn: you have to evolve from a company that sets standards to a company that contributes to them.
First Palladium and now this?
Certainly cloaked under the "benefits" someone at MS has thought "Oh a way to make *nix useless on PC architecture".
You didn't think this was just going to affect Linux did you?
This is why open source hardware is so much needed...
I say this time and time again but nobody seems to care untill it is too late...
Here's what I want to know - "extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing,"
/dev/drm/legal
MANAGEABILITY. You want control over my PC? Fine, dump the EULA and be RESPONSIBLE for what it and your software does- until then take that crap out
Legal concerns >
-B
This is going to end up just like BIOS based Virus detection. To get anything to install on your computer you will have to reboot, enter the BIOS and turn this feature off and then enter the OS and install your app. How many of those BIOS virus protection features get turned back on after the first couple of times having to hassle with it?
If Phoenix thinks companies are going to pay for the digital certificate creation or whatever is needed to be able to install their app then they are mistaken. They should ask Microsoft how many software companies get them and keep them up to date. How many hardware vendors have gotten digital certs. on their drivers? Not many. As it is, we put the driver disk in that came w/ the hardware and move on. Or we download the latest driver from the net, install it and move on.
Just post md5 sums on the website w/ the driver and software downloads. Microsoft should build a simple MD5 sum checker that can be loaded from Windowsupdate. That would be the BEST thing they could do for security.
YMMV and if you break it, you get to keep both parts.
--Somewhere there is a village missing an idiot.
People do care. But, unlike software development, a chip fab still requires significant initial capital investment to get started. And chip fabrication is tied up in hardware patents - just as stupid as software patenting, but much more entrenched.
Choice of masters is not freedom.
The whole problem with trust is that I don't necessarily trust either phoenix or ms. This a problem because their security solutions more or less require me to do so. I think this is ultimately why this and similar approaches will fail in the market.
Trust requires open solutions. If I, or someone I trust, can't analyse & audit security solutions I use, these solutions are flawed. MS and phoenix pushing proprietary solutions implies that they do not understand this problem themselves.
Jilles
Here's the problem I see with this type of advanced bios. How long will it be until a virus is written that exploits bios code? Imagine the horror of having to flash your bios to rid yourself of the latest internet worm.
Do these people remember that BIOS stands for Basic Input-Output System? It is designed to be the foundation of the computer system, not the latest futile gesture to stop piracy.
I give the "security features" 6 months to get hacked, and then all we are left with security holes and bugs that could theoretically destroy hardware. This is progress?????
----
Squirrel
They can try all they... they can put all the DRM in the hardware, slap people with the DMCA if they try to work around it, that will only succeed in the doing 2 things:
1) [maybe] Raise awareness of the evil of the DMCA, and finally get it reversed.
2) [surely] Give huge competitive advantages to foreign companies that will start selling non-DRM enabled hardware.
Nowadays, how many MP3 players do you see out there, and how many proprietary DRM-Only players can you find ?
Also, how many non-US governments will tolerate having their hardware totally locked and at the mercy of an US corporation ?
There is no need to fear this. This is just a matter of Phoenix proving a market trend. Either the proof will be true or false in the end. Which brings me to this point "who is in control?" and I say whomever has possesion of a thing controls it. We will have physical possesion of the hardware thus we will ultimately be the most powerful factor in this market. We can exersise this power or not. Those of you who have been around long enough will remember the days when you could buy your bios separtely from your motherboard or gasp program your own. This happens all the time in the embedded industry (not as much as it use to though). So if the market is unfavorable to Phoenix's new bios and unsavory locks on our hardware we can always roll our own. Nay you say? Well I offer up these links for you to browse. Free the bios open the bios
The truth suffers more from convictions than from lies.
This isn't about you trusting them. This is about them *not* trusting you.
The entire point of all these Trusted Computing initiatives is that the software/content makers do not trust their users to follow the limitations that the manufacturers want them to follow. Therefore, they want a hardware design that they can trust to enforce these limitations.
Let me say that again.
It's about the content providers trusting the hardware, because they don't trust you.
You trusting them has nothing to do with it. Be a good consumer and buy what you're told.
Yes, this is the "customer as enemy" worldview. You are, by definition, the enemy here. And it says a lot about the limitations they want, that they automatically assume you will want to violate those limitations, doesn't it?
This is my sig. There are many like it but this one is... Oops. Frank, I've got your sig again! Where's mine?