Slashdot Mirror
Phoenix's BIOS Roadmap
An anonymous reader writes "Phoenix Technologies Ltd. unveiled a vision and roadmap for a next generation of system BIOS firmware that the company calls "core system software" today, at its Strategy 2004 conference. As defined by Phoenix, CSS is a new category of core system firmware that transcends the boundaries of traditional BIOSes and to deliver "extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing," in a broad range of devices including desktop and laptop PCs, servers, and handhelds gadgets. Specific technologies that Phoenix is integrating into its d-NA CSS firmware include: support for the Trusted Computing Group (TCG) specification, remote diagnostics and error-checking, intelligent configuration checking and integrated system policy management, automated provisioning of servers and server virtualization, "radically enhanced" device power management, embedded TCP/IP, remote management functions including dynamic provisioning, load balancing and software resource control, and an XML and SOAP standards-based interface to CSS functions."
Trust -- [...] In addition, Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and
If this crap cannot be disabled then I guess I won't be using Phoenix BIOSes in the future. This whole "trust" nonsense is a thinly veiled attempt at shifting some of the security-onus from the OS to the hardware with the blessing of Microsoft along with the side "benefit" of Digital Rights Management.
This may start a whole new style of hacking; releasing BIOSes for flashing which have the DRM/Trust shite removed.
Trolling is a art,
Trust -- Devices serving as network endpoints can be integrated into to an easy to implement "trustworthy computing" model that leverages secure, digitally signed core system software. This is the critical first link in a "chain of trust." In addition, Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and .NET applications.
.02,
Trust? I don't trust either of these two companies to do anything but take over computer applications and hardware forcing people to use them to "protect" their investments.
Manageability -- Intelligent devices and servers based on Phoenix d-NA are able to provide self-management, self-healing and self-authentication as standard capabilities. By leveraging Phoenix d-NA, software developers in a wide range of categories, from identity management to asset management, will be able to incorporate intrinsic "device authentication" into the fabric of their offerings.
In other words, we are going to give you a unique fingerprint that can be traced back to you. You better not try anything funny with our digitally signed OSs.
Is Microsoft taking over the BIOS?
No, they are forcing us to use them. They are also forcing us to have our computers be traced back to us.
Phoenix and Microsoft recently announced that they were collaborating on CSS firmware focused on WinPE (Microsoft's Windows Preinstallation Environment tool), security, and future Microsoft client and server OS releases, intended to "improve a device's reliability, usability, manageability, and security."
Bullshit. It *might* be for some of this. It's most definitely not their main goal. They want to be able to stop their programs from being run w/o their authority. While this is all and good I don't believe our privacy should be violated to do so.
Who's to say that the BIOS won't phone home and report usage statistics on what OS is running, if there are multiple ones installed, what hardware is in use, etc... Just what we need, direct marketing due to hardware installations.
Would this be different if it was a group creating an open standard? Perhaps but I still wouldn't like it. Being that it is one of the most sinister corporations ever teaming up with a single BIOS company it worries me. I wonder if they realize that they are going to become Apple. Didn't they make their money because of open hardware?
Just my worthless
The bigger the ROM, the more vulnerable and the harder it is to patch. What a cool target, especially if it does network stuff!
At least it always did in the past. MS has yet to learn the lesson (and someday it will) that IBM had to learn: you have to evolve from a company that sets standards to a company that contributes to them.
First Palladium and now this?
Certainly cloaked under the "benefits" someone at MS has thought "Oh a way to make *nix useless on PC architecture".
You didn't think this was just going to affect Linux did you?
Maybe it's time to start helping out/using LinuxBIOS. I went to SCALE over the weekend and saw a interesting presentaion on LinuxBIOS, it has lots of benifits over other commercial BIOS's.
That to prevent confusion with the popular web-standard technology CSS, the CSS BIOS technology will before release be renamed to "Firebird", a name chosen after an exhaustive search based on the fact that it kind of describes "Phoenix" and hey, it's like the car.
To match this, and as part of the promotional effort for Firebird, they will be rebranding most of their products with animal-inspired names, for example renaming their remote-BIOS-diagnostics-and-administration technology to "Longhorn", a name to evoke images of stability. The entire promotional push will be branded to stockholders as the System Consolidation of Operations project, or SCO for short, overall an effort to draw together their product line for more clarity to consumers.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
"Will there be Windows-specific APIs in the BIOS? Are they available to other operating systems? Are these APIs cryptographically hidden from reverse engineering? Legally, do these APIs belong to Microsoft or to Phoenix? Is this a loophole with respects to the anti-trust settlement? This raises a lot of questions about the ability of hardware that includes this new Phoenix BIOS to run non-Microsoft operating systems. Would they run? Would they be crippled it they run? Would Microsoft customers switching to Linux have to change hardware as well, if their PCs run this BIOS? "
Tread very carefully.
This is braindead. Introducing a huge layer of complexity between the OS and hardware etc. Really the job of the BIOS should be to do as little as necessary and then hand things off to the OS. Does a BIOS truly need a TCP/IP stack? Perhaps it is time to put a bit more effort in to linuxBIOS.
If I had no sense of humor, I would long ago have committed suicide. -Ghandi
Most of the viruses lately have been of the email-you-are-dumb variety. I'd been wondering where all the excellent boot sector and hardware level viruses of the 1980s and early 1990s had gotten to.
I couldn't stand yet-another I-love-you clone. I want some real destruction!
This is going to end up just like BIOS based Virus detection. To get anything to install on your computer you will have to reboot, enter the BIOS and turn this feature off and then enter the OS and install your app. How many of those BIOS virus protection features get turned back on after the first couple of times having to hassle with it?
If Phoenix thinks companies are going to pay for the digital certificate creation or whatever is needed to be able to install their app then they are mistaken. They should ask Microsoft how many software companies get them and keep them up to date. How many hardware vendors have gotten digital certs. on their drivers? Not many. As it is, we put the driver disk in that came w/ the hardware and move on. Or we download the latest driver from the net, install it and move on.
Just post md5 sums on the website w/ the driver and software downloads. Microsoft should build a simple MD5 sum checker that can be loaded from Windowsupdate. That would be the BEST thing they could do for security.
YMMV and if you break it, you get to keep both parts.
--Somewhere there is a village missing an idiot.
It could set a good example for other BIOS developers if Phoenix retracts their decision and removes CSS from their BIOS. Please send them an email and let them know of your opinion. Whether or not you use, or would use Phoenix products, lets let other manufacturers know we won't stand for this type of activity.
+ us /
http://www.phoenix.com/en/about+phoenix/contact
To: americas_sales@phoenix.com
Subject: Phoenix CSS BIOS
Just wanted to let you know ahead of time, that I won't be purchasing any product that includes your CSS BIOS, and I will go out of my way to avoid it. I will also make sure that any product recommendations that I make to my current employer will not include your BIOS. Just thought I'd let you know of my opinion, as a consumer, and someone who's owned motherboards with Phoenix BIOS in the past. I hope you reverse your decision, until then, I'll shop elsewhere.
Thanks for your time, and consideration on this matter.
Jon
You should also check out the OpenBios project. They are working towards making a working openfirmware solution that will work on the x86 platform.
Jumpstart the tartan drive.