Microsoft moves to integrate Windows with BIOS

[tomscrabshack]

Originally posted here by catch

The RIAA and MPAA are behind it, so is not only the American government but many other governments world wide.

i believe the riaa is the recording industry association of AMERICA and mpaa is motion picture association of AMERICA So how does this relate to other governments??? Just a question.

[etruscan]

First of all this crap is nothing new. About a year ago I bought a Toshiba laptop w/ my hard-earned money. I was looking forward to installing OpenBSD & Debian on it. Imagine my surprise when I realized that I had no access to BIOS. The only CD that would boot on MY new computer was the OEM XP recovery CD. (Which of course I paid for)

http://www.condorito.org/toshiba/
http://www.microsoft.com/whdc/hwdev/.../legacyIO.mspx

I returned the laptop the next day for a full refund. The guy in Customer Service in CompUSA actually knew what Linux was and he was completely helpful. As a matter of fact I will write a letter/e-mail to Toshiba about this because of you, dear Catch.

I am a fan of Open Source and, you are absolutely right, I hate M$. I mostly use Win2k, which is pirated copy. Before you go off, I can assure you that since the “laptop fiasco”, if I didn't have this pirated copy, I would NOT pay for it. First of all I don't have that kind of money and second it's not worth it.

BUT, Windows is easy to use and why should a doctor (for example) learn to set up a Debian box. (Which I do have).
I am not a information technology historian. I love the new developments in technology but in my everyday use I don't give a **** if Linux kernel is monolithic 70' crap instead of the "edgy" microkernel, and I know enough about OS community to safely assume that they ARE working on it.

The bottom line is that Microsoft does what is good for Microsoft. They will only innovate when it benefits them financially. This monopolistic approach is simply not healthy for information technology and the whole humanity. Open source is free. Stallman’s, Torvalds’ and other’s work has benefits the whole world. And they all have my respect. (In a true old school hacker spirit) That’s why I will always support Open Source. As I said before. M$ … kiss my ass. I will not give my money to any of you. No matter how “good” your software is. There are bigger things at stake here.

[maxim_86ualb2]

""As I said before. M$ … kiss my ass. I will not give my money to any of you. No matter how “good” your software is. There are bigger things at stake here.""

ur right man ............ y should I pay 200+ for a system that I get for free a system that will give me even more stability & controle........

as I c most M$ defenders come from the Us & as I think they have alot of cash...... so they have the ""privaliges"" to own a PC with licenced products.......

I dont have alot of CAsh...... hell all I have now is 10$... I dont work for a corporation.
All I am is a student I have a pc home, I have intrest in programin...... ::tell me how can I afford VB+:: any way here in lebanon any CD is 1$ in ur face M$ & copy rights...

I have made some progs & i have no problem for some 1 taking the code.........& improving it


U ppl in america are so hiporitical...... U wer anti - communist : as in "1" ruling party ,but pro M$ the "1" OS for the pc ::... ur all about freedome while ur president .... said " ....there must be a limite to freedome".......

[etruscan]

just for the record... i live in New York and I'm not from Latvia but Czechoslovakia... still I will not support and perpetuate Corporate monopoly like M$, Look at McDonalds... they huge and succesfull company but you don't see them trying to prevent you from going to Mam & Pop restaurant next door. Yeah, they bombard you w/ advertising but you STILL HAVE A CHOICE. Do you think that I would take my little sister there if they were trying to shove big mac's down my throat. So anytime I see somone post something like: "Accept it! It's inevitable" propaganda, it gives me a warm feeling that I can give away copies of W2000 to my friends for FREE...

[the_JinX]

Originally posted here by etruscan
First of all this crap is nothing new. About a year ago I bought a Toshiba laptop w/ my hard-earned money. I was looking forward to installing OpenBSD & Debian on it. Imagine my surprise when I realized that I had no access to BIOS. The only CD that would boot on MY new computer was the OEM XP recovery CD. (Which of course I paid for)

My Toshiba (5100) wont allow me in on my bios, but pressing the F12 key will give me a "boot device selection" screen..

So no problems installing linux (slack) at all..


To get back on the topic of M$ bios..

c0bra touched the subject

doesn't this mean people will start making viruses that can flash your BIOS and completely erase it or replace it with a custom message this is awful

There allready was one of those virii (CIH) a couple of years ago.. cost me a mobo

But why care if ONE (1) company is willing to make M$ only bios..

There are a couple of mobo manuefacturing companies allready shipping linux with their product.
Even full system builders are starting to "give" linux with their products (as opposed to selling Windows with it)..

Well so far for my lame (drunk) input

[catch]

"Really, you don't propose outlawing the printing press just because
it could potentially be used to illegally print someone else's content."

nicely put!

No, not nicely put, who said anything about making anything illegal? You're both letting your own delusions run away with you.

Yes, you are correct, I do not know much about these systems. Please enlighten all of us.

You ask me to enlighten you, and then splash whatever crap you were able to find on google in two minutes. Odd odd odd.

XTS-300, Wang's Unix-like Secure Trusted Operating Program
quote:
The new XTS workstation is the first such system to run on standard PC hardware. It carries the Wang label and is built on an Intel Corp. 486 50-MHz DX2 processor and commodity PC parts.

This is a very dated description, the STOP system runs on Pentium IIIs in it's latest incarnation and uses physically segregated memory among other things. Control of the bios simplifies this level of memory management.

The Logical Coprocessing Kernel (LOCK) through which SMG ( SNS Mail Guard ) came about. On what systems did this run??

and

SecureOS based on Linux ??

Ah another sign of your ignorance. You posted a link to a document that discusses all of LOCK, SMG, and SecureOS... you posted links but you didn't read the document. Why don't you go back and actually read it? You'll know what systems they run on and that SecureOS is not Linux related.

Oh, and lets not forget TCSEC's A1 criteria
Cost Profile of a Highly Assured, Secure Operating Systemquote:
Project participants noted that formal methods provided a discipline, structure, and system wide perspective to the software design of both projects which helped identify and eliminate numerous potential flaws as designs initially evolved. Nonetheless, the overall experience casts serious doubt on the cost effectiveness of A1 formal assurance.

This just says they are not economical, which is an interesting statement from the company that distributes the fruits of such an attempt. They are however very very secure, which is what you were talking about.

"For security purposes I think the OS should be separate from the BIOS. Period."

Note the utter lack of statements about cost.

These systems you so BOLDLY mentioned seem to run on systems which inherently do NOT allow access to the the BIOS.

If you read the documents, they do not allow USER access to the bios, but the OS is tightly integrated with it.

Back to my “ stupid, illogical comments” Many of the systems which ran your “most secure systems” used at the time jumpers which prevented ANY alterations to the BIOS by programs. And that WAS and IS my point!!

No your comment was "For security purposes I think the OS should be separate from the BIOS. Period." And the systems in question have a tight integration with the bios. Please stop trying to jump your argument from here to there.

Maybe I am in the minority. But you would remove MY freedom because there are others that would abuse the system, and/or because it would make your job easier.

What freedoms do you lose? You are just looking for something to be pissy about, thinking stuff is illegal or people are taking your rights away, neither of these things are true. These Palladium based products will be released, and how are they different than say Mac products? How are they different than buying high end servers from say HP, SUN, or IBM, some of those situations like HP-VV you are not even allowed to maintain your system. Why don't you complain about these as well?
Again how can it be a lose of freedom if you are buying into it? You are buying that product's functionality, if you don't like it stick to transmeta processors or whatever. You argument seems to be that you are mad your pillow won't play DVD's and its inability to infringes on your freedoms. This is of course absurd because when you purchased the pillow, you knew it wouldn't play DVDs, so how is this any different?

I have seen what government entities, left unchecked, will do with peoples' freedom. This intigration of the BIOS and the software could allow others to control ( censor ) everything I do on MY computer.

If you actually think that, then you really again need to do more research. This will ALLOW you to ALLOW them to do things, and you would only ALLOW them if it was made worth your while, but again, no one is forcing it down your throat.

What would be a better approach would be for those that are making the money off the Internet be held more responsible for how they secure it and one's freedom. That includes hardware, software, and provider venues. It will also require some degree of intelligence! Gee, can we legislate this ??

You keep forgetting, companies don't want things to be secure, or of top quality... why do you think that A1 stuff is so cost prohibitive? Because they can never sell enough to make the money back, because people don't want that. They want security they can understand, like virus protection and firewalls. People want freedoms they can understand, like the ability to play legally purchased movies and music on their systems, as well as encrypting things they want to protect. This is basically all your average consumer wants.

Your average company wants to be able to lease software, simplify system managemnt, and have better protections against unwittingly being involved in copyright violations.

You average media company wants to protect it's assests, to offer free trials that don't bite them, and to rent media digitally.

Answer all of these questions better than Palladium and you'll be rich. Sit and bitch about freedom and watch yourself get ignored.

catch

[the_JinX]

Ow and another thing..

seeing the way Xbox-Linux is going, whatever they invent, the OSS community will find a way around it..

So even on that "Microsoft bios" I am sure you can still run linux/bsd without too much of a hassle !!

[IKnowNot]

Catch this is going nowhere. I'll KISS it for you.

First:

You posted a link to a document that discusses all of LOCK, SMG, and SecureOS... you posted links but you didn't read the document

What link were you referring to? You want to talk about links, then ok. How about the link to that totally useless attachment you have in your third post!! An outline to a presentation. That supplied no useful information unless perhaps you attended the presentation, certainly no useful information to a reader here. Did YOU read it?

SecureOS based on Linux ??

Yes, that is a question. What version of SecureOS are you talking about. Did it not run on BSD and was also ported to Linux ? Or am I wrong about that too ?

I ask for enlightenment, you give useless opinion with no substance.

You brought up these other systems, not me.

My question put more simply:
How did these systems you referred to use bios integration that would correspond to the type integration which Palladium, apparently now named “Next Generation Secure Computing Base” (NGSCB), and DRM will use ?

Instead of ranting and calling people ignorant how about trying to educate and teach.
Instead of spewing forth attitudes how about offering facts so readers have something to form their own opinions from.

How is this integration going to help my 70+ year old mother ?
How about my 80 year old father-in-law who uses a couple of custom made databases by small companies with 10,000 plus entries? And more to the point of this thread, will it hurt them?

And last, in keeping with the theme of this site:
COULD this new technology be be misused or corrupted by anyone ( be it government, corporation, virus writer, whatever ) to harm, damage, censor, or otherwise infringe on the rights and privacy of ANY individual?

Unless you or someone else can answer the above questions satisfactorily I will not purchase nor will I recommend to anyone else they purchase any device or software with NGSCB or CSS within, I don't care who is “behind” it.

( KISS “Keep It Simple Stupid” )

[catch]

What link were you referring to?

http://www.securecomputing.com/pdf/lockcost.pdf
That link, that you posted which discusses the architecture and hardware integration involved in LOCK, SMG and the evolution of SecureOS, which runs Secure Computing's Sidewinder G2 firewall. Don't you read the documents you post?

You want to talk about links, then ok. How about the link to that totally useless attachment you have in your third post!! An outline to a presentation. That supplied no useful information unless perhaps you attended the presentation, certainly no useful information to a reader here. Did YOU read it?

Yes, I did read it and it nicely demonstrates the evolution of windows security and how themes and ideas are shared among systems and which ideas (primarily from Secure and later Trusted XENIX) were unique to Microsoft products. I did not attent any such presentation and the data there in should be easily understood by any student of computer security.

Yes, that is a question. What version of SecureOS are you talking about. Did it not run on BSD and was also ported to Linux ? Or am I wrong about that too ?

This is a little murky to the layman... essentially SecureOS is a kernel that can run linux or BSD work alikes ontop of it, but since the kernel is different it is not in fact Linux/BSD, though I can see how this would be confusing since it is often written as "A secure BSD." Due to the very architecture of BSD/Linux they can never be the basis of high security, high assurance systems. The very core feature of a trusted operating system is the microkernel, which neither the BSD line (modular kernel) or Linux (monolithic kernel) offer.

I ask for enlightenment, you give useless opinion with no substance.

Useless because you fail to read, you just wish to argue, again you failed to comprhend either document in question and you have made it very apparent that you fail to comprehend the YCG guidelines as well.

You brought up these other systems, not me.

Yes, I did as examples of secure systems that utilize hardware/bios integration. Is the logic here still in question in your mind?

How did these systems you referred to use bios integration that would correspond to the type integration which Palladium, apparently now named “Next Generation Secure Computing Base” (NGSCB), and DRM will use ?

You may recall that I did not say LOCK and AITOS, and XTS-300 are just like Palladium, I stated them in a response to: "For security purposes I think the OS should be separate from the BIOS. Period." Which is a blantant inaccuracy and casts a shadow of doubt on everything else you say.

Instead of ranting and calling people ignorant how about trying to educate and teach.
Instead of spewing forth attitudes how about offering facts so readers have something to form their own opinions from.

Firstly, since when did it become my job to educate you? Secondly my posts have been more or less devoid of opinion, just because I state something that is different than what you'd like to hear, does not make it opinion.

How is this integration going to help my 70+ year old mother ?

I have already answered this question above with the discussion of rented digital media, and end to viruses, trojans, and simplistic remote administration (ISP can set your computer up for you) not to mention a vast improvement of plug and play hardware. No more install CDs or anything, literaly just plug it in. Grandma will be happy.

How about my 80 year old father-in-law who uses a couple of custom made databases by small companies with 10,000 plus entries? And more to the point of this thread, will it hurt them?

Perhaps you should read the TCG guidelines as you have so clearly not done. the system will still run all of these this, it will just break the system into two parts, much like NCSC B level systems do, only with less granularity (aka simpler) These parts or levels as it were will be decided as trusted and untrusted. Untrsuted software will still work, for example your pirated mp3s will work, so long as you use an untrusted player and have to click to accept that the untrusted player is exactly that and the untrusted player will not be able to make changes to trusted levels components. If you have trusted mp3 files, they however will not be playable with untrusted software. End result? All of your current media files and your 80 year old dad's DB files will all continue to work _exactly_ as they do now.

And last, in keeping with the theme of this site:
COULD this new technology be be misused or corrupted by anyone ( be it government, corporation, virus writer, whatever ) to harm, damage, censor, or otherwise infringe on the rights and privacy of ANY individual?

No more so than current systems, in fact less so than current systems. As it is now, web sites and streaming media servers can both spy on your cache and see where you've been. (I have documents on this if you are interested) these media attacks will be a thing of the past. The only abilities you'll lose will be to share trusted media. Keep in mind, these abilities can all be disabled as well. It is the goal of the TCG to make this so desirable that people want it. As it is, businesses and novice home users have the most to gain. Users like you and I have the most to lose, which is why it is so important that we be educated in order to make the system (which will extend well beyond our home computers) work for us in a tolerable manner.

catch