Slashdot Mirror
Stallman Pushes For Free BIOS
An anonymous reader writes "One key area that Richard Stallman, GNU project founder, hopes to develop is an OSS-based BIOS. But his work has been hindered by PC manufacturers who haven't been receptive to the idea. Stallman told Builder AU that: 'we're looking for companies willing to cooperate with the community in this way.' On challenges facing developers today, Stallman said the worst was the proliferation of laws that explicitly ban free software for certain jobs."
Isn't it about hardware mediated DRM?
Isn't there a Linux/BIOS project underway?
Isn't Microsoft looking to create a nasty piece of BIOS (or no BIOS) which would lock down a system beyond the belief of most persons who aren't "well educated" WRT technology; i.e., the people who wouldn't have a need for tinkering with the system. I'm looking to this akin to car manufacturers wanting to sell cars with the hood welded shut?
Stallman is going to have to find a serious financial hook to lure companies with.
Hardware vs. Software is starting to be viewed as the last outpost of the fight to save capitalism in the Software industry.
If he's really serious, he'll find an investor who can't quite break in yet and try to nail down that niche.
One key factor to wanting to develop a free BIOS or "BIOS-like" solution to the startupsequence is that unlike what most endusers are aware of, the BIOS is a pain. Its slow, consumes a lot of bootup time and really isnt needed much longer. A free alternative would provide the user with shorter bootup times and more control over their own hardware. BIOS at its current state are just there for hardware detection/error handling and checking availability of an OS. The LinuxBIOS-project have reduced the bootup time consumed to just 5 seconds afaik. Thats really a lot less than the current BIOSes out there. Most of todays operating systems discards whatever the BIOS provide them and probe hardware directly anyways..
"-Who said sit down?!"
-- S. Ballmer @ MSDC 2003.
But, the interview is interesting.
The current system works fine
That can be said about anything. Open Source BIOS would allow people interested in doing so to decide on their own BIOS settings such as chipset speeds etc. The main people against this are the chip manufacturers who make loads of chips that actually function at a higher speed than they are labeled. Its simply a cheaper way to manufacture them. Once I buy it, however, it's mine (like software). And if I would like to configure it the way I want to do so, then that's my choice. I'm all for at least allowing the co-existance of open source alternatives, and let the consumer decide.
In
An incentive like they received from Microsoft to implement Palladium, perhaps?
Yes, the current system works just fine, but the fact is that the current system is not going to be with us much longer. It looks like tomorrows system is going to be what sinister groups like Microsoft make it. One that only lets 'signed' code run. Looked at an Xbox lately?
It is this that I believe Stallman is trying to prevent.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
It's a BIOS. What good would making it GNU/BIOS do?
It would keep "Trusted Computing" initiatives from locking out Linux and other Free/OSS.
More importantly, what good will it do for the motherboard companies?
Today? Nothing. If the day comes that "Trusted Computing" becomes the norm, it would allow any motherboard vendor who had such an option to continue to sell products to linux users.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
OpenBIOS is what you want, and unlike LinuxBIOS, it's implementing an Open Standard too, as used by IBM, Apple and Sun : IEEE 1275-1994 or Open Firmware.
Stick Men
1. Publish your mainboard BIOS as Open Source
2. Wait for people to compile their own BIOS
3. Charge customers for flashing a working BIOS back on the ROMs.
Easy, isn't it?
And what on earth is the problem with existing BIOS's?
Their makers are involved in Treacherous Computing Group, whose specification relies on keeping information secret from the owner of a piece of computer hardware in order to be able to sell you a computer capable of doing less.
From openbios.org:
It appears OpenBIOS is running only in emulators. In this case, you want LinuxBIOS instead of OpenBIOS for the same reason you want Linux instead of HURD: it's here now.
It's a BIOS. What good would making it GNU/BIOS do?
For one thing it may lower costs for some, others who just pirate the firmware could just be legit. I don't know what the current fee is for an Award/AMI/Phoenix bios but it's gotta be a good percent of the retail cost of a motherboard.
From an end user perspective it may be easier to add features that are absent, or update EOL boards. One thing that come to mind from ages past was NCR/Symbios boot support. Present in some, absent in others. How many geeks have too many PCs and wouldn't mind using a console port rather then having to drag a monitor in just to change a few bios settings. Just to name a couple,
There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
What with all the talk of embedding DRM into the BIOS itself, I'm not surprized Stallman has come out with the idea of a GPL based BIOS. What happens when every single part of the computer must be a pice of 'trusted' software, i.e. restricted software. If this project goes ahead, maybe we'll all have an alternative to what an industry too scared of litigation forces on us.
Some might consider the FSF and Stallman in paticular, to be too zealous in their pursuit of a totally open system, but given the upsurge in patenting, litigation, copyrght restrictions and DMCA style laws, the computing world is becoming a much harsher place for those who want to do, what they want to do, with their own computers. At the moment we have only operating systems restricting our rights on our own PCs. What happens if the PCs themselves contain the restrictions? How far will these restrictions go? How long before PCs come with restrictive EULA and can be repossessed for (suspected) infrigement? Already we can't mod chip our PS2s. What about our PCs? When they get region locking, will we be allowed to mod them? At least a libre BIOS might affors us some protection.
I just wonder, if trusted computing comes into vouge, will a non DRM BIOS be considered a device for circumventing copyright, and get banned under the DMCA. All the more reason to get it established soon, before newer more ridiculous laws are passed.
May the Maths Be with you!
The time it takes to go through the BIOS startup is not determined by the design of the BIOS as it is, but by the time it takes to do certain tests and the artifical delays added to display certain information to the user.
Most BIOSes have option settings to select between fast and good tests, and to speedup the process.
The Dell systems at work are well underway booting the OS before the CRT has even warmed up.
I think the boot time advantage is not worth the trouble.
but the project seems to have stalled. They've got a website at www.linuxbios.org, but their supported motherboards list is small and hasn't grown much for a while. Stallman's imput may get things moving again in this area. I, for one, am tired of having motherboards with terminal bugs in the Bios which the motherboard manufactuors can't be bothered fixing. 3rd party hacked Bioses like Jan's efforts only go so far.
I think the boot time advantage is not worth the trouble.
:)
Maybe boot time alone does not fully justify a free opensource BIOS alternative, but what about boot time combined with better hardwarecontrol (ie allowing the user to tweak performance?), and the option of "hotbooting" bypassing the entire BIOS and letting the OS run the show. This is a very interesting area and I hope development are allowed to happen
"-Who said sit down?!"
-- S. Ballmer @ MSDC 2003.
Insightful? No. It has nothing to do with what you would have to pay money for. That's free as in beer. This is about free as in speech; even though the motherboard manufacturers may charge money for it, you would have access to read and modify the application.
People should not fear their government. Governments should fear their people.
I wonder how this could be moderated insightful. The proprietary nature of BIOSes severely cripple the usefulness of PCs today and destroys their long-term value because support of modern modern hardware features doesn't get backported to BIOSes of older PCs. Some examples:
A generic, free BIOS/firmware could thus (a) bring BIOSes to new, desirable levels of functionality [see above], make (b) BIOS user interfaces consistent across heterogenous computers, and (c) finally allow consumers to choose motherboards based on hardware quality only.
gopher://cramer.plaintext.cc http://cramer.plaintext.cc:70
Richard Stallman does actually know how to program. Although some may argue against it, it took programming knowledge to help write GNU Emacs ;-) (As well as working on gcc and gdb if Emacs doesn't hold enough credibility for you).
All you PC kiddies, who havnt used say, a sun box, dont know what you are missing.
Whilst you may think that a bios is only usefull for tweeking memory timings to get a few more FPS from games, there are loads more things that it can do. For example on a sparc you can do memory, network and scsi tests at a low level before any OS gets to mess with the hardware. You can even program in forth at the OK prompt.
The ability to boot off the network is now in place on most modern bioses, but that has come about as a direct result of having it on server class bioses for years.
The fact that there is a full on TTY driver in the sun bios, means that you can plug the serial out into a another box and have full access to all aspects of the bios remotely. This may not seem much of a big deal to home users, but to a sysadmin it could save you hours of travel. Then there is the fact that you can change bios params. from within the OS.
Modern bioses by just havnt kept pace with modern hardware. There is a monopoly by a few companies, all pushing out a similar product that has just the minimum functions to run the box.
Whilst people may or may not love Stallman due to his abrasive nature youve got to admit that without him, there would be no linux, no GNU and a lot of us would be out of a job.
So, when M$ mandates that all mother board manufacturers uses a bios like that on the Xbox, or their OS wont run on the box, who will they listen to ?? A load of linux "loonies" of a multi billion dollar corp ??
Yes we have hacked Xbox to run linux, but its been patched and the linux hacks are getting harder and harder.
Now under DMCA if you bypass a copy protection you are almost a terrorist. How many of our employers are going to run linux, if its illegal to bypass the bios to install it?
I realize RMS has good intentions but I don't see any point to this. It's a BIOS. What good would making it GNU/BIOS do? More importantly, what good will it do for the motherboard companies? The current system works fine, they will need incentive to switch over to something new.
If you don't have control, you'll have to hack proprietary. It might lead to a high court ruling that modding is illegal but this time for your PC.
With all the DRM-lock hype, will we take a "general purpose computer" for granted after a few years? If we're only sold special purpose multimedia computers, business computers and communication computers?
Given a few years, are you expected to be able to modify and hack on your not-a-computer but a-computing-appliance? Minding the copyright controls, hacking hardware or commercializing hacking tools might be as illegal as modchipping PlayStations in the UK currently.
Example: similarly to selling non-general purpose gaming computers (XBox), MS could stop selling Windows for "general purpose computers" and only license it to "advanced multimedia and business computer(tm)" manufacturers. The strategy would be enforced with the latest whizbang-DRMized TCPA BIOS. Want to buy general computing hardware after that? It'll be as easy and cheap as buying a BeBox or Amiga ten years ago.
Stallman is quite a capable hacker, very likely more productive than you and me combined.
Lisp is the Tengwar of programming languages.
Modern Macs, Suns and PowerPC CHRP systems all use Open Firmware, which is a significantly nicer boot system than a standard PC BIOS. As another poster pointed out, there is a free implementation available. Moving the x86 world to Open Firmware would be beneficial to hardware manufacturers, since they would only need to write a single piece of ROM code, rather than one for x86 and one for (almost) everything else. It would be some effort for operating system developers, since operating systems would have to be modified to boot from Open Firmware (not a problem for Linux, *BSD, etc, since they already support OF on non-x86 platforms).
I am TheRaven on Soylent News
I don't really understand why RMS wanting something to be "free" and open is news. RMS wants the doors to the building he works in to be free and open (literally, it was posted /. but I am not going to take the time to look it up.) If RMS was a creationist he would argue with God that creation should be open and free (anyone should be able to create the universe but if you do use his model you have to release the source code).
Note I personally prefer the modified BSD license and think GNU is trying to mandate "morality".
Bad Panda! No Bamboo for you! In matters of importance ACs will not be responded to. Want to say something critical,OK
RTFA
But if tcpa allows those wal-mart "computing devices" to provide their users some basic functionality without ddosing the entire subnet with virus activity, then I'm all for it... as will be most of the joes and janes presently calling tech support every month because their computer caught (yet another) case of the clap.
Something has to be done about security, and linux (such as it is) is no panacea. That means disabling a certain level of geekiness is required simply because most of those home users don't have a fucking clue how a computer works - nor should they - any more than you should have to know how to rebuild a compressor just so you can enjoy the "priviledge" of preserving your food with a refrigerator.
If "trusted computing" helps prevent grandma from being owned every time she hops on pogo, it has a great deal of value to very many people. Sorry, but that's life.
And rather than pushing all these manufacturers to do what he wants, people like RMS should be out there rounding up talent to help create our own platform. I was designing CPUs from TTL logic when I was in goddamn high school - it ain't that hard if you know what you are doing. And with all the OSS tools available today it should not be that difficult to evolve a truly open cpu and chipset. Yes the open version would be years behind and yeah, it'll be more expensive (at first) than those commodity parts. Such is the nature of supply and economies of scale. But if it's a truly competetive product then others will adopt it, and that will allow the "scale" to tip somewhat back in favor of the open approach. AMD and Intel don't have the only fab lines on the planet, you know - and IBM and Sun would probably love some new tech to help keep those fab lines busy. Hell, make the design simple enough and the parts could be built on the obsolete assembly lines cast off by intel and amd.
I'm not saying we should just shut up and lie back, nor am I saying we have no right to speak out about the evolution of technology - but at a certain level trying to tell manufacturers like intel what to make oversteps the bounds of logic, if not freedom itself.
It's gonna have to happen: either we do it our way and let them do it theirs and let the market decide, or they are going to leap ahead and then will have the power of "proof." Once that happens it won't be a matter of deciding for ourselves because, if TCPA is at all effective in reducing the number of compromised commodity computing systems, the lobbyists will waste no time making sure the braindead old farts in washington legislate away all other options.
The time is now
AMD has seen the light and has become the most forthcoming of all chipset vendors, so Athlon and Opteron motherboards tend to be very well supported. (VIA, by contrast, is still a problem). Tyan has a full-time LinuxBIOS engineer, and several system vendors, among Linuxnetworx, ship machines with LinuxBIOS installed.
They have solved the VGA init problem by importing an 8086 emulator that (strangely) runs faster than the hardware version in P4 and Athlon. For x86 they have a funny compiler called romcc that uses registers as main memory, for use before the memory controller has been initialized. (Opteron doesn't need it because ~450 bytes of the cache works as RAM immediately after power-up.) What the project needs most now is some institutional support, so they can run regression tests on all the hardware they support.
The project is far from dead: they are fixing to release major version 2. When will it be ready? Sooner if you help.
A lot of BIOSes have broken implementations of stuff (see the likes of ACPI for examples) - opensourcing the BIOS would be really useful for getting this kind of thing fixed. Especially since a lot of kit is still in use long after the manufacturers have finished caring about it - open BIOSes would allow people to fix BIOS bugs after the manufacturer has stopped bothering to release firmware updates.
http://blog.nexusuk.org
Great!
I'm working mostly against software patents in the EU, but Trusted Computing is going to be a BIG problem. If you know what to do, maybe I could help, or I could encourage others to help.
What are you doing to stop it becoming required by law?
Expert in software patents or patent law? Contribute to the ESP wiki!
TC will not stop an OS from running. It is used by the OS to verify that every layer of control is untampered with, from BIOS to OS to application. This verification also extends to remote parties.
Where this becomes dangerous is when enough machines are TC capable. Imagine its 2011 you try to connect to your bank with Firebird/Linux and the bank refuses to allow you to access your account because your platform may not be "trustworthy". No amount of emulation will be able to get around that. Its not a matter of protocol, its a matter of public key encryption. The key you need is in the TC hardware.
That key is the problem. Imagine future DVD's using public/key encryption instead of the lame CSS it's currently using. With TC, That decode key needed would be supplied by an MPAA server that ofcourse would only supply it a TC certified setup durring registration. The key would only need to be supplied once and stored in the TC hardware itself. From MPAA server through the net through the app through the OS through the BIOS straight to the TC hardware, it would all be highly encrypted and verified. No snooping or sniffing possible.
They could change their bussiness model and sell the DVD's for a dollar and charge $20 for activation. You could try to sell your registered DVD on ebay, but buyer would have to "register" it for $20 as well. No more lost sales to resold DVD's. Its would be a MPAA exec's wet dream.
It's not that you wont be able to RUN linux, its that you wont be able to do anthing with it in the future. You wont be able to play new DVD's, unable to connect to certain sites such as yoyur bank or paypal, you won't be able to register downloadable content such as itunes, etc. Linux users are just to small and disorganized (politically) to do anything about it.
Ofcourse this is a while in the future, but you can bet its a future that greedy companies will hurry along as quickly as posible.
The only thing really saving our butts so far is the fact that a majority of windows users have older equipment and are going to stay that way. But it will not be this way forever.
The way TC will spread and take hold is to get itself established on new equipment and be as innocuous as possible. It will be in new equipment because MS will say it has to be there so as to be "PC Standard". Eventually you reach critical mass. This may take decades to occur, but it WILL happen. Government and big business will make sure of it.
"Do you mean that manufacturers would be required to implement DRM? But so what? Just because it's there, doesn't mean you are forced to use it." But if every new computer sold after 2005 was required to be DRM-compliant, it would take, what, 3-5 years before most of the population had upgraded to a DRM-compliant computer? And when your motherboard goes on the fritz, what then? "Do you mean that manufacturers would be required to implement a compulsory form of DRM that stopped unsigned OSs from booting? That's also absurd. The big corporate interests behind Linux would never let that happen." The big corporate interests behind Linux let software patents happen. (Of course software patents happened in the US before Linux did - but they're still happening in Europe, for example) Remember, there are bigger corporate interests that want DRM. Sony, Disney, Microsoft, you name 'em. IBM is only one behemoth among many...
Unlikely, beside, the large number of people who used Napster, and still use P2P to download copyright material, clearly demonstrates that mere legislation is not the same as effective enforcement.
and Linus stated in an interview that he didn't oppose to DRM in Linux, so you might HAVE to accept it
Unless you (or someone else) take advantage of the rights afforded by the GPL to take the Linux source code and remove any DRM code from it, whatever Linus thinks about it. That's the whole point about the software freedoms which the GPL was designed to ensure.
flossie
Write now. Defend liberty
Now if the interfaces involve encryption, and keys are not available to free software, then certainly a lot of people, not just RMS, would complain. But it seems unlikely that this will happen, since the large chip companies make money from Linux-on-x86 sales.
You seem really keen on this, but it is false. The only way RMS contradicts capitalism is that he refuses to admit the crude monetisation of so-called 'intellectual property'. RMS instead says: ideas are not property. And our existing copyright and patent laws in fact state this. OK, at this point I have no idea what you are talking about. Free software is not going to destroy the computing industry, although it might cause some unemployment (just like other disruptive market changes). Surely "people who are smart enough and motivated enough" can cope with that.Open Firmware is at least non-proprietary, and is used by Sun and Apple on their computers
There is even an open source implementation of Open Firmware in the form of OpenBIOS.
There is also a commercial implementation of Open Firmware from FirmWorks.
I should note that that IBM RS/6000 machines also use Open Firmware.
Jumpstart the tartan drive.
interesting point. as i recall, the open bios project (it may have been linuxbios, don't quote me) booted so fast that you had a console prompt before the HD had spun up necessitating a reboot while the hardware caught up...
hardware, software... wetware is where I live...
If all you have is a hammer, everything looks like a thumb.
I've actually thought the same thing many times (though from an 'Open Source' rather than a 'Free Sotware' viewpoint); what's the point of having a completely open-source OS and drivers if you don't have an open BIOS? From a security standpoint, it's similar to Apple's OSX -- the kernel may be open to review, but if Aqua is completely closed, there is no way you can verify that there are no backdoors in it. You can only be certain if you have 100% access to all the code running on your system and can check it yourself, and even then, it's still a bit risky (I know I'm paranoid, I'm an OpenBSD guy at heart). While it is highly unlikely, if your BIOS is closed the possibility of backdoors still exists, and will become more probable in the future as MS/Pheonix get together on their new DRM-BIOS (search old Slashdot articles to find it).
In short: Anyone in the post 9-11 world who trusts the government or big business to look out for the rights or privacy of the individual needs to stop watching the Fox Propaganda Network and see what's happening that Rupert Murdoch DOESN'T want you to know about.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
With all due respect you seem to be stuck on the free as in beer. There is far more to open source that that. I particularly like that, using your analogy, this "soup kitchen" not only gives away soup, but provides the recipe so I can improve it. Or take their soup and use it in a burger recipe. And I can charge for delivery if I like!
It would kinda suck if the soup kitchens of the world put out the restaurants... I rather like eating out.
Hey buddy, you're quite free to walk into a soup kitchen RIGHT NOW and eat. Why don't you? Likely because the restaurant makes much better food, has much better ambience, much better service and also serves wine with the meal (They even have better soup!).
The problem with your analogy is that right now, the soup kitchens are making the better food, PLUS wine and a cab ride home. FOR FREE. If the soup kitchen can continue to make better food, and provide better service, good riddance to the restaurant.
But some of the restaurants are learning : Look at Novell, IBM, HP... they've got the idea : they've put soup kitchens IN their restaurants. They give the soup, and sell you tasty bread to go with it. They let you walk to the buffet for free, or you can pay to have a waiter!
If you, or your restaurant can't accept and adapt to that, well... looks like you and your wife won't be eating out much longer.
Don't be such a soup nazi! :P
But the real advantage of trusted computing is to make it so that you can boot a machine and be certain that it is not running any type of trojan or malware.
</quote>
Microsoft said the same thing about signed activex controls in their browser, and look where that got us?
Correct me if I'm wrong, but a BIOS is nearly negligible as far as making money. It comes on hardware which is sold for a price. So I don't quite see why PC manufacturers would be so put off by the idea.... Except that some hairy communist is trying to cram it down their throats.
But weren't there people trying to DRM the world through the BIOS? "Trusted Computing" and all that? The only way it can be trusted is if the source can be independently audited. Seeing companies scrambling to protect themselves from their customers only gives credence to the notion that corporate power is really getting out of hand.
But of course Stallman, like an idiot, still insists that people adapt to HIS vocabulary. He begins the interview with paragraphs of definitions. It's his lone insistence on cumbersome terminology that makes me completely fed up with listening to him--and I'm usually on his side! How sad is that? Imagine how a proprietary mind would react!
The biggest obstacle for the acceptance of Free Software is still Richard Stallman. For Pete's sake, man, ATTEMPT to understand *other people*.
computer. Not a computer that can run Linux, but one that is built specifically to run Linux. Ideally, this computer would not run win32 out of the box.
Call it the Open Station, or some other thing.
The way I see it, corporations are rapidly gaining more rights than we, as individuals, are. In order to realistically put our hat in the ring, we need a corporation that works to do our bidding. Better to start building one now than later.
There is another side benefit here as well in that some of the benefit Apple brings to the table could also happen in Linux land. Control over the hardware, or at the least, solid known minimum specifications would allow developers to target the known environment, making support and the user experience more cohesive than it is now.
Expensive to start? Sure, but necessary IMHO.
Personally, I would support this effort. Say a nice machine hits the $300 - $600 mark w/o monitor. That price point would put it in reach of a lot of folks.
We can make our voice heard in a more powerful way while bringing some credence to the whole OSS movement in a new way.
I know Linux and the BSDs run on almost anything. That's a good thing; however, I believe if people see Linux computers as a choice, their perception of Linux might change for the better. The whole thing would become a little less leach like. (I don't believe this, but I have heard others lean this way from time to time.)
Something to think about anyway...
Blogging because I can...
And it's four years old.= 7170
http://www.linuxjournal.com/article.php?sid
"LinuxBIOS runs on a wide range of platforms. Fifty supported motherboards are in the source tree, but we have found that many motherboards are so similar that a LinuxBIOS for one motherboard can work on another. Companies build code for one motherboard, run it on another motherboard and do not always get around to telling us.
LinuxBIOS works on 64-bit and 32-bit CPUs. CPUs supported include the Alpha, K8, K7, PowerPC, P4, PIII, PII, Cyrix (VIA), Geode (now AMD) and SC520 (AMD). Chipsets are too numerous to list. Form factors of mainboards range from the smallest PC/104 systems to the largest K8 systems. An IBM PPC 970 port is in progress.
Chipset Secrets
One of the most common phrases we heard from chip vendors in the first few years was "we'll never tell you that." "That" being CPU information, chipset information, motherboard information or any combination of the three. The designs for these three systems constitute highly guarded secrets. It seems amazing, even now, that vendors are able to let us build a GPLed BIOS that by its nature exposes some of these secrets.
How was it possible for us to get this type of information? Simple, businesses are not charities. If there is no business case for releasing this information to us, they do not do it. If, however, there is a business case, then it happens--sometimes with astonishing speed.
From what we can see, the two factors in our success were competition and the creation of a market. Competition gave us a wide variety of choices as to motherboard, chipset and CPU. Once there was a reasonable market, vendors were concerned about being left out.
The experience at LANL is revealing. LANL's last two large cluster RFPs have specified LinuxBIOS as a mandatory requirement. Spending on these RFPs has come in at over $19 million US. Companies that had decided not to become involved in LinuxBIOS could not respond to these RFPs. Companies that had the foresight to get involved in LinuxBIOS early in the game were equipped to respond. Foresight, in this case, conferred a competitive advantage.
Conclusions
LinuxBIOS has come a long way in four years--as one person put it, from "I'm Possible" to "In Production". LinuxBIOS is used on everything from the largest Linux clusters yet built to the small--test instruments, MP3 players and portable clusters.
LinuxBIOS makes it possible to build systems without PC hardware baggage. The systems can be optimized for Linux and thus can be more compact and simpler. There is increasingly a business case for such systems.
LinuxBIOS is now in its second version, with four years, at least six CPUs and over 50 motherboards' worth of experience behind it. It now takes only days in some cases to do a port to a new system; originally, it took months. LinuxBIOS' impact on the world of computing is only beginning."
The problem is that the underlying architecture *could* stop worms and trojans but it doesn't. All that stops them is obscurity.
/' the computer would keep purring along. My servers would keep serving, nobody outside would notice. But I'd lose everything I care about. (I do have backups, but this is a what-if.) OS installs are easy these days, but recreating my thousands of documents, reripping my MP3s, losing my photos. These things are a pretty nasty consequence and I'm no safer in Linux than in Windows, except that I (possibly) pick better applications. One bug in my email client though and I'm hosed.
/tmp) and where I can use a more-trusted file-browser to sort things around between aspects of my overall user account.
Don't get me wrong, I run Linux at home and I love the security, but I know that every configure script I run could contain harmful code. I know that a trojaned version of a mozilla pluggin could run with my privs and wipe out everything I can access.
What we need to do is run every application as a seperate user. You wouldn't run Apache and sshd as the same user, or run an ftp server as any user with anything other than read access to a chrooted environment, but people feel really comfortable running ut2004, Mozilla/Thunderbird/etc, konsole, BitTorrent, AcroRead, GQView, and a million other programs that could all have a buffer overflow (remember when the JPEG virus was just a myth?) and execute arbitrary attack code.
Sure, if I, as a user, typed 'rm -rf
What we need is for Mozilla to run as wnight-mozilla, for ut2004 to run as wnight-ut, for gqview to run as wnight-gqview, etc. They'd all use (behind the scenes, the user could have a nice GUI for this) symlinks and user groups to get permission to access their files from a stripped-down home directory. If I use Firefox and Thunderbird, Firefox never needs to see my email directory, even with read access. GQView never needs to see it either, or my firefox directory. ut2004 doesn't need to know that any of those programs or their data even exists. But they need to share a download directory (where you can't over-write or delete another user's files, like
Otherwise we're just as vulnerable, once someone gets past our slightly higher walls we're just as unguarded.
But the real advantage of trusted computing is to make it so that you can boot a machine and be certain that it is not running any type of trojan or malware.
Actually, it just means that when you get a DRM-Enabled virus or trojan, your anti-virus scanner can't detect it, because the memory is "protected". This _is_ one of the design goals, because if any program is able to read the memory of another, encryption keys can be extracted.
Hardware DRM will hurt the problem, not help it.
The BIOS is just one area-- a critical feature we should all demend in consumer electronics gadgets (by voting with our dollars) is flashable firmware and documented architectures so OSS alternatives can be utilized to customize the hardwares capabilities. An inadvertent example is the Archos Jukebox MP3 player/recorders. We should see such capabilities in consumer devices as critical features that will allow us to fully utilize the hardware as we desire. Does the iPod provide for OSS firmware? No? Then buy an Archos or equivalent instead. Such a feature should be ADVERTISED as a competitive feature and appear on the spec sheets. The potential advantages are enormous-- what it represents, in effect, is Open Source hardware that can be utilized in ways unforseen to the manufacturers.
Unfortunately, many manufacturers do NOT desire such features, as it tends to counteract planned or even natural obsolescence. However, if we only buy gear that is self-extensible through open source, they can be forced to provide the feature if they are losing out to competitors who aren't afraid to offer it.
People have been mentioning the Xbox, whose BIOS requires signed code both for the dashboard (roughly the OS) and the game discs. So of course the Xbox-Linux Project developed their own Free BIOS, Cromwell (see the bottom of the page), which is more or less just a Linux loader with no Microsoft BIOS code in it. (Other BIOSes like EvolutionX are derivative works of the MS BIOS and thus technically illegal.)
So yeah, there are Free BIOSes, there is a MS BIOS that enforces a signed code restriction, and there has been a need to bypass that restriction.
Ultimately, to make an open BIOS, the most important piece of cooperation you need is from the chipset manufacturers, but ultimately, you need cooperation from every single one of the manufacturers of every piece of silicon on the board.
Of course, once you've flashed a different BIOS onto the board, don't expect to get any support from the board manufacturer- they try to stand behind their product, but that's hard enough for configurations they have been able to test.
you can "pretend" to follow DRM procedures, but in point of fact, do whatever you want...all the DRM calls can go to: int preventcopy(){ return 1; }
The entire point of Trusted Computing is that if you do that then you cannot read any of the encrypted files in the first place. You cannot install any of the new software. You cannot access the new websites. And with Cisco's Network Admission Control routers you can even be denied internet access.
All of the new files and communications are encrypted. If your system is not fully compliant then you are unable to decrypt anything.
It's a total lockout. Either "voluntarily" submit, or nothing new works.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
The story submitter wrote:
I can guarantee you that interpretation is incorrect. RMS doesn't advocate for "OSS" (open source software) or anything else to do with the open source movement. He is the founder of the free software movement and the GNU Project which aims to spread software freedom, something the open source movement does not discuss.
Given the following passage from the interview:
I'm guessing that the submitter failed to read the interview. But that wouldn't be the first time.
Digital Citizen
I highly recommend checking out the project history and overview of architectural and design decisions they've made. Fascinating stuff. (Check the "papers" link on the left side, IIRC.)
Here's a snippet from the project homepage to whet your appetites: