Battle brews over unlocking PC secrets

[LVCapo]

As computer makers move to embed security features deep within PCs, a fight is erupting over a rarely noticed but crucial piece of system software.

The construction and installation of the BIOS--the basic input/output system that underlies all other applications--are closely guarded by a small number of PC makers, such as Dell, and speciality BIOS programming companies for hire.

Now, for the first time, some critics want to force the industry to abandon its hallmark secrecy. As the BIOS becomes more powerful, these critics argue, consumers must be allowed to freely develop their own alternatives to ensure that they keep control of their devices--and that means they need unfettered access to information.

"We need a free BIOS, because if we don't control the BIOS we don't control our computers," said Richard Stallman, president of the Free Software Foundation, a Boston-based organization dedicated to promoting the use, modification and redistribution of computer programs. "It puts me in an ethically compromised position to have a nonfree program in my machine."

The free-BIOS initiative comes at a time when the BIOS is undergoing the first major change in its history--a transition from software based on machine code to a new framework dubbed the Extensible Firmware Interface, or EFI. At the same time, efforts to secure PCs through hardware-based defenses are leading critics like Stallman to warn of a pending loss of consumer control over their devices.

The FSF has spearheaded numerous campaigns lobbying for greater consumer control over software. The group now plans to mount a campaign to open up specifications required to write BIOSes. The change that Stallman advocates would let people install, modify and redistribute BIOS software--although not necessarily free of charge. Significantly, that would allow people to circumvent some pending security enhancements, including digital-rights management features aiming to prevent unauthorized use of confidential corporate documents and other copyrighted materials.

If the operating system is the equivalent of a computer's brain, then the BIOS might be compared to the medula oblongata, the place where the brain meets the spine. The most primitive reflexes are governed here, well below the level of conscious thought. Typically, the BIOS announces its presence on start-up via flashing lights and whirring drives as it prepares a machine to receive higher-level instructions from its operating system.

Given the closely held nature of the BIOS business, Stallman and his foundation are likely to face resistance from hardware and BIOS makers. Many already contend that creating free BIOS software just for the sake of its being free has limited value to computer users. Executives at BIOS makers and chip giant Intel argue instead that today's tightly controlled model helps maintain PCs' security and stability, and fosters competition by protecting companies' intellectual property.

"Neither you nor I, as a user of a computer, has any reason to change the BIOS...unless it's broken," said Jonathan Joseph, chief executive of BIOS maker Insyde Software. "You're not going to type any faster in (Microsoft) Word because you have a new BIOS. The only thing you hide in BIOS is broken hardware."

Others say that a very good reason to keep the BIOS closely held is to defend against hackers.

"The one thing we have to worry about first is security. What do you think would happen if there was a virus that started reflashing," or rewriting, BIOS software, said Mike Goldgof, senior vice president of marketing at Phoenix Technologies. "If it ever happened on a large scale, I think a lot of PCs would start turning into bricks. What people take for granted...is the reliability of the (BIOS) firmware today."

Intel has proposed a middle ground of sorts by opensourcing technology it calls Tiano. Tiano is its implementation of a framework for creating a BIOS

http://news.com.com/Battle+brews+over+u ... g=nefd.pop

[gvblake22]

Ok, I just read all that and call me stupid, but I don't really get what all the fuss is about. First, I'm gonna assume that they are just talking about "out-of-the-box" computers like Dell or Gateway or Compaq or whatever. Second, I don't get what they are arguing about because last I checked, you can go into the BIOS on Dells and change BIOS settings and whatnot.

Someone wanna clarify exactly what types of machines we are talking about here and why it is such a big deal??

[Apoptosis]

Anyway... you take a look at the above board and see if you can tell what is missing. Remember what it is and I'll come back to it.

The new Intel boards feature a new BIOS technology called EFI (code named Tiano by Intel) and is all new.

The size of the BIOS went from 4 to 8 megabits and no longer uses the "chip". The new EFI technology will also allow for more features than ever seen before, but with all new technology there are a bunch of small issues right now. For example on the Intel reference board you can't save and exit the BIOS on the last screen because it doesn't save the seetings. You have to hit f10 and then save for it to actually work. One thing LR is good at is working with the companies to fix and add new technologies to the BIOS. LR is currently working with the Intel BIOS development team on new revisions that lower the CPU multiplier and raise the memory voltage. While we don't have as many reviews as some of the bigger sites we are always working on something!

So, did you find out what was missing on the old board? Wait? There is no BIOS chip! No worries it doesn't need one.

The OLD way:


The BIOS is stored in a new location. The jumper to the right of the above socket is non-functional and is only there for back up. Meaning if the EFI bios that is stored in the SPI fails you can go back to the old chip BIOS. This is the biggest change in BIOS technology in well over 10 years according to Intel.

Where the new BIOS is stored:


Looks like the SPD chip on a memory module eh? SPD -- SPI ?? hum...

Basically I think the article is talking about how Intel developed the new technology on their own in silence. No one else really had a helping hand in development of the technology from the sounds of the article. The BIOS doubling in size means it doubles in power and that makes some people worry about whoever makes it will have it tweaked for them.

Get it?

[gvblake22]

HMMMMM, ok, I guess I see what you're saying. That is pretty sneaky indeed!

[Apoptosis]

I'm amazed how no other site has touched on this in their Intel 955X Express and nVIDIA nForce4 SLI Intel Edition articles. Everyone knows how important the BIOS is and wouldn't having twice the BIOS make people think twice on what they purchase? Intel is the only company shipping EFI/SPI boards right now. I haven't seen any from nVIDIA, VIA, or SIS yet.

[gvblake22]

I agree that it is odd that no one else has mentioned the "super" BIOS's.

But what to these new BIOS's offer to us regular users that the traditional BIOS doesn't? Do end users really need that much BIOS?? I mean, many people already think that the DFI BIOS's are too overwhelming and complicated, let alone one twice that size!

[Apoptosis]

After using the C19 and i955X reference boards i found that the Intel board was much easier to use. It is way to early to tell how it is going to be used by the Tier one makers. A reference board, with a beta bios is one thing. I am waiting on the retail boards from the likes of the tier one makes like ASUS and MSI to see what can be done.

[bliSSter]

The other real rub (and this is what Stallman is getting at), is whether or not BIOS is stored in a chip or in some type of other rom or circuitry, he wants it to be open for anyone to tinker with if they so choose. Not changing settings for overclocking, drive priority, etc., but actually change the system-wide settings in terms of hardware interaction.

"Why the hell would anyone want to mess with the BIOS at that level?" you ask.

Well - if Redmond has their way with things, they're proposing that their DRM would be embedded into a computer's BIOS that could check whether you are authorized to use the system....

Abstracted a bit further, it would be hella easy for MS (or anyone with the right access for that matter) to say, "Oh, this music file doesn't subscribe to our DRM therefore you aren't authorized to access it...or your system because you are using it for illegal activiity." We've all seen how well MS product activation works...imagine if your system went thru a similar procedure on boot.

I personally don't mind nearly as much because thus far, just about every protection scheme available has also been cracked, but Stallman is just coming out and saying, 'Hey - why do we have to just bend over and take however intel/phoenix/MS/etc. decide to lockdown our hardware?' Regardless of what someone may think of Stallman and his criticisms, I for one am glad someone's calling BS over this.

- bliSS

[LVCapo]

I've been trying to get an article done on Tiano for more than 5 months now.....without an ounce of success.
Its so secret, most of the people working around it and with it don't know anything about it!
Hopefullly i'll be able to get something done shortly that will shed some new light on this developing technology......but look at it this way, the BIOS has remained basically unchanged since 1981, thats over 20 yrs of using the same technology. what will the benefits be? What will be the big drawbacks (I'm guessing Intel again will make it harder to manipulate and overclock with Tiano)? Us enthusiasts will end up having to learn a whole new method of tricking and teasing our systems to get every ounce of performance out of them.

[infinitevalence]

8mb means i can load linux and have instant on.

[Apoptosis]

http://www.microsoft.com/technet/prodte ... 63875.mspx

Extensible Firmware Interface
The Extensible Firmware Interface (EFI) can be traced back to the "Intel Boot Initiative" (IBI) program (1998, but see Innovate[2] later in this document)). The EFI specification, developed and maintained by a consortium of companies (including Intel and Microsoft), defines a set of APIs and data structures to be exported by a system's firmware, and to be used by a variety of clients, such as:

EFI device drivers
EFI diagnostics and system utilities
EFI shell
Operating system loaders
Operating systems


EFI aims to be a powerful and modular firmware that is readily extensible, even by (power) users. Some noteworthy aspects of EFI include:

EFI is implementation agnostic.
EFI does not require real mode.
EFI runs in a flat memory model, with the entire address space being addressable.
EFI is written in C. Therefore, it is both easy to write and portable.
EFI does not place a restriction on the total size of option ROMs. EFI drivers can be loaded anywhere in the EFI address space.
EFI aims to replace VGA over time with simple graphics primitives courtesy the Universal Graphics Adapter (UGA).
EFI includes an optional shell that gives the user a lot of freedom and flexibility.
The pre-boot environment provided by EFI has a BSD socket compatible network interface, with a port of the FreeBSD TCP/IPv4 protocol stack.

[Xerxes]

working with 64bit efi can be a huge pain sometimes. the way it sets up disks can cause problems when you need to do repartitioning (especially with ms oses). the main cause of that though is the lack of integrated disk tools like there is supposed to be. Until i have a chance to work with production 32 bit efi boards i'll wait to make a final decision but as it is right now 32bit and 64bit efi boards are horribly slow in boot times. the only feature i like right now is the advanced boot loader that it has.