Phoenix BIOS Phones Home?
Posted by
michael
on Wed Jun 20, 2001 03:28 AM
from the BIOS-flashing-suddenly-more-popular dept.
from the BIOS-flashing-suddenly-more-popular dept.
Myrv writes: "There is an interesting thread over at DSL Reports discussing Phoenix Technologies new BIOS. This BIOS contains the PhoenixNet Internet Launch System . ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System. When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs. It's 3 a.m., do you know who your motherboard's talking to????" We've gotten a couple of submissions about this - another submitter pointed out this thread and this description by Phoenix. Phoenix has apparently been kicking this idea around for a while - see this old Slashdot story. Does anyone have any more information?
This discussion has been archived.
No new comments can be posted.
Phoenix BIOS Phones Home?
|
Log In/Create an Account
| Top
| 149 comments
(Spill at 50!) | Index Only
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
|
2
(1)
|
2
The only safe computer is an unplugged computer. (Score:5)
The following venders have signed up: AOpen, Chaintech, ECS, EpoX, Giga-Byte, Jetway, Legend-QDI, MSI, Soltek and Zida. Notice no ABit
<possible troll> (but I don't think so...)
It was interesting to read in that thread also, that this could bypass the OS level networking code, and use it's own stuff. I don't think I could imagine the destruction that would be cause by millions of PCs with a backdoor/hole/bug in their firmware, that could easily be remotely exploited. If you thought DDOS attacks were bad now, you ain't seen nothing yet.
</possible troll>
I didn't notice anything about being able to actually turn this off in the BIOS. There is allready talk of using a hex editor to disable it... Just what we need, buggy roms because the vendor does what people don't want.
OpenBIOS / LinuxBIOS (Score:3)
The LinuxBIOS project [lanl.gov] (http://www.acl.lanl.gov/linuxbios/) looks more promising (originally covered in this slashdot article [slashdot.org]
Inevitable progression (Score:4)
With tux running in the kernel, it was only a matter of time before we had the next step: web server in the BIOS.
I smell innovation. Thanks Phoenix!
< tofuhead >
--
It is not automatic (Score:5)
Unless you activate it within the bios "phoenixNet-enabled PC" and agree to their ISP partnery, you never hear a word from the program. It sits quitely on your bios and never contacts the mothership
Also from my mother board manual:
1. User reads system information from graphic launch screen
2. User registers MS Windows and completes MS OOBE.
3. User accepts/Rejects PhoenixNet service
4. User accepts/Rejects PhoenixNet ISP Partnery
5. PhoenixNet and ISP icon appear on desktop.
IBM's been doing this for years (Score:3)
Some machines require this data to be in the database so that hardware engineers can enable upgrades on your system. For example, you can get an S/390 with some of the processors turned off and it'll cost you less. Then, if you expect processing to hit a peak (Like, around Christmas maybe, if you're a retail outlet) you can pay IBM some money and they'll enable the other processors for a limited period of time. Several of the disk array products work the same way. You can buy an 11 terabyte array and only want to use 1 terabyte of it. You can turn on more disk storage as you need it and you get billed for the extra storage as you turn it on. If the machine doesn't report back when it's supposed to, a friendly IBM CE will visit to repair your defective device. I don't know what those guys bill out at. Used to be $120 an hour.
Unlike the desktop segment of the population, IBM and its customers view this as business as usual, allowing IBM to deliver faster and better service to the customer. Sure it means IBM has more control over the system than it otherwise would have, but the customers often don't want to be bothered with the thing anyway. They just want it to work. They're paying a premium for just this feature as well as the IBM brand name.
Really very dangerous! (Score:5)
I doubt this is beyond the realms of possibility, and once some clever hack has figured out how to do it the skript kiddeez will soon get hold of it. Hell, maybe it could even be tagged onto a VB app and turned into an Outlook worm - cue millions of cracked boxen that can only be made safe by flashing the BIOS, and how many regular (i.e. non /. visiting) users have the first idea how to do that?
Please someone tell me if I'm just scaremongering here (and give details), but I do genuinely believe this is a problem waiting to happen.
Here's How To Disable It. (Score:3)
Easiest way is to not run windows.
But if you must, here's how to remove it. Uninstall Phoenix net in the windows, and in the bios change Phoenix net from installed = yes to No.
Phoenix net is installed when you install the drivers from the motherboard and you go with the defaults rather then choosing your own options.
From the manual (Score:4)
4.1 PhoenixNet Introduction
PhoenixNet is a service that provides PC users with best-of-breed, free, software services to support their PC hardware and software and to turn their computer into a powerful tool for communication,entertainment, education and business.
4.1.1 Internet Launch System The PhoenixNet Internet Launch System (ILS) is a patent-pending technology built into the firmware to enable online PC users worldwide to communicate with PhoenixNet and to receive the free PhoenixNet services. ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System.
4.1.2 PhoenixNet Online Services When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services from PhoenixNet's Internet Partners. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs.
Why They Do It (Score:3)
Microsoft has placed very strict limits on what customizations vendors can do on systems before they ship. Microsoft wants Windows to control the horizontal and the vertical. Well, there's another player in town with a pretty large market share, and the tactical high-ground: Phoenix. The BIOS rules the machine, not Windows. I'm positive that this feature was requested by the systems vendors, and it's just a case of them fighting back against one of their suppliers who has gotten a bit too pushy.
"Theft of services" (Score:3)
steve
Funny story about this... (Score:4)
I wasn't sure I wanted to post this, because it could possibly give away my "secret identity", but...
A friend of mine is reasonably high up at Phoenix. He had been working on a "secret project" that he wouldn't tell me anything about, but he told me that it was going to be big. Of course, I badgered him for information, but he wouldn't tell.
Well, I had lunch with him one day not long after PhoenixNet was announced. I asked him, "so what's up with this PhoenixNet thing?" He replied, "what do you think of it?"
I then went on to totally trash the idea, saying why it wouldn't work, that people wouldn't stand for their BIOS downloading advertising, on and on. I railed on for quite a while. I might've even called it a "stupid idea".
Then I said, "hey wait a minute... is this the secret project you've been working on??"
He said, "Yes. It was my idea."
Oops. I kind of grinned sheepishly. Huge case of "open mouth, insert foot."
--
BIOS spying on you (Score:5)
This is bios level spying and advertising, even from Phoenix's partners. I think most users will not even know it is installed (by default). The only way to get rid of it is flashing your bios, which is quite a dangerous operation for the common user
BOFHism.... (Score:4)
clickity-click
Oh dear, looks like your hard drive has been disabled. No, I can't fix it from here, but I have a friend who lives by you and could fix it in his spare time, he charges about $200/hr. Uh-oh, looks like one of your RAM chips just went!
This is due to Microsoft monopoly (Score:4)
Remember the Microsoft anti-trust trial? One detail that emerged was that Microsoft does not permit OEMs to perform modifications to the desktop, startup sequence, etc. This means that the OEMs can't give the user a "custom experience" or differentiate their machine from others using Microsoft's software.
This Phoenix BIOS trick lets OEMs skirt the Microsoft OEM license by performing the customization after the user has the machine.
So, in one way, I say "kudos" to Phoenix for figuring out how to subvert Microsoft's restrictive OEM licensing agreements in this way.
On the other hand, I'd like to understand more technical details of the feature, whether it could bite me while I'm trying to use Linux, etc. Has anybody turned up relevant patents?
Another good (safe) summary of PhoenixNet (Score:5)
It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org [cexx.org] (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention [cexx.org].)
Yet another reason... (Score:4)