Slashdot Mirror
Intel To Release Next-Gen BIOS Code Under CPL
An anonymous reader writes "Intel said today that it plans to release the 'Foundation code' of its next-generation firmware technology -- a successor to the PC BIOS -- under the Common Public License (CPL), an open source license, later this year. More than 20 years old, the BIOS (Basic Input-Output System) is the oldest software technology in PC platforms. Intel says its firmware Foundation code, a result of a project codenamed Tiano, 'provides that the successor to the BIOS will be based on up-to-date software technology.' The Foundation code is designed to be extended with new features and services, such as improved platform manageability, serviceability, and administrative interfaces which are too complex to implement in the old BIOS environment, according to Intel."
Seems the CPL is popular these days. Even Microsoft uses it for their opensource projects (WiX and WTL). Not to mention IBM who is the CPL author.
This technology is more commonly known as Digital Rights Management.
"Microsoft is continuing its commitment to open industry standards by adding EFI boot support to all versions of the Longhorn generation of Windows products," said Tony Pierce, Technical Evangelist of Microsoft's Windows Hardware Innovation Group. "Participation in the collaborative community effort around the Foundation code that Intel is announcing today will help systems manufacturers and firmware companies deliver new and exciting platform innovations to their customers."
I wonder if this is going to be like Microsoft's "support" for Java...
Having an open-source bios wont prevent DRM any more then having an open-source OS will prevent file permission restrictions. The source to Linux wont do you any good without the root password, and the source to the BIOS won't do you any good without a signing certificate on a DRM-enabled motherboard.
autopr0n is like, down and stuff.
Seems to me like a bad case of "Not Invented Here" syndrome.
... sounds exactly like hype that is bound to be turned into something you do not want, in actuality.
Like the original intent of cookies and the actuality of spyware use...
Data sharing is important, and I understand your point completely. How then do we counter this? If nothing else, we're somehow assured (presumably) that we can at least run non-drm software. From there, it'll still be a matter of reverse-engineering any DRM scheme...kind of like a more extensive MS Word compatibility layer.
I do have confidence in the Open Source hacker army, though, and that if there's a way, they'll figure it out.
it almost seems, to ensure you can write open source software and still make money is to make absolutely certain that your open source software is written in such a way it isn't of any use to anyone unless they buy your expensive hardware to operate with it...
It should also be noted that MAC addresses actually provide required functionality, modern day networking is built around them... For the life of me, i cannot think of any productive use for cpu id's.
While the source may be available, that won't mean it can't contain DRM. After all, any good secure system should be secure wether or not the source is visible or not.
But no implementation of DRM can be considered a "good secure system". The whole concept is to take PKI and try to keep the private key away from the owner so he/she cannot use it for anything except what the content owner wants you to use it for. This is why MS is trying to stick private keys in hardware. This is why the iTMS DRM removal tool needs to be able to get your key out of either the iTunes software or your iPod.
Trying to do DRM in something completely open source will NEVER work. DRM is security by obscurity, plain and simple.
Finkployd
I wouldn't bank on Intel and Microsoft being in so friendly. Their friendliness may be leaning towards AMD, especially if Microsoft wants to get into the hardware market. AMD has been in a weak enough market position that they would be more willing to alter hardware on MS' account than Intel would, and AMD having a reasonable share of the CPU market with MS' influence would be a method for MS to exert control (indirectly) over Intel. Check out
s er ver.asp
http://www.winsupersite.com/showcase/muglia_win
great, now we need to run ad-aware on our bios chips, for fear of spyware and popups generated and the motherboard chip level!
Chances are, flashing your PC with this BIOS instead of the MS approved DRM one will prevent your PC from sharing data with DRMed Windows PCs. So, DRMed if you do, DRMed if you don't..
If it works that way it'll also prevent a DRMd PC from sharing data with those linux servers becoming all so common nowadays. Works both ways.
In the end all depends on who ends up worse off.
But you can modify the Linux kernel to allow any user to gain root privileges. That's the point of the source code, anyone can rewrite/recompile/reinstall and remove any offending "features" while adding their own modifications.
"administrative interfaces which are too complex to implement in the old BIOS environment, according to Intel."
Riiiiiiiiiiight!
Are there any REAL Assembler programmers left who are willing to work for Intel??? That's the REAL question!
Data sharing is literally essential - computers are only marginally useful if their only info exchange is via keyboard/mouse/monitor. DRM is a tech implementation of the human activity of trust. Proprietary DRM schemes, like M$ Passport, or any other vertical integration, are bad trust models. They fetishize others of the same breeding, trusting identical platforms more than different ones. That kind of model is like feeding cattle the remains of their unsold brethren, a monoculture that amplifies platform weaknesses like mad cow, which incubate in a species and even threaten others. The diversity of open trust standards, like PGP webs of trust, or public SSL CAs, combined with open, mutual audits, keep the ecosystem healthy. Before we build a rickety infrastructure based on flawed models and self-defeating principles, we must get to the right way to manage these systems - then automate them. An open source BIOS, which interoperates with the rest of the Internet ecosystem, at least preserves the options to do that, without passing the point of no return on the wrong path.
--
make install -not war
Will this end the fear of DRM'd BIOS? With the source available then any additions added to the bios can be reversed. I wonder if Intel is countering something in regards to statements made by Microsoft and Sun saying that hardware will be free?
Err, that just meant that the end user wouldn't be paying directly for the hardware, just indirectly. Someone will still be writing a check to Intel for all of their components. I can't see how Intel would look on that other than favorably. That would actually mean that more hardware would get sold because boxes wouldn't be multi-purposed.
Maybe its just me, but don't you think that this is just a way of intel trying to get free and fast bugfixes and improvement for their bios?
[sarcasm] Yeah, there were real virus problems w/ BIOS back when it was non-flashable. Those pesky viruses would pop my BIOS chip out and install a new one before I knew it.[/sarcasm]
Extra or additional drivers and code functions can be stored on the hard drive and accessed there.
Seems like this would increase the vulnerability of the BIOS.
Other than this problem and maybe not being able to control some of the OEM preboot (an odd word when you think of it) "features" (DRM, etc.), this doesn't sound too bad of a plan. Sounds like we're on the way to having the OS run off a FLASH disk or some type of firmware. It'd be ironic if, because of advanced DRM technology, we have to go back to the oldest mod trick - yank out the old chip and solder in the new, as was once done to upgrade BIOS.
I've discovered a remarkable proof, but this margin is too small to contain it...
Should be:
"But of course, copyright doesn't allow this anyways, as I spent the last paragraph stating, because that would misunderstand copyright to be a protection of some sort of inherent 'right' in the act of creation rather than a protection of progress through balanced public and private rights."
Sorry!
And that's what most people do with their PC. Drive it. Not muck around under the hood and tweak the fuel injectors, or adjust the slope of the ABS initiation.
Ironically, Congress is forcing auto makers to reveal their "precious precious IP" because your average mechanic can't read the chips in your car. Basically auto makers were trying to get you to take your car into the dealer to get an oil change. Congress stepped up and said "that's unfair trade practice".
I'm sure many ./ers and other would pay good money to have a properly designed system with modern components that is DRM free.
Of course untill the **AA's use there bought congress critters to pass a law stating that anyone who uses a DRM free machine is violating the law.
If Intel wants to score major bonus points in my book, opening up the bios (or whatever they feel like calling it) could definately do it.
It is a trick. They are publishing the source code, but that source code is USELESS.
If I know that I can always depend on my computer to do what I tell it to and not what Intel/Microsoft/Belken tell it to do, I will go that route.
Then you need to make sure NEVER to let this crap touch your computer! This system is EXACTLY designed to make it impossible to control your own computer. If you change so much as a single instruction then the Trust chip generates a different hash value. With a different hash value the Trust chip cannot decrypt anything. Ultimately you may be denied any internet access at all.
I had decided on AMD. I'm now considering Intel as an option.
Unfortunately AMD is on board with this crap as well. So are Motorola, Transmeta, and even ARM. There's really no good-guys to turn to at this point, but if you want to boycott someone then Intel definitely tops the list. AMD is just following along because they will up and die if the next version of Windows refuses to run on an AMD chip.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
The general idea is that Microsoft wants to use it to prevent those Linux servers from becoming common.
In fact, that's why people are opposed to MS DRM in particular - they dislike losing their property rights, and especially dislike losing them in the name of corporate profit!
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Would you buy a car if you're not allowed to reverse engineer the ECU to reset the Service Due light after changing the oil yourself? Oh, and if you do that anyway, you'll be charged under the DMCA and sent to PITA prison.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
No.
Good security is well known. The techniques and procedures studied by thousands of expert math and cypher experts.
Now, the private key does have to remain private... this is the secret _you_ keep. This is a secret that _can_ be kept, with safes and locks and armed guards and attack dogs and mine fields and phospate hand gernades and tanks and air craft.
What DRM is trying to do is have a private key that _you_ do not have. _You_ the owner of the computer and all the bits on it are having a secret kept from you.
You have the machine in your own house. Nobody is around to guard against you opening your own computer up and hooking an O-scope to it, or reading out ROM's. Nobody to destroy the computer when the secret key is discovered.
The only thing is a law called the DMCA that says you do not own your own computer. And can go to jail if you illegally modify your own machine to access the bits that you actually own on the machine.
--
Sorry, you have failed to enter the correct password. Please stay seated and remain calm. The police are on the way.
OK, again, I am not saying that this is what will happen, but I can also imagine how this could happen. Obviously, it cannot be the immediate next step from where we are today. It takes some time and public education and gradual change on both hardware and software side. As an example, a lot of people are already aware and look for an SSL icon/URL before they type in their credit card or social security numbers. With sufficient time, mainstream attention, and a strong push from technology giants like Intel, Microsoft, anti-virus corps, as well as media companies you could get general public to understand and differentiate between "trusted" and "untrusted" content.
With a similar campaigning from same sources depicting "untrusted" content as inherently evil (e.g. pirated music, child pornography, worms and viruses, etc.) you could, with some time and effort, turn ignorant general public against it. Note that most applications/content that you purchase and use will be trusted - MS Office, TurboTax, most commercial games, RIAA/MPAA content, etc. What will not be trusted is viruses, worms, "illegal" music, porn, and free software (or other free legitimate content) the authors of which have no resources to obtain the "trusted" certification.
This type of classification of free software, shareable music and other similar content with very bad things like child pornography, works to a great advantage of technology giants like Microsoft and media cartels like RIAA and MPAA. You can see where this is going and where they'd like to take it. With enough time, resources and scare tactics, they could even lobby for a piece of legislation outlawing "untrusted" content. I can imagine how this could happen, not that it definitely will.