Phoenix's BIOS Roadmap

An anonymous reader writes "Phoenix Technologies Ltd. unveiled a vision and roadmap for a next generation of system BIOS firmware that the company calls "core system software" today, at its Strategy 2004 conference. As defined by Phoenix, CSS is a new category of core system firmware that transcends the boundaries of traditional BIOSes and to deliver "extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing," in a broad range of devices including desktop and laptop PCs, servers, and handhelds gadgets. Specific technologies that Phoenix is integrating into its d-NA CSS firmware include: support for the Trusted Computing Group (TCG) specification, remote diagnostics and error-checking, intelligent configuration checking and integrated system policy management, automated provisioning of servers and server virtualization, "radically enhanced" device power management, embedded TCP/IP, remote management functions including dynamic provisioning, load balancing and software resource control, and an XML and SOAP standards-based interface to CSS functions."

Thanks but no thanks Phoenix..

[grub]

Trust -- [...] In addition, Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and .NET applications.

If this crap cannot be disabled then I guess I won't be using Phoenix BIOSes in the future. This whole "trust" nonsense is a thinly veiled attempt at shifting some of the security-onus from the OS to the hardware with the blessing of Microsoft along with the side "benefit" of Digital Rights Management.

This may start a whole new style of hacking; releasing BIOSes for flashing which have the DRM/Trust shite removed.

Re:Thanks but no thanks Phoenix..

[metallicagoaltender]

This may start a whole new style of hacking; releasing BIOSes for flashing which have the DRM/Trust shite removed.

Which brings us to our four favorite letters - DMCA!

The idea of DRM being embedded into BIOS certainly is disturbing, and though I've never really cared whose BIOS is on the hardware I'm buying, this certainly changes things. You have to wonder though - will anyone stay 'rogue' and avoid DRM, or will everyone conform, thereby leaving consumers with no real choices?

Re:Thanks but no thanks Phoenix..

[Yaa 101]

This is why open source hardware is so much needed...
I say this time and time again but nobody seems to care untill it is too late...

Re:Thanks but no thanks Phoenix..

[DGolden]

People do care [opencores.org]. But, unlike software development, a chip fab still requires significant initial capital investment to get started. And chip fabrication is tied up in hardware patents - just as stupid as software patenting, but much more entrenched.

Re:Thanks but no thanks Phoenix..

[Usquebaugh]

FPGA Yes it's not real silicon but it's the best we can do at present. So fscking use it instead of bitching about no fab. We are never going to have a fab, get over, move sideways and continue. Once upon a time there was no GNU C compiler did people sit around wringing their hands, or did they use the tools they had and write one? People moan about no open source 3D support in Linux, well pick up an AGP based FPGA and implement one. DVD encoding, Factoring, etc PCI based FPGA. FPGA are cheap enough that any hardware hacker should have at least one installed in his PC. The more people that have them the cheaper they become. The more apps that are written for them, the more people will want them. So stop whining and go get yourself a FPGA.

Re:Thanks but no thanks Phoenix..

[kisielk]

Sorry man, but FPGA's are not cheap at all. Even a small to mid density FPGA on an evaluation board costs $500-$700 USD. If you want an FPGA with enough performance and a high enough clock rate to do something like 3D graphics, you're looking at that same price, but just for the chip alone, nevermind memory etc. If you were to purchase an entire board, or build one yourself, you're looking at a $1600-$3000 investment, depenind on the features you want.

Additionally, an AGP interface is not exactly a trivial thing to implement, and getting a license for a PCI or AGP core costs several thousand dollars as well.

I think we can safely say that open source FPGA hardware is well out of the reach of the vast majority of Linux / other OSS operating system users. Even if someone managed to implement all these devices, paying for the boards for all of them would costs 5-10x as much as a PC does now, a premium I'm sure most people are not willing to pay just to get open hardware.

Re:Thanks but no thanks Phoenix..

[dslbrian]

Why would you ever want to buy a fab? Forget that unless you plan on running a chip business. For working on a prototype you need to check out MOSIS [mosis.org]. They might do low volume production also - I never checked into it.

I fab'ed my MS thesis project through MOSIS. Die area was approx 3.7mm square in 0.5um CMOS, and it cost about $3000 for 25 samples. Worked great. If I was ever going to do another private project I would go that route.

Re:Thanks but no thanks Phoenix..

[Reziac]

That's not much per unit over the retail price Phoenix's partners sell their BIOS updates for -- $85 each, last time I checked (about 2 years ago). And I'm sure a run of a few thousand would have got you a more competitive price.

OpenBIOS

[Midnight Thunder]

You should also check out the OpenBios [openbios.org] project. They are working towards making a working openfirmware solution that will work on the x86 platform.

DIY

[Sunnan]

Please, contribute to one of the various open/free hardware projects out there.

Re:Thanks but no thanks Phoenix..

[beacher]

Here's what I want to know - "extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing,"

MANAGEABILITY. You want control over my PC? Fine, dump the EULA and be RESPONSIBLE for what it and your software does- until then take that crap out

Legal concerns > /dev/drm/legal
-B

Re:Thanks but no thanks Phoenix..

