Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Battle brews over unlocking PC secrets
CNet News ^ | 5 April 2005 | John G. Spooner

Posted on 04/05/2005 9:06:32 AM PDT by ShadowAce

As computer makers move to embed security features deep within the viscera of PCs, a fight is erupting over the BIOS, a rarely noticed but crucial application that controls a machine before the operating system can take over.

If the operating system is the equivalent of a computer's brain, then the BIOS, or Basic Input Output System, might be compared to the medula oblongata, the place where the brain meets the spine. The most primitive reflexes are governed here, well below the level of conscious thought. Typically, the BIOS announces its presence on start-up by flashing lights and whirring drives as it prepares a machine to receive higher level instructions.

Despite its little-seen role, the BIOS is a vital part of a PC, and its construction and installation are closely guarded by a small number of PC makers, such as Dell, and speciality BIOS programming firms for hire.

What's new:
Details about the basic software that lets your operating system get started are closely guarded. Critics of BIOS secrecy want to force the door open so consumers take charge of their own computers.

Bottom line:
Makers of BIOS software get proprietary information from chipmakers and others. As critics call for free BIOS software, expect those who hold the secrets to try to tighten their grips.

More stories on BIOS

Now, some critics are for the first time seeking to force the industry to abandon its hallmark secrecy. As the BIOS becomes more powerful, these critics argue, consumers must be allowed to freely develop their own alternatives to ensure they keep control of their devices--and that means the industry must open up.

"We need a free BIOS, because if we don't control the BIOS we don't control our computers," said Richard Stallman, president of the Free Software Foundation, a Boston-based organization dedicated to promoting the use of, modification and redistribution of computer programs. "It puts me in an ethically compromised position to have a non-free program in my machine."

The free BIOS initiative comes at a time when the BIOS is undergoing the first major change in its history--a transition from machine code-based BIOS to a new framework dubbed the Extensible Firmware Interface, or EFI. At the same time, efforts to secure PCs through hardware-based defenses are leading critics like Stallman to warn of a pending loss of consumer control over their devices.

The FSF has spearheaded numerous campaigns lobbying for greater consumer control over software. The group now plans to mount a campaign to open up specifications required to write BIOSes. The free BIOS movement that Stallman advocates would let people install, modify and redistribute BIOS software--although not necessarily free of charge. Significantly, that would allow people to circumvent some pending security enhancements, including pending digital-rights management features aiming to prevent unauthorized use of confidential corporate documents and other copyright materials, if they chose to do so.

Given the closely held nature of the BIOS business, Stallman and the FSF are likely to face resistance from hardware and BIOS makers. Many already contend that creating free BIOS software just for the sake of it being free has limited value to computer users. Executives at BIOS makers and Intel argue instead that the tightly controlled BIOS model used today helps maintain PCs' security and stability, as well as foster competition by protecting companies' intellectual property.

"Neither you nor I, as a user of a computer, has any reason to change the BIOS...unless it's broken," said Jonathan Joseph, CEO of BIOS maker Insyde Software. "You're not going to type any faster in (Microsoft) Word because you have a new BIOS. The only thing you hide in BIOS is broken hardware."

Others cite guarding against hackers as a reason to keep BIOS closely held.

"The one thing we have to worry about first is security. What do you think would happen if there was a virus that started reflashing PCs" BIOS software, said Mike Goldgof, senior vice president of marketing at Phoenix Technologies. "If it ever happened on a large scale, I think a lot of PCs would start turning into bricks. What people take for granted...is the reliability of the (BIOS) firmware today."

Intel, for its part, has proposed a middle ground of sorts by open sourcing technology it calls Tiano. Tiano is its implementation of a framework for creating a BIOS replacement, with its own set of drivers to turn on elements of the PC such as the processor, based on EFI. Committing it to open source means others will be able to download it from a Web site called TianoCore.org and use it to make products under the Berkley Software Distribution, or BSD, license. The BSD will allow anyone who uses it to change it and create products out of it. But it does not require they provide the changes they made to others via open source, which provides the means to help companies protect intellectual property.

