Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Privacy Your Rights Online

Phoenix BIOS Phones Home? 149

Myrv writes: "There is an interesting thread over at DSL Reports discussing Phoenix Technologies new BIOS. This BIOS contains the PhoenixNet Internet Launch System . ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System. When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs. It's 3 a.m., do you know who your motherboard's talking to????" We've gotten a couple of submissions about this - another submitter pointed out this thread and this description by Phoenix. Phoenix has apparently been kicking this idea around for a while - see this old Slashdot story. Does anyone have any more information?
This discussion has been archived. No new comments can be posted.

Phoenix BIOS Phones Home?

Comments Filter:
  • by Anonymous Coward
    Is this necessarily a bad thing? Chances are that there is going to be an option to disable communication with the PhoenixNet system.

    Even if there isn't an option to disable this, it sounds like this option will only function under Windows systems.

    So why are you worried?
  • by Anonymous Coward
    CP connection to 'www.fuckedcompany.com?query&&name=PhoenixBios&&DA TE=JUNE-20th-2001%7Carticleid=5tup1d4ssh0l3s@www.g atse.cx' failed: Network is unreachable.

    Good ol' ipchains has saved my lunch once again.

  • by Anonymous Coward
    <Tech Support> Yes?
    <User> HELP!!...!!!...!!
    <Tech Support> What?
    <User> HELP!!...!!!...!!
    !!!
    <Tech Support> Could you please elaborate?
    <User> I NEED HELP!!!
    <Tech Support> What do you need help with?!
    <User> I CAN't SAVE!!
    <Tech Support> Why can't you save?
    <User> I CAN'T SAVE MY DOCUMENT!
    <Tech Support> What sort of document is this; what are you doing to save it?
    <User> I LEFT CLICK THE PICTURE OF THE DISK
    <Tech Support> And what happens?
    <User> IT SAYS I'm FORBIDDEN
    <Tech Support> What exactly does it say?
    <User> STUFF
    <Tech Support> Try it again and tell me exactly, ok?
    <User> OK
    <User> It say 505 - FORBIDDEN HTTP://WWW.PHOENIX.COM/SPYNET/WINDOWS/98/USERSAVED OCUMENT.JS?NAME=UNTITLED&TYPE=DOC&BIOS_SERIAL=4438 21965B&SYSCONFIG=76d7e6274835140d08e50094e5e2571&S ENDINFOTO=PHOENIX+MICROSOFT
    <Technical Support> Oh, that's just a little quirk; your BIOS provider is having some trouble with their website.. just try again later; if it doesn't start working in a few days; however, you might try replacing yours with a M$ BIOS; or you might try upgrading to the BIOS PRO(tm) service.

  • by Klaruz ( 734 )
    I doubt it could be done