[drinkypoo]

This is certainly where LinuxBIOS comes in. One day those who wish to run a 100% DRM-free system may be forced to purchase hardware for its LinuxBIOS compliance :) I should think there would be an easier way to make sure you're not using anything that requires DRM, however, if that's your objection.

Re:Thanks but no thanks Phoenix..

[4of12]

I'll do that and visit the sites I can, etc.

But Ma and Pa Kettle will blithely visit all the DRM-requiring sites without a clue `cuz "DRM came with My PC - I just had to fill out a Wizard when I turned it on!"

And people thought Doubleclick was insidious and intrusive...

Re:Modchips are nigh illegal

[drinkypoo]

Hacking your Xbox to run linux using the Cromwell BIOS is not illegal; hacking it to run some other BIOS derived from its original BIOS is, because the BIOS is protected by copyright. Similarly, loading LinuxBIOS will continue to be legal simply because you are not utilizing any code from the manufacturer.

Also, I can see a day when manufacturers advertise their LinuxBIOS compatibility. There's obviously money to be made from Linux...

Re:Thanks but no thanks Phoenix..

[Asprin]

Well, MR BIOS [mrbios.com] used to do that, but looking at their web site, it's not even clear they're still in that line of business anymore - it looks like they got bought out and they're just a handholding service now. Anyone used them lately?

Re:Thanks but no thanks Phoenix..

[Uma Thurman]

A long time ago I have a pentium-133 that would not boot from a CD-ROM. I bought a Mr. Bios upgrade and that fixed the problem. It looks like they are in the same business, and you can still buy new BIOS chips for your computer. The brand then and now is "Unicore".

BTW, the Mr. Bios had about 3 times as many configuration options as the old AMI bios that I replaced. And the manual it came with explained them quite well. For $70 I thought it was a good product, and it extended my use of my motherboard for 3 years.

Re:Thanks but no thanks Phoenix..

[cpghost]

will anyone stay 'rogue' and avoid DRM, or will everyone conform

Nobody is forced to buy Phoenix DRM-crippled BIOSes. There are plenty of manufacturers abroad (China, Taiwan, Eastern Europe, hell, even Old Europe!) that will be more than happy to sell you unencumbered BIOSes. Not everyone cowers before US laws and the DRM cartell (unless you come and invade those countries too).

Re:Thanks but no thanks Phoenix..

[Adm1n]

again free your bios! [linuxbios.com]

Re:Thanks but no thanks Phoenix..

[The One KEA]

And the people dehacking these BIOSes will probably be the same folks who dehack DVD firmware, like these guys [rpc1.org].

The trick will be getting past the DRM in the unhacked BIOS to install the dehacked BIOS. Considering the skill of these hackers, it'll probably take them five minutes.

Personally, I think the best way to contest this is the age-old adage: Bote with your wallet. Don't buy mobos with these BIOSes -- buy the competition, even if it's not as useful. Make it clear to the mobo manufacturers that you won't buy a mobo with that BIOS, and because they used it you won't buy their stuff. If enough people refuse to buy this stuff, it'll sink faster than the Titanic (or the Itanic).

Re:Thanks but no thanks Phoenix..

[pentalive]

Sure, none of us should buy these types of BIOS, but even if none of us do, we are the minority the great unwashed windows running masses are still out there.

Re:Thanks but no thanks Phoenix..

[wfrp01]

What does "win" mean? Majority market share? Probably. Eliminating alternative choices? I don't think that's going to happen. Even a minority can wield enough purchasing power to create a market - Apple comes to mind. If almost everyone uses Windows, but I can still use Linux, that's fine with me. If almost everyone uses Phoenix's bios, but I can buy something else, that suits me too. Choice is good. Sometimes that means giving people you don't agree with their choice too, even if they're in the m

Re:Thanks but no thanks Phoenix..

[Anonymous Coward]

Now this is becoming interesting.

If Redmond/D.C. is insisting that all systems be networked now, could there be a possible concerted effort to use the unused power of computers belonging to the citizenry for various projects (which would be run/administrated by either the government or the highest bidder)?

That's a rather scary thought. However, it's not as bad as having the BIOS perform a check for "trusted" computing components and reporting that back to Phoenix/Redmond/the G-men.

Re:Thanks but no thanks Phoenix..

[Araneas]

Not quite.

A recent Slashdot discussion worried that Microsoft is "taking over the BIOS." But are Phoenix and Microsoft likely to be the sole beneficiaries of CSS firmware?

"It's not just us -- the industry is pointed in this direction," noted Eades.

According to Eades, Phoenix intends to publish a technical overview of what CSS is and what services it provides, which will enable other operating systems besides Microsoft's to make use of CSS functionality, including Linux.

But I agree with your point.

Re:Thanks but no thanks Phoenix..

[dslbrian]

This whole "trust" nonsense is a thinly veiled attempt at shifting some of the security-onus from the OS to the hardware with the blessing of Microsoft along with the side "benefit" of Digital Rights Management.

I agree with you. This sounds like a lock-in to MS compliant hardware, and forced DRM. I'll cast my vote by giving my money to a different BIOS vendor...

Interestingly this might give a boost to the open BIOS movement. When MS started locking people in with "authentication" of their OS and office products, there was a discernable jump in the popularity of OpenOffice.

Re:Thanks but no thanks Phoenix..

[robslimo]

I can't remember the last time I even saw a Pheonix BIOS in any hardware, let alone stuff I bought. I'm guessing getting into microsoft's hip pocket is about the best business plan Pheonix can come up with.

They lost their BIOS market share fair and square by sitting on their butts, thinking the BIOS product was mature and not for the end user to muck about with. AMI and Award showed us (and the OEMs) what a BIOS could really do and the rest is history, including Pheonix's bottom line.

This latest move is their last ditch effort to re-invent themselves in Microsoft's shadow... and it just might work, unfortunately for the end users.

Re:Thanks but no thanks Phoenix..

[Mattcelt]

Nope, unfortunately. Phoenix, IIRC, is the largest provider of BIOS hardware out there. They specialize in OEM BIOS sales - nearly every Gateway or Dell computer I've ever seen had a Phoenix BIOS. I have already refused to purchase Phoenix-brand BIOSes for years because they lack functionality which is present it nearly every other mfg's BIOS.

Ironically, they also own the brand Award (my favorite BIOS), which is more fully-functioned than most (if not all) other mfgs. But when Phoenix DRM creeps its way into AWARD_SW, I will be sure to purchase another, unencumbered brand.

Re:Thanks but no thanks Phoenix..

[Trepalium]

Award was bought by Phoenix a long time ago (and IMO, when they did, Award BIOS's took a turn for the worse). AMI BIOS based machines are today, few and far between. I'm not sure why Award BIOS's were so popular, back in the day, but when Phoenix bought Award, they became the biggest BIOS vendor instead. I get the feeling that Award BIOS 6.0 was really just Pheonix BIOS in disguise (instead of the old two column list menu, it tries to pretend it's a dropdown menu).

Calm down

[MadMirko]

Crypto API is about strong encryption and non-pseudo-random-number-generators, and it also isn't new but has been around since NT4. see: Crypto API.

I thought hardware support would just speed up those functions, so disabling it wouldn't disable the features (which were around years before this hardware), just make them slower.

Re:Thanks but no thanks Phoenix..

[ivan256]

Custom BIOS code is no new thing. Perhaps now, more people will use it...

It's annoying beyond belief to me that the most common general purpose hardware platform around has such brain-dead firmware. It's nice to know that this may not last. It's too bad that they're choosing to disregard all the work Intel put into EFI though. That should be the future....

Either way, you should expect Pheonix alternatives to start gaining development support should Pheonix decide to make the "trusted computing" features m

Re:Thanks but no thanks Phoenix..

[wideBlueSkies]

>>I'll bet that you'll see some big name brand machines from manufacturers that are in Microsoft's pocket ship with this in a permenant "on" position, and the enthusiast motherboard market to ship with this feature easily to disable.

This would be good if it came to be. For those of us who build their own boxen, I'm sure that we'll be choosing to disable everything related to DRM and then some.

Leave the troubles to the uneducated masses I say.

wbs.

Re:Thanks but no thanks Phoenix..

[jilles]

The whole problem with trust is that I don't necessarily trust either phoenix or ms. This a problem because their security solutions more or less require me to do so. I think this is ultimately why this and similar approaches will fail in the market.

Trust requires open solutions. If I, or someone I trust, can't analyse & audit security solutions I use, these solutions are flawed. MS and phoenix pushing proprietary solutions implies that they do not understand this problem themselves.

Wrong view of trust

[TFloore]

The whole problem with trust is that I don't necessarily trust either phoenix or ms.

You have the wrong view of trust.

This isn't about you trusting them. This is about them *not* trusting you.

The entire point of all these Trusted Computing initiatives is that the software/content makers do not trust their users to follow the limitations that the manufacturers want them to follow. Therefore, they want a hardware design that they can trust to enforce these limitations.

Let me say that again.

It's about the content providers trusting the hardware, because they don't trust you.

You trusting them has nothing to do with it. Be a good consumer and buy what you're told.

Yes, this is the "customer as enemy" worldview. You are, by definition, the enemy here. And it says a lot about the limitations they want, that they automatically assume you will want to violate those limitations, doesn't it?

Re:Trust

[jilles]

In all examples you mention, there's some degree of legal security. If the ATM has the right logos and something goes wrong, the bank will have some obligations to set things straight. If somebody uses your credit card number, the risk is for the credit card company (it still sucks though) and car manufacturers actually have to submit their vehicles to extensive testing before they are allowed on the road. If you can prove you had an accident because the manufacturer made a mistake you can get very rich (if

Re:Thanks but no thanks Phoenix..

[vigilology]

This whole "trust" nonsense is a thinly veiled attempt at shifting some of the security-onus from the OS to the hardware with the blessing of Microsoft along with the side "benefit" of Digital Rights Management.

If this keeps up, the meaning of the word 'trust' is going to change, more so than 'gay' has.

Microsoft is going to become Apple?

[garcia]

Trust -- Devices serving as network endpoints can be integrated into to an easy to implement "trustworthy computing" model that leverages secure, digitally signed core system software. This is the critical first link in a "chain of trust." In addition, Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and .NET applications.

Trust? I don't trust either of these two companies to do anything but take over computer applications and hardware forcing people to use them to "protect" their investments.

Manageability -- Intelligent devices and servers based on Phoenix d-NA are able to provide self-management, self-healing and self-authentication as standard capabilities. By leveraging Phoenix d-NA, software developers in a wide range of categories, from identity management to asset management, will be able to incorporate intrinsic "device authentication" into the fabric of their offerings.

In other words, we are going to give you a unique fingerprint that can be traced back to you. You better not try anything funny with our digitally signed OSs.

Is Microsoft taking over the BIOS?

No, they are forcing us to use them. They are also forcing us to have our computers be traced back to us.

Phoenix and Microsoft recently announced that they were collaborating on CSS firmware focused on WinPE (Microsoft's Windows Preinstallation Environment tool), security, and future Microsoft client and server OS releases, intended to "improve a device's reliability, usability, manageability, and security."

Bullshit. It *might* be for some of this. It's most definitely not their main goal. They want to be able to stop their programs from being run w/o their authority. While this is all and good I don't believe our privacy should be violated to do so.

Who's to say that the BIOS won't phone home and report usage statistics on what OS is running, if there are multiple ones installed, what hardware is in use, etc... Just what we need, direct marketing due to hardware installations.

Would this be different if it was a group creating an open standard? Perhaps but I still wouldn't like it. Being that it is one of the most sinister corporations ever teaming up with a single BIOS company it worries me. I wonder if they realize that they are going to become Apple. Didn't they make their money because of open hardware?

Just my worthless .02,

Re:Microsoft is going to become Apple?

[Llewrend]

In this context, trust is a one-way street...

We have to trust them, they don't trust us.

Re:Microsoft is going to become Apple?

[rmdyer]

So when do we start the Open Hardware spec, and when do manufacturers start producing machines that are open?

Can Open Source software thrive on closed (DRM'ed) hardware?

+1

Re:Microsoft is going to become Apple?

[MadMirko]

You need to remember that CSS is designed with the corporate network in mind, not the home user.

TRUST

Trust? I don't trust either of these two companies to do anything but take over computer applications and hardware forcing people to use them to "protect" their investments.

That's not the point. When you are running a big network, you can now detect when someone connects a device to your network that is not trusted by your organization in a simple and consistent way. You may even automatically drop it fr

Re:Microsoft is going to become Apple?

[gillbates]

If you are not in this group, fine, just buy another board, or buy the board, and _don't install Windows_.

Which is precisely the problem: if Microsoft has their way, this won't be an option.

The reason why Microsoft wants this so badly is because this would enable Microsoft to charge annual or quarterly subscription fees for their OS. If the PC can't run any other OS, then the PC owner must pay whatever Microsoft demands.

I just bought a Toshiba laptop with Windows XP. The system is horrible; Explo

Re:Microsoft is going to become Apple?

[chef_raekwon]

Who's to say that the BIOS won't phone home and report usage statistics on what OS is running,

didn't this happen a couple of years back with another breakthrough Pheonix Bios, that never actually made it anywhere? Mainly people weren't interested in teh Bios' phoning home, so everyone bought award?

my perception of history, anyways....

Re:Microsoft is going to become Apple?

[2nd Post!]

What, exactly, does this have to do with being like Apple?

Are you confusing open with commodity, and closed with proprietary?

Apple uses recognized standards:
Open Firmware
PCI
PCI-X
AGP
USB
Firewire
802.11
OpenGL
PDF
Apache
SMB
Zeroconf
HTTP
WebDAV
KHTML
Java
JavaScript
Objective C

Microsoft elects to create their own:
DirectX
ActiveX
C# .NET
Sparkle
WVG
MSHTML/IE
ActiveScript
Visua lBasic

Misunderstandings...

[rmdyer]

You've just stated a slew of technologies here. But I think you are wrong about many items in the list.

* How many of these technologies require licensing to use?

* Of the ones that are listed why do you say they are "standards"? What makes a standard?

* DirectX is certainly a "standard". It is documented and standardized under Microsoft.

* Almost all the technologies listed are not "standards" as they are all proprietary in some way.

You are incorrect that these are recognized standards, they are no

Let's get this out of the way

[The One KEA]

Conspiracy theorists: "NOES!!!! TEH B|0S HAS TEH DRM!!! N0 MORE LINUX!!!!!111"

I, for one, welcome our new well-secured extensible BIOS overlords.

Cool. Even more places for viri to attack

[Anonymous Coward]

The bigger the ROM, the more vulnerable and the harder it is to patch. What a cool target, especially if it does network stuff!

Re:Cool. Even more places for viri to attack

[CatPieMan]

Hm, I was thinking that the BIOS was supposed to be this small thing whose only real purpose was to start up the main OS.

Old Biosii were quite small. Even if they really tried to make this super efficient, this bios will be huge.

So, since there is less and less room to bloat the software, are they trying to bloat the bios now too?

Of course, imagine a network -- corporate/school/home -- that uses all of this type of bios. Now, imagine a flaw is found and a virus written that infects this network. This

complex

[russellh]

simplicity is totally overrated. security, trust, manageability never result from it.

Trust ?

[SiliBelgian]

extensible firmware that provides the critical foundation of trust, manageability, and connectivity required for networked computing

Trust ?
Real trust or trust like in :
"smoking cigarettes doesn't cause cancer. Trust us."

Open Architecture always wins...

[i_want_you_to_throw_]

At least it always did in the past. MS has yet to learn the lesson (and someday it will) that IBM had to learn: you have to evolve from a company that sets standards to a company that contributes to them.

First Palladium and now this?
Certainly cloaked under the "benefits" someone at MS has thought "Oh a way to make *nix useless on PC architecture".
You didn't think this was just going to affect Linux did you?

I beg to differ

[Orien]

MS has yet to learn the lesson (and someday it will) that IBM had to learn: you have to evolve from a company that sets standards to a company that contributes to them.

Well that sure explains why IBM is doing so much better that MS, doesn't it? I'm not trying to troll, it's just that what motivation does MS have to follow other peoples standards when they can set the terms themselves and force the rest of the world to follow without any repercussions? I'm with you in wishing that they would, but don't foo

Phoenix is overlooking one major honking point:

[Thud457]

The whole reverse engineering of the CLOSED IBM PC BIOS and creating a de-facto OPEN STANDARD is what gave us the whole damn PC industry, driven by Moore's law, in the first place.

Do they really think that they can apply the model that FAILED IT for IBM and be successful?!!!!

SILLY ASSES.

Re:Open Architecture always wins...

[Seehund]

First Palladium and now this?

Isn't this part of what was once known as Palladium?

Acronym soup

[worst_name_ever]

Specific technologies that Phoenix is integrating into its CSS firmware include: ... embedded TCP/IP, remote management functions ...

So, could you edit your CSS configuration through a webpage that uses CSS?

Re:Acronym soup

[JeffSh]

don't forget to back them up on a css-encrypted dvd to ensure security~!

Linux BIOS

[cbrese]

Maybe it's time to start helping out/using LinuxBIOS [linuxbios.org]. I went to SCALE [socallinuxexpo.com] over the weekend and saw a interesting presentaion [socallinuxexpo.com] on LinuxBIOS, it has lots of benifits over other commercial BIOS's.

Phoenix has also announced

[mcc]

That to prevent confusion with the popular web-standard technology CSS, the CSS BIOS technology will before release be renamed to "Firebird", a name chosen after an exhaustive search based on the fact that it kind of describes "Phoenix" and hey, it's like the car.

To match this, and as part of the promotional effort for Firebird, they will be rebranding most of their products with animal-inspired names, for example renaming their remote-BIOS-diagnostics-and-administration technology to "Longhorn", a name to evoke images of stability. The entire promotional push will be branded to stockholders as the System Consolidation of Operations project, or SCO for short, overall an effort to draw together their product line for more clarity to consumers.

Re:Phoenix has also announced

[RealProgrammer]

In other news, AOL/TimeWarner (TWX) has sued Microsoft (MSFT) over the use of the word "Longhorn", claiming it interferes with recognition of their "Longhorn Leghorn" character.

A source at AOL/TimeWarner, speaking on condition of anonymity, said "They're trying to choke our chicken, and not doing it very well."

Here comes the Lock-In

[FunWithHeadlines]

Remember, folks, this is another step in Microsoft's plan to lock in users to Windows [zdnet.co.uk]. As noted in this Groklaw article [groklaw.net], a number of questions are raised about these Phoenix plans:

"Will there be Windows-specific APIs in the BIOS? Are they available to other operating systems? Are these APIs cryptographically hidden from reverse engineering? Legally, do these APIs belong to Microsoft or to Phoenix? Is this a loophole with respects to the anti-trust settlement? This raises a lot of questions about the ability of hardware that includes this new Phoenix BIOS to run non-Microsoft operating systems. Would they run? Would they be crippled it they run? Would Microsoft customers switching to Linux have to change hardware as well, if their PCs run this BIOS? "

Tread very carefully.

Re:Here comes the Lock-In

[leifm]

"To be honest, I haven't heard from Phoenix Technologies for over five years," Gates said. "Are they still in business? The BIOS will always be separated from the operating system. Actually, it's gotten out of date. If you run Windows XP, it calls very little of the BIOS."

Rest of article here [theregister.co.uk]

Re:Here comes the Lock-In

[FunWithHeadlines]

Interesting article; thanks for posting it. Of course Gates is also quoted in that article as saying, "We invented personal computing." So clearly he doesn't have all his facts straight.

Re:Here comes the Lock-In

[leifm]

True, my point is just that Phoenix seems to be blowing their own horn here more than anything, it doesn't seem that this is a vast MS conspiracy as everyone thought at first.

And Gates seems to equate popularizing and market domination with inventing, dunno why.

Useless layer of crap.

[aardvaark]

This is braindead. Introducing a huge layer of complexity between the OS and hardware etc. Really the job of the BIOS should be to do as little as necessary and then hand things off to the OS. Does a BIOS truly need a TCP/IP stack? Perhaps it is time to put a bit more effort in to linuxBIOS [linuxbios.org].

Re:Useless layer of crap.

[The One KEA]

Then go and build a sacrifical computer and try to make LinuxBIOS work. If it works, tell the developers.

Someday I'd like to try to play with LinuxBIOS, but I don't have any sacrifical hardware, unfortunately.

Re:Useless layer of crap.

[epiphani]

I completely disagree. What should be taking place is using the BIOS as a compatibility layer between the hardware and the OS, in such a way that any hardware plugged into the system was provided to the OS through a consistant API.

But thats not what they're doing. I think a large part of this is, however, a logical direction to take the BIOS. We already have ethernet cards that are aware of the network at the hardware level. Putting more and more of the OSI model into the hardware is what has been happ

How about ...

[phoxix]

letting my BIOS do one thing and do it well ?

Embedded TCP/IP ? Huh ? Now I'm going to get hacked on the hardware level ?

Sunny Dubey

Prior art

[boatboy]

CSS is taken [w3.org] and is already confused by many a begining developer with eXtensible Stylesheet Language [w3.org]. Name it BIOS.NET instead.

great, more viruses!

[Saint Stephen]

Most of the viruses lately have been of the email-you-are-dumb variety. I'd been wondering where all the excellent boot sector and hardware level viruses of the 1980s and early 1990s had gotten to.

I couldn't stand yet-another I-love-you clone. I want some real destruction!

Re:great, more viruses!

[Jarnis]

The x86 assembly language skillz of your average skript kiddie/virus 'coder' is nowdays almost non-existing. When your virus is developed using visual basic, it kinda limits your ability to cause havoc...

new BIOS features are a waste of time.

[ripcrd]

This is going to end up just like BIOS based Virus detection. To get anything to install on your computer you will have to reboot, enter the BIOS and turn this feature off and then enter the OS and install your app. How many of those BIOS virus protection features get turned back on after the first couple of times having to hassle with it?

If Phoenix thinks companies are going to pay for the digital certificate creation or whatever is needed to be able to install their app then they are mistaken. They should ask Microsoft how many software companies get them and keep them up to date. How many hardware vendors have gotten digital certs. on their drivers? Not many. As it is, we put the driver disk in that came w/ the hardware and move on. Or we download the latest driver from the net, install it and move on.

Just post md5 sums on the website w/ the driver and software downloads. Microsoft should build a simple MD5 sum checker that can be loaded from Windowsupdate. That would be the BEST thing they could do for security.

YMMV and if you break it, you get to keep both parts.

Re:

[account_deleted]

Comment removed based on user account deletion

Where is the Kitchen Sink?

[Kindaian]

I want a kitchen sink included in the BIOS!!!

Really... why not scrap all that and add a JVM instead... That at least would be usefull...

Your Vision is Cloudy

[Anonymous Coward]

I think people are really, really missing something here with all the Microsoft hate. If this product does what it says it will, and does it well, it is a major step up for the x86 server.

I've always enjoyed the way Sun systems are designed for remote managability, same with HP's PA-RISC servers and workstations as well and IBM's Power offerings. Sun's is the one I've had the most experiece with and it rocks. Networking booting into single user mode when your disks or file systems go bad, doing hardware

There's more to x86 than clone boxes

[dido]

I suppose you've never tried running Linux on any non-clone x86 box right? The BIOSes on the HP/Compaq blade and DL-series enterprise servers are pretty advanced. While the iLO (integrated lights out) feature on the Compaq BIOS is not perfect (it's too damn slow for one, especially when your console goes to graphics mode), it almost gives you a fully functional console over a 100 MBps Ethernet link. In fact, this is the only way to access the console on a BL20p or similar blade server. Basically the onl

TCP/IP - iSCSI?

[crow]

If there's TCP/IP support in the BIOS, how much of a step would it be to have support for booting iSCSI?

I believe that there's a lot of intest in diskless PCs in the corporate environment (with the storage on large storage servers). There are huge advantages in system administration possible with such a setup, not to mention better environmentals in the workspace.

Re:TCP/IP - iSCSI?

[swb]

There's already rudimentary IP support in many NICs that can boot off the network. It's mostly a DHCP client that grabs a more defined boot image, but there's a lot of good reasons for wanting a better environment in firmware on PCs, including NICs -- how about being able to mount disks, or dd images across a network without ANY OS, and without a DHCP server or other helper to deliver a boot image?

I don't think it'd ever be a total operating environment, and the BIOS code is shelved by the time the machine

Hmmmm.

[Dun Malg]

If they put in the capability of BIOS flashing over TCP/IP, we may see our first OS-agnostic x86 virus. Would that be nasty, or what.

viruses???

[Pompatus]

Here's the problem I see with this type of advanced bios. How long will it be until a virus is written that exploits bios code? Imagine the horror of having to flash your bios to rid yourself of the latest internet worm.

Do these people remember that BIOS stands for Basic Input-Output System? It is designed to be the foundation of the computer system, not the latest futile gesture to stop piracy.

I give the "security features" 6 months to get hacked, and then all we are left with security holes and bugs that could theoretically destroy hardware. This is progress?????

Re:viruses???

[Maul]

I agree. BIOS should be left as simple and solid as can be. Adding a crapload of features increases the risk of something going amuck, and it wouldn't surprise me if exactly what you predict happens in the future.

Re:viruses???

[mydigitalself]

is something like TCP/IP not part of the "foundation" upon which computing is depedant these days?

BIOS-OS

[mikeburke]

I won't be happy until my bios comes with a relational database, skinnable 3d windowing environment and a full J2EE stack.

In addition, I should be able to download bug fixes, new features and skinds from a website, call it biosupdate.com

Come on Phoenix, listen to your customers!

the hacker dictionary says

[Delphix]

extensible- ik-'sten(t)-s&-b&l adj. capable of being extended, exploitable.
see synonym: insecure.

I'm waiting for... the real McCoy

[fruey]

I'm just waiting for the article where someone hacks one of these BIOSes to be a self contained web server serving off a ramdisk using just low level BIOS calls and the inbuilt TCP/IP stack.

Seeing that take a slashdotting is what we're really interested in... totally in the spirit of slash (TM)

Opportunity for Open Source Firmware

[randall_burns]

I tend to think that there is room for more stuff to be done in a PC's firmware. I know the bios on older Sun's was a lot smarter than anything in the PC world. I also think it will be a serious problem for Microsoft to try to do anything that departs from the older BIOS standard in a way that gets in the way of stuff folks are used to doing on conventional PC's. I also think that BIOS is a natural area for Open Source solutions simply because the low end motherboard market is so price sensitive.

I would personally like firmware on motherboards that made stuff like installing linux accross a network and configuring dual boot machines a little easier-particularly for novices.

Sacrificing the Windows Tax?

[harangutan]

Historically Microsoft has made a certain amount of money from people who who didn't want their software, simply because there was no way to buy the computer they wanted (this is particularly common with laptops) without windows preinstalled.

But when the day comes, if it comes, that PCs require this sort of open-source-unfriendly BIOS in order to run windows, Linux (or whatever) users will not buy Windows-compatible PCs, and hence, won't be giving $95/unit to Bill anymore. Speed the day, if you ask me.

Grasping at Relevancy

[jeddak]

Seems to me this whole plan is merely an attempt by Phoenix to make their product more desirable by throwing more features into it. We've seen this pattern before with disk controllers, disk drives, network cards, motherboards, monitors, keyboards, mice, etc.

Unfortunately for them, aside from Microsoft's "let's integrate security with hardware" gambit, the trend has been to rely less and less on the BIOS.

Sorry, I don't really want my BIOS to do any more than get my machine started up, thank you very much.

Let Phoenix Know!

[jon3k]

It could set a good example for other BIOS developers if Phoenix retracts their decision and removes CSS from their BIOS. Please send them an email and let them know of your opinion. Whether or not you use, or would use Phoenix products, lets let other manufacturers know we won't stand for this type of activity.

http://www.phoenix.com/en/about+phoenix/contact+ us /

To: americas_sales@phoenix.com
Subject: Phoenix CSS BIOS

Just wanted to let you know ahead of time, that I won't be purchasing any product that includes your CSS BIOS, and I will go out of my way to avoid it. I will also make sure that any product recommendations that I make to my current employer will not include your BIOS. Just thought I'd let you know of my opinion, as a consumer, and someone who's owned motherboards with Phoenix BIOS in the past. I hope you reverse your decision, until then, I'll shop elsewhere.

Thanks for your time, and consideration on this matter.

Jon

Smallest Linux Ever

[Dun Malg]

I can't wait for the first flashable Linux-on-BIOS distro. Of course, the DRM system probably won't allow it.

It won't work.

[Noryungi]

Why is DRM doomed?

Because somebody, somewhere, especially in developing countries (think China, here) will realize they could make a mint seeling computers that are not DRM-compliant, or with a DRM compliance that can be circumvented easily by the user.

Here is a true example: when DVDs came out, they were all locked by geographical zones. Then an economic cirisi struck asian countries.

Pressed for cash, enterprising Korean chaebol decided it was more profitable to turn a blind eye when users published wor

"Intrinsic security"...

[3Suns]

Phoenix d-NA will incorporate a new class of Windows-advantaged components that leverage the Microsoft CryptoAPI (CAPI) to provide unprecedented trust and intrinsic security for systems running Windows and .NET applications.

"Trust us... it's secure, for your own good. Never mind that we've locked out all unapproved applications (read: open-source and anyone who doesn't kowtow to MS) including ones that you've compiled yourself with any compiler other than Visual Studio .NET with an MSDN subscription.

Closed hardware

[cybermace5]

There's no reason to do this. This is actually not hardware, this is just preinstalled software that you have no choice or control over.

Network functions in-BIOS? Remote manageability? Woohoo. Finally, the Feds will be able to control and spy on your computer with all the ease they are accustomed to with the telephone system.

Thank you very much, but I define "hardware" as the silicon I bought, and "software" to be program information that I can choose to run on that hardware. There is no reason to force a

New CSS Bacronyms Needed

[Random BedHead Ed]

... the company calls "core system software" ... As defined by Phoenix, CSS is a new category of core system firmware ...

So now we have the Content Scrambling System for DVDs, Cascading Stylesheets for HTML and Core System Software for the BIOS. Anyone else got any?

I think it's about time that we create an industry standards group to create and clarify technologies that use CSS as their initials. We could call it the CSS Standards Syndicate (CSS).

Crypto API != DRM

[MadMirko]

Crypto API [microsoft.com] is designed to give your applications a consistent and secure way to encrypt data by asymetric encryption. Support in hardware is designed to speed this process up.

It might be used instead of PGP to encrypt your home directory, you can use it to securely communicate over networks, you can use it to generate great passwords.

That it's there is a good thing (tm), but someone might use it to keep stuff from you.

"Welcome to the real world".

This isn't new....

[The_K4]

Intel [intel.com] has been working on EFI [intel.com] since 1998. This is just a rip off of that.

Bah... they can try

[ymenager]

They can try all they... they can put all the DRM in the hardware, slap people with the DMCA if they try to work around it, that will only succeed in the doing 2 things:

1) [maybe] Raise awareness of the evil of the DMCA, and finally get it reversed.

2) [surely] Give huge competitive advantages to foreign companies that will start selling non-DRM enabled hardware.

Nowadays, how many MP3 players do you see out there, and how many proprietary DRM-Only players can you find ?

Also, how many non-US governments will tolerate having their hardware totally locked and at the mercy of an US corporation ?

A novel, cool idea ?

[makapuf]

It really seems that a BIOS comes down to two things here :

- Some mobo specific code (incl boot configuraion)
- a small, instant-on OS.

Why not CLEARLY SEPARATE the two ? Imagine the hacking possibilities ! After all, it would need some basic tailoring of the OS but cross-compiling a propoer kernel could take care of that. After all, custom kernels in x86 binary code is not exactly new !

A lean, instant on OS, user downloadable (without messing with scary & dangerous mobo specific - the real BIOS) with

No New Computers Soon

[johnos]

I am starting to think that the Athlon 64 I'm going to buy(when the price comes down a bit) may be my last CPU purchase for many years. Later board/chip combos look increasingly scary. Watch for a brisk underground economy develop for the last generations of DRM, TCP and MS free technology. It won't be much of a hardship. I can play games now at 1280x1024 in 32bit. By the time the curtain comes down, I'll be able to play them with anti-aliasing as well. Nothing else I have ever done (including voice recognition) needed the kind of horsepower required by Unreal Tournament 2003. If my computer can play that, its going to be a looooong time until I buy another.

OpenFirmware

[leandrod]

As usual, the ideal solution would be free firmware, but a big step forward would be the adoption of OpenFirmware, a Forth-based open standard already used in Alphas, Sparcs and Powers.

BIOS = OS?

[gone.fishing]

With the number of features and calls that they are adding, their BIOS is getting close to being an operating system. Frankly, I see this as a good thing for Open Source.

The BIOS does not need to be "open" in order for Open Source to take advantage of this. By necessity they will have to publish their calls and protocols to allow the BIOS to be as effective as it can be. Using this information, Opne Source projects can have direct access to this "mini-os" and be able to build whatever they please around it.

Will this spell the end for Windows? I doubt it. But it may help level the playing field a bit.

Who is in control

[old-lady-whispering-]

There is no need to fear this. This is just a matter of Phoenix proving a market trend. Either the proof will be true or false in the end. Which brings me to this point "who is in control?" and I say whomever has possesion of a thing controls it. We will have physical possesion of the hardware thus we will ultimately be the most powerful factor in this market. We can exersise this power or not. Those of you who have been around long enough will remember the days when you could buy your bios separtely from your motherboard or gasp program your own. This happens all the time in the embedded industry (not as much as it use to though). So if the market is unfavorable to Phoenix's new bios and unsavory locks on our hardware we can always roll our own. Nay you say? Well I offer up these links for you to browse. Free the bios [sourceforge.net] open the bios [openbios.info]

Re:Yet more acronomic duplication...

[Anonymous Coward]

Its only to muck with the Slashdot editors. They might have to actually read to see which "DeCSS" the story is talking about before posting a dupe.

Re:All I want is a BIOS that doesn't suck

[idiotnot]

It would require big changes to the PC architecture. That brand spankin' new AMD64 will boot DOS3.3 from a floppy, no problem. How many 10 year-old unix machines had to worry about booting a 16-bit real-mode OS that expected the serial ports to be on IRQ 3 and 4?

I always get a chuckle when people talk about Apple using Intel or AMD x86 chips. If Apple ever switched to x86 (and I hope they don't PPC is a great platform...using one *right now*), the resulting machine would be nothing like the eMachines PO