The effort by Intel creates a framework for a BIOS replacement, and thus could become the basis for free BIOSes. But it leaves the work of writing the code that initializes PC components to the downloader. One licensee likened it to having to build a race car. Intel, he said, provides race rules and the car's frame but leaves licensees to do their own engine, suspension, body work and other elements if they want to enter a race.

'Evil' companies?

Stallman argues instead that Intel is not doing enough and BIOS makers are not needed. Instead, he wants information.

"We're not wanting to do anything with the BIOSes from Phoenix or any of the others," he said. "We're not asking them to do anything, any more than we're asking Microsoft to do anything. These (companies) are evil. You can't expect them to do anything just because you ask them to. Our goal is to escape from them."

Thus, the free BIOS effort, as Stallman sees it happening, will essentially bypass traditional BIOS makers and instead focus on appealing to hardware manufacturers. The campaign will ask those companies, including PC makers and motherboard makers, to make available specifications on their products to allow free software writers to create BIOSes for them.

Stallman also dismisses rebuttals that free BIOS would compromise a PC's security, stability or reveal companies' proprietary chip, motherboard or other product information.

"Each one could be saying, 'If the others knew what we were doing, it would help them tremendously.' It might be true in a few cases, but it's impossible in all cases," Stallman said. "They can't all be sitting on secrets that are beyond the ken of their competitors. They can't all be the ones that know more than everybody else."

Moreover, detailed chip and motherboard information will not be required to create a free BIOS, he said. Instead, free BIOS makers would need access to closely held instructions, such as how a BIOS loads and how it initializes various devices inside a PC.

A free BIOS would also help circumvent, if necessary, digital-rights management, allowing people to run any software they choose on their PCs. In theory, the BIOS can be used to aid security technology, as it initializes hardware such as security chips.

Although BIOS makers and Intel say the BIOS' role is limited to helping get those elements of a system up and running along with the rest of it, a BIOS writer could write around them in order to shut them off, if needed, Stallman said.

"DRM is theft," he said. "The idea of the free software movement is you should be in control of your own computer. Treacherous competing (his term for so-called trusted computing) is a scheme to make sure you're not in control."

Ultimately, the free BIOS would emulate software such as the LinuxBIOS-- a free BIOS that's already in existence for Linux, but does not work with a large number of PCs--on a much broader scale.

"It's generally known that free software is very secure and very reliable," Stallman said. "If there's a bug in the BIOS, the only thing that will happen is some part of your machine won't work and that bug would be quite noticeable and it would be fixed, presuming that the information was available."

But that's the rub. Detailed specifications on cutting-edge PC hardware may be tough to come by. The information given to BIOS makers now is granted under nondisclosure and it's not clear whether companies such as Intel, PC makers like Dell, or motherboard makers would reveal even a little bit of information.

"You'd need to know the confidential information about the chips to write" a free BIOS, Insyde Software's Joseph said. Right now, "that info is only available on old hardware that nobody really cares about anymore."

That, however, won't stop Stallman from asking.


TOPICS: Business/Economy; Culture/Society; Technical
KEYWORDS: bios; computers; free
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-70 next last

1 posted on 04/05/2005 9:06:34 AM PDT by ShadowAce
[ Post Reply | Private Reply | View Replies]

To: rdb3; chance33_98; Calvinist_Dark_Lord; Bush2000; PenguinWry; GodGunsandGuts; CyberCowboy777; ...

2 posted on 04/05/2005 9:07:24 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
BS.

BIOS should be treated as hardware. For stability it must remain unchangeable, though configurable.

After all, the so-called chips in your computer have microcode which controls their internal functions. Must that also be accessible to hackers just because it is software ?

End of issue.


BUMP

3 posted on 04/05/2005 9:12:56 AM PDT by tm22721
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
"It's generally known that free software is very secure and very reliable," Stallman said.

Ha. Ha. Ha. That's why we're all still running sendmail, right, because of how secure and stable it is.

Anyway, enough cheap shots - Stallman's problem is that he wants to divorce one part of the hardware from another, and surprise, surprise, none of the hardware people are willing to oblige. The solution's pretty simple, though - if you find current mobos philosophically objectionable, go build your own, soup to nuts, and make your own BIOS to go with it.

4 posted on 04/05/2005 9:15:41 AM PDT by general_re ("Frantic orthodoxy is never rooted in faith, but in doubt." - Reinhold Niebuhr)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
Related link: OpenBIOS.
5 posted on 04/05/2005 9:16:43 AM PDT by E. Pluribus Unum (Drug prohibition laws help fund terrorism.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
Interesting article. This line sort of jumped out at me

"What do you think would happen if there was a virus that started reflashing PCs" BIOS software"
To say that would suck would be an understatement.


I think we are tooling around with a It's not broke don't fix it situation. The bios cost in a computer is almost hidden from the user. We do notice the OS cost though and other costs of buying a new computer.

Flame alert (for me that is ;))
This is just another thing from the open source movement. Apparently they tried to build an open source BIOS and failed miserably and now they are going to bitch until they get their way.
Let them try and get Intel to release all the required specs to for a BIOS for free. There is nothing that says Intel has to give away the secrets to it's lively hood.
I also doubt they (the guy who wants to start this free bios) will eat the cost of paying for specs or diagrams from all of the hardware manufactures. This guy needs a better idea or a different way to make money.
6 posted on 04/05/2005 9:19:24 AM PDT by tfecw (Vote Democrat, It's easier than working)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

bump


7 posted on 04/05/2005 9:19:38 AM PDT by NW Mike (Proud member of the VRWC since 1972 -- who the hell are you calling 'neo'?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
"The one thing we have to worry about first is security. What do you think would happen if there was a virus that started reflashing PCs" BIOS software, said Mike Goldgof, senior vice president of marketing at Phoenix Technologies. "If it ever happened on a large scale, I think a lot of PCs would start turning into bricks. What people take for granted...is the reliability of the (BIOS) firmware today."

So, Goldgof is prepared to assure us that there will be *no* flashing functionality built in to the closed, DRM-enabled BIOS chips? He's willing to promise that Microsoft and Sony won't want to flash the chips to update their DRM schemes? And he's prepared to guarantee that if that functionality is enabled, that hackers won't exploit those holes?

Please. It's been abundantly proven that closed does not mean secure by any stretch of the imagination. Closed products simply perpetuate undue corporate control over our systems. Stallman may be a socialist, but he's right on this one.

8 posted on 04/05/2005 9:20:10 AM PDT by kezekiel
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

RARELY is there a need to update the BIOS. I see no reason to force BIOS makers to open up their code for all the world to see.


9 posted on 04/05/2005 9:20:19 AM PDT by Lunatic Fringe (North Texas Solutions http://ntxsolutions.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tfecw
This is just another thing from the open source movement. Apparently they tried to build an open source BIOS and failed miserably and now they are going to bitch until they get their way.

Oh, really?

10 posted on 04/05/2005 9:21:07 AM PDT by E. Pluribus Unum (Drug prohibition laws help fund terrorism.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: E. Pluribus Unum

Sigh whatever i was refering to the LinuxBIOS mentioned into the article.


11 posted on 04/05/2005 9:23:20 AM PDT by tfecw (Vote Democrat, It's easier than working)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Lunatic Fringe
RARELY is there a need to update the BIOS.

All mainboard manufacturers recommend checking for a BIOS update when you receive a new mainboard and update it if there is.

12 posted on 04/05/2005 9:24:25 AM PDT by E. Pluribus Unum (Drug prohibition laws help fund terrorism.)
[ Post Reply | Private Reply | To 9 | View Replies]

To: ShadowAce

Stallman is indeed a bit of an extremist, but he's right about the necessity of open source BIOS and open hardware archetecture. Without that, Linux and other open source OSs may have a shrinking universe of compatible hardware, because as hardware makers embed "secure" technology in the BIOS, it will become harder and harder to stay compatible.


13 posted on 04/05/2005 9:24:38 AM PDT by B Knotts (Iohannes Paulus II, Requiescat in Pacem.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: tfecw
Sigh whatever i was refering to the LinuxBIOS mentioned into the article.

Sigh, whatever, yourself.

Your statement was that open source BIOS had failed miserably, and I pointed to a link that proved you wrong.

Drama-queen sighing does not change the fact that you were wrong.

14 posted on 04/05/2005 9:26:19 AM PDT by E. Pluribus Unum (Drug prohibition laws help fund terrorism.)
[ Post Reply | Private Reply | To 11 | View Replies]

To: tm22721

"For stability it must remain unchangeable, though configurable."

Amen!

Buggy drivers are bad enough. I can't imagine the support calls for buggy BIOS's.

Customer - "Um hello, support, my PC is going crazy."

Tech Support - "What's the problem?"

Customer - "Well, my CDROM is going in and out, the lights are flashing and the PC speaker is playing Mary had a little lamb and it won't boot."


15 posted on 04/05/2005 9:29:00 AM PDT by TSgt (Extreme vitriol and rancorous replies served daily. - Mike W USAF)
[ Post Reply | Private Reply | To 3 | View Replies]

To: ShadowAce

"Neither you nor I, as a user of a computer, has any reason to change the BIOS...unless it's broken," said Jonathan Joseph, CEO of BIOS maker Insyde Software. "You're not going to type any faster in (Microsoft) Word because you have a new BIOS. The only thing you hide in BIOS is broken hardware."

Others cite guarding against hackers as a reason to keep BIOS closely held.

"The one thing we have to worry about first is security. What do you think would happen if there was a virus that started reflashing PCs" BIOS software, said Mike Goldgof, senior vice president of marketing at Phoenix Technologies. "If it ever happened on a large scale, I think a lot of PCs would start turning into bricks. What people take for granted...is the reliability of the (BIOS) firmware today."

All crap...plenty of smart people fix what the mainboard companies have screwed up...and there are already virii that reflash you bios...


16 posted on 04/05/2005 9:30:11 AM PDT by MD_Willington_1976
[ Post Reply | Private Reply | To 1 | View Replies]

To: Lunatic Fringe
RARELY is there a need to update the BIOS.

Well that statement is not even close to being accurate, but it's still not a reason to to expose proprietary information.

17 posted on 04/05/2005 9:31:29 AM PDT by Ranxerox
[ Post Reply | Private Reply | To 9 | View Replies]

To: ShadowAce

Without a closed BIOS, Microsoft and others won't be able to foist off their Palladium crap or whatever it is called, to us.


18 posted on 04/05/2005 9:33:10 AM PDT by ikka
[ Post Reply | Private Reply | To 1 | View Replies]

To: E. Pluribus Unum
"Your statement was that open source BIOS had failed miserably, "
Yes it was. as was reference by the article. Just like i said.

"and I pointed to a link that proved you wrong. "

Yup and i didn't dispute that.

"Drama-queen sighing does not change the fact that you were wrong."
Now your an asshat chief. Keep your attacks to yourself, or is that all you can do? Never mind don't answer, I'm done with you.
19 posted on 04/05/2005 9:33:47 AM PDT by tfecw (Vote Democrat, It's easier than working)
[ Post Reply | Private Reply | To 14 | View Replies]

To: ShadowAce

I'd bet $20 the hardware makers would move in the other direction. Hardwire everything and make you replace chips to upgrade BIOS.


20 posted on 04/05/2005 9:35:14 AM PDT by Dilbert56
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-70 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson