Intel Planning To End Legacy BIOS Support By 2020, Report Says

Michael Larabel, writing for Phoronix: Intel is planning to end "legacy BIOS" support in their new platforms by 2020 in requiring UEFI Class 3 or higher. Making rounds this weekend is a slide deck from the recent UEFI Plugfest. Brian Richardson of Intel talked about the "last mile" barriers to removing legacy BIOS support from systems. By 2020, they will be supporting no less than UEFI Class 3, which means only UEFI support and no more legacy BIOS or CSM compatibility support mode. But that's not going to force on UEFI Secure Boot unconditionally: Secure Boot enabled is considered UEFI Class 3+. Intel hasn't removed legacy BIOS / CSM support yet due to many customers' software packages still relying upon legacy BIOS, among other reasons. Removing the legacy BIOS support will mitigate some security risks, needs less validation by vendors, allows for supporting more modern technologies, etc.

Re:As one who works at a vendor....

[wierd_w]

Low memory is also significantly less important on a UEFI system, because it boots straight into protected mode. Eventually, Intel will completely do away with trappings like v86 mode and pals, because they wont really be needed or useful, and will just be gobbling up die space.

What complicates intel's master plan, is that DOS (especially since the freedos project is very mature and has no licensing fees) is a very approachable target for many applications even in the modern era (Many things, from airport metal detectors to vinyl cutters, to industrial robots and pals), and that requires BIOS to operate. That you do not need to lug around a huge OS stack (DOS lives comfortably in less than 1mb of RAM), and dont have to contend with hundreds of multitasking processes (So your single task-oriented solution does not end up competing for resources or hardware events, because it is operating at realtime instead of time slices or having to wait for spin locks to disengage, etc) makes DOS a very approachable platform even today.

Intel just does not like that. It sees UEFI and their management processor security device model being the future in modern computing, and much like AMD, probably will only give up the keys to the management engine's castle after the vandals storm the place. (Meaning CoreBoot and pals will have to find ways to smash down the custom minix's doors and take over by force to overcome the designed security features of the processor, and hand them over to proper user control.) This is because the premise of the technology defacto asserts that the end user is not capable of being trusted with the security of the platform, and that only trusted persons or entities (orgs) can be vested with that responsibility. (This is at odds with GNU's philosophy.) Intel has many deep-pocketed orgs demanding this level of digital lordship, (microsoft *AND* apple being among the big ones), so the money is in giving the big pocketed groups what they want, which is mutually exclusive to projects like coreboot.

Re:Completely Untrue

[thegarbz]

Last time I looked I have NEVER seen a bios attack

Found a millennial. Those of us with a few more grey hairs on our beards remember BIOS modifying related malware basically showing up as one of the originals during the birth of PC malware.

That's to say nothing of the fact you've had your eyes closed to multiple cases over the past few years, to say nothing of the several that have been discussed on Slashdot in the past.