Slashdot Mirror
Stallman Pushes For Free BIOS
An anonymous reader writes "One key area that Richard Stallman, GNU project founder, hopes to develop is an OSS-based BIOS. But his work has been hindered by PC manufacturers who haven't been receptive to the idea. Stallman told Builder AU that: 'we're looking for companies willing to cooperate with the community in this way.' On challenges facing developers today, Stallman said the worst was the proliferation of laws that explicitly ban free software for certain jobs."
Isn't it about hardware mediated DRM?
Isn't there a Linux/BIOS project underway?
Isn't Microsoft looking to create a nasty piece of BIOS (or no BIOS) which would lock down a system beyond the belief of most persons who aren't "well educated" WRT technology; i.e., the people who wouldn't have a need for tinkering with the system. I'm looking to this akin to car manufacturers wanting to sell cars with the hood welded shut?
One key factor to wanting to develop a free BIOS or "BIOS-like" solution to the startupsequence is that unlike what most endusers are aware of, the BIOS is a pain. Its slow, consumes a lot of bootup time and really isnt needed much longer. A free alternative would provide the user with shorter bootup times and more control over their own hardware. BIOS at its current state are just there for hardware detection/error handling and checking availability of an OS. The LinuxBIOS-project have reduced the bootup time consumed to just 5 seconds afaik. Thats really a lot less than the current BIOSes out there. Most of todays operating systems discards whatever the BIOS provide them and probe hardware directly anyways..
"-Who said sit down?!"
-- S. Ballmer @ MSDC 2003.
Just because software has been commoditized doesn't mean capitalism in software is dead. The profit margins have gone down and will continue to do so but that's simply market capitalism at work.
But, the interview is interesting.
The current system works fine
That can be said about anything. Open Source BIOS would allow people interested in doing so to decide on their own BIOS settings such as chipset speeds etc. The main people against this are the chip manufacturers who make loads of chips that actually function at a higher speed than they are labeled. Its simply a cheaper way to manufacture them. Once I buy it, however, it's mine (like software). And if I would like to configure it the way I want to do so, then that's my choice. I'm all for at least allowing the co-existance of open source alternatives, and let the consumer decide.
In
An incentive like they received from Microsoft to implement Palladium, perhaps?
Yes, the current system works just fine, but the fact is that the current system is not going to be with us much longer. It looks like tomorrows system is going to be what sinister groups like Microsoft make it. One that only lets 'signed' code run. Looked at an Xbox lately?
It is this that I believe Stallman is trying to prevent.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
Up until now, market capitalism has always been concerned with physical products. It will be interesting to see how the free market copes with a free product that, once created, can be more or less redistributed endlessly for nothing...
Real stupidity beats artificial intelligence every time.
-- Terry Pratchett, Hogfather
It's a BIOS. What good would making it GNU/BIOS do?
It would keep "Trusted Computing" initiatives from locking out Linux and other Free/OSS.
More importantly, what good will it do for the motherboard companies?
Today? Nothing. If the day comes that "Trusted Computing" becomes the norm, it would allow any motherboard vendor who had such an option to continue to sell products to linux users.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
What with all the talk of embedding DRM into the BIOS itself, I'm not surprized Stallman has come out with the idea of a GPL based BIOS. What happens when every single part of the computer must be a pice of 'trusted' software, i.e. restricted software. If this project goes ahead, maybe we'll all have an alternative to what an industry too scared of litigation forces on us.
Some might consider the FSF and Stallman in paticular, to be too zealous in their pursuit of a totally open system, but given the upsurge in patenting, litigation, copyrght restrictions and DMCA style laws, the computing world is becoming a much harsher place for those who want to do, what they want to do, with their own computers. At the moment we have only operating systems restricting our rights on our own PCs. What happens if the PCs themselves contain the restrictions? How far will these restrictions go? How long before PCs come with restrictive EULA and can be repossessed for (suspected) infrigement? Already we can't mod chip our PS2s. What about our PCs? When they get region locking, will we be allowed to mod them? At least a libre BIOS might affors us some protection.
I just wonder, if trusted computing comes into vouge, will a non DRM BIOS be considered a device for circumventing copyright, and get banned under the DMCA. All the more reason to get it established soon, before newer more ridiculous laws are passed.
May the Maths Be with you!
I think the boot time advantage is not worth the trouble.
:)
Maybe boot time alone does not fully justify a free opensource BIOS alternative, but what about boot time combined with better hardwarecontrol (ie allowing the user to tweak performance?), and the option of "hotbooting" bypassing the entire BIOS and letting the OS run the show. This is a very interesting area and I hope development are allowed to happen
"-Who said sit down?!"
-- S. Ballmer @ MSDC 2003.
I wonder how this could be moderated insightful. The proprietary nature of BIOSes severely cripple the usefulness of PCs today and destroys their long-term value because support of modern modern hardware features doesn't get backported to BIOSes of older PCs. Some examples:
A generic, free BIOS/firmware could thus (a) bring BIOSes to new, desirable levels of functionality [see above], make (b) BIOS user interfaces consistent across heterogenous computers, and (c) finally allow consumers to choose motherboards based on hardware quality only.
gopher://cramer.plaintext.cc http://cramer.plaintext.cc:70
Stallman is going to have to find a serious financial hook to lure companies with.
What about this...
Trusted Computing only really becomes a problem when the owner of the computer is not the 'owner' of the Trusted Computing Module.
Whilst BIOS manufacturers could restrict what operating systems can run on their hardware I don't see why they would. They could do it tomorrow if they wished but I don't see that happening. I fail to see why Trusted Computing would bring this about. Booting into a different operating system would simply cause the TCM to restrict your access to any encrypted data, which (assuming you're the TCM owner) you would have encrypted yourself anyway.
Stallman's talk of your computer downloading new policies sounds preposterous. It is indeed possible for a TP to do such a thing, but again your computer could do it tomorrow. Computing technology follows the Enthusiast to Business to Consumer lifecycle. At the moment the Enthusiasts are complaining because they want full control of their new kit. The benefits of TPs to business could be huge but I can't think of one company that would adopt a new technology if they thought that they could be denied access to their information at the whim of their software provider (at least now, after they all got burned by Office upgrades). Once the technology reaches the consumer level then people will care even less. I bought my toaster to make crispy bread and my console to play games. Why should I care that the console maker doesn't want me to run Linux?
If you want a system that won't eat your dog, marry your sister or one of the other terrors Stallman predicts then get yourself a Mac and an iPod. Apple aren't in the TCG and their DRM seems to please most people. You can't play Ogg on your 'pod but that can't be helped.
Right. Stallman bashing, TC supporting and Apple worshiping. Mods: start your fingers.
Richard Stallman does actually know how to program. Although some may argue against it, it took programming knowledge to help write GNU Emacs ;-) (As well as working on gcc and gdb if Emacs doesn't hold enough credibility for you).
All you PC kiddies, who havnt used say, a sun box, dont know what you are missing.
Whilst you may think that a bios is only usefull for tweeking memory timings to get a few more FPS from games, there are loads more things that it can do. For example on a sparc you can do memory, network and scsi tests at a low level before any OS gets to mess with the hardware. You can even program in forth at the OK prompt.
The ability to boot off the network is now in place on most modern bioses, but that has come about as a direct result of having it on server class bioses for years.
The fact that there is a full on TTY driver in the sun bios, means that you can plug the serial out into a another box and have full access to all aspects of the bios remotely. This may not seem much of a big deal to home users, but to a sysadmin it could save you hours of travel. Then there is the fact that you can change bios params. from within the OS.
Modern bioses by just havnt kept pace with modern hardware. There is a monopoly by a few companies, all pushing out a similar product that has just the minimum functions to run the box.
Whilst people may or may not love Stallman due to his abrasive nature youve got to admit that without him, there would be no linux, no GNU and a lot of us would be out of a job.
So, when M$ mandates that all mother board manufacturers uses a bios like that on the Xbox, or their OS wont run on the box, who will they listen to ?? A load of linux "loonies" of a multi billion dollar corp ??
Yes we have hacked Xbox to run linux, but its been patched and the linux hacks are getting harder and harder.
Now under DMCA if you bypass a copy protection you are almost a terrorist. How many of our employers are going to run linux, if its illegal to bypass the bios to install it?
Standardizing a bios on something such as Open Firmware will fix a lot of platform issues. Such as having to make video cards for macs and video cards for PCs. (or scsi or ide or anything that requires its own firmware)
Sun resells Mac Radeon 7000 cards as Sun XVR-100 cards (for about 300$) because OF allows it to work. Sun even admits they are Mac Radeon cards
Stallman is quite a capable hacker, very likely more productive than you and me combined.
Lisp is the Tengwar of programming languages.
But if tcpa allows those wal-mart "computing devices" to provide their users some basic functionality without ddosing the entire subnet with virus activity, then I'm all for it... as will be most of the joes and janes presently calling tech support every month because their computer caught (yet another) case of the clap.
Something has to be done about security, and linux (such as it is) is no panacea. That means disabling a certain level of geekiness is required simply because most of those home users don't have a fucking clue how a computer works - nor should they - any more than you should have to know how to rebuild a compressor just so you can enjoy the "priviledge" of preserving your food with a refrigerator.
If "trusted computing" helps prevent grandma from being owned every time she hops on pogo, it has a great deal of value to very many people. Sorry, but that's life.
And rather than pushing all these manufacturers to do what he wants, people like RMS should be out there rounding up talent to help create our own platform. I was designing CPUs from TTL logic when I was in goddamn high school - it ain't that hard if you know what you are doing. And with all the OSS tools available today it should not be that difficult to evolve a truly open cpu and chipset. Yes the open version would be years behind and yeah, it'll be more expensive (at first) than those commodity parts. Such is the nature of supply and economies of scale. But if it's a truly competetive product then others will adopt it, and that will allow the "scale" to tip somewhat back in favor of the open approach. AMD and Intel don't have the only fab lines on the planet, you know - and IBM and Sun would probably love some new tech to help keep those fab lines busy. Hell, make the design simple enough and the parts could be built on the obsolete assembly lines cast off by intel and amd.
I'm not saying we should just shut up and lie back, nor am I saying we have no right to speak out about the evolution of technology - but at a certain level trying to tell manufacturers like intel what to make oversteps the bounds of logic, if not freedom itself.
It's gonna have to happen: either we do it our way and let them do it theirs and let the market decide, or they are going to leap ahead and then will have the power of "proof." Once that happens it won't be a matter of deciding for ourselves because, if TCPA is at all effective in reducing the number of compromised commodity computing systems, the lobbyists will waste no time making sure the braindead old farts in washington legislate away all other options.
The time is now
A lot of BIOSes have broken implementations of stuff (see the likes of ACPI for examples) - opensourcing the BIOS would be really useful for getting this kind of thing fixed. Especially since a lot of kit is still in use long after the manufacturers have finished caring about it - open BIOSes would allow people to fix BIOS bugs after the manufacturer has stopped bothering to release firmware updates.
http://blog.nexusuk.org
TC will not stop an OS from running. It is used by the OS to verify that every layer of control is untampered with, from BIOS to OS to application. This verification also extends to remote parties.
Where this becomes dangerous is when enough machines are TC capable. Imagine its 2011 you try to connect to your bank with Firebird/Linux and the bank refuses to allow you to access your account because your platform may not be "trustworthy". No amount of emulation will be able to get around that. Its not a matter of protocol, its a matter of public key encryption. The key you need is in the TC hardware.
That key is the problem. Imagine future DVD's using public/key encryption instead of the lame CSS it's currently using. With TC, That decode key needed would be supplied by an MPAA server that ofcourse would only supply it a TC certified setup durring registration. The key would only need to be supplied once and stored in the TC hardware itself. From MPAA server through the net through the app through the OS through the BIOS straight to the TC hardware, it would all be highly encrypted and verified. No snooping or sniffing possible.
They could change their bussiness model and sell the DVD's for a dollar and charge $20 for activation. You could try to sell your registered DVD on ebay, but buyer would have to "register" it for $20 as well. No more lost sales to resold DVD's. Its would be a MPAA exec's wet dream.
It's not that you wont be able to RUN linux, its that you wont be able to do anthing with it in the future. You wont be able to play new DVD's, unable to connect to certain sites such as yoyur bank or paypal, you won't be able to register downloadable content such as itunes, etc. Linux users are just to small and disorganized (politically) to do anything about it.
Ofcourse this is a while in the future, but you can bet its a future that greedy companies will hurry along as quickly as posible.
The only thing really saving our butts so far is the fact that a majority of windows users have older equipment and are going to stay that way. But it will not be this way forever.
The way TC will spread and take hold is to get itself established on new equipment and be as innocuous as possible. It will be in new equipment because MS will say it has to be there so as to be "PC Standard". Eventually you reach critical mass. This may take decades to occur, but it WILL happen. Government and big business will make sure of it.
"Do you mean that manufacturers would be required to implement DRM? But so what? Just because it's there, doesn't mean you are forced to use it." But if every new computer sold after 2005 was required to be DRM-compliant, it would take, what, 3-5 years before most of the population had upgraded to a DRM-compliant computer? And when your motherboard goes on the fritz, what then? "Do you mean that manufacturers would be required to implement a compulsory form of DRM that stopped unsigned OSs from booting? That's also absurd. The big corporate interests behind Linux would never let that happen." The big corporate interests behind Linux let software patents happen. (Of course software patents happened in the US before Linux did - but they're still happening in Europe, for example) Remember, there are bigger corporate interests that want DRM. Sony, Disney, Microsoft, you name 'em. IBM is only one behemoth among many...
Now if the interfaces involve encryption, and keys are not available to free software, then certainly a lot of people, not just RMS, would complain. But it seems unlikely that this will happen, since the large chip companies make money from Linux-on-x86 sales.
You seem really keen on this, but it is false. The only way RMS contradicts capitalism is that he refuses to admit the crude monetisation of so-called 'intellectual property'. RMS instead says: ideas are not property. And our existing copyright and patent laws in fact state this. OK, at this point I have no idea what you are talking about. Free software is not going to destroy the computing industry, although it might cause some unemployment (just like other disruptive market changes). Surely "people who are smart enough and motivated enough" can cope with that.The problem is that the underlying architecture *could* stop worms and trojans but it doesn't. All that stops them is obscurity.
/' the computer would keep purring along. My servers would keep serving, nobody outside would notice. But I'd lose everything I care about. (I do have backups, but this is a what-if.) OS installs are easy these days, but recreating my thousands of documents, reripping my MP3s, losing my photos. These things are a pretty nasty consequence and I'm no safer in Linux than in Windows, except that I (possibly) pick better applications. One bug in my email client though and I'm hosed.
/tmp) and where I can use a more-trusted file-browser to sort things around between aspects of my overall user account.
Don't get me wrong, I run Linux at home and I love the security, but I know that every configure script I run could contain harmful code. I know that a trojaned version of a mozilla pluggin could run with my privs and wipe out everything I can access.
What we need to do is run every application as a seperate user. You wouldn't run Apache and sshd as the same user, or run an ftp server as any user with anything other than read access to a chrooted environment, but people feel really comfortable running ut2004, Mozilla/Thunderbird/etc, konsole, BitTorrent, AcroRead, GQView, and a million other programs that could all have a buffer overflow (remember when the JPEG virus was just a myth?) and execute arbitrary attack code.
Sure, if I, as a user, typed 'rm -rf
What we need is for Mozilla to run as wnight-mozilla, for ut2004 to run as wnight-ut, for gqview to run as wnight-gqview, etc. They'd all use (behind the scenes, the user could have a nice GUI for this) symlinks and user groups to get permission to access their files from a stripped-down home directory. If I use Firefox and Thunderbird, Firefox never needs to see my email directory, even with read access. GQView never needs to see it either, or my firefox directory. ut2004 doesn't need to know that any of those programs or their data even exists. But they need to share a download directory (where you can't over-write or delete another user's files, like
Otherwise we're just as vulnerable, once someone gets past our slightly higher walls we're just as unguarded.
Ultimately, to make an open BIOS, the most important piece of cooperation you need is from the chipset manufacturers, but ultimately, you need cooperation from every single one of the manufacturers of every piece of silicon on the board.
Of course, once you've flashed a different BIOS onto the board, don't expect to get any support from the board manufacturer- they try to stand behind their product, but that's hard enough for configurations they have been able to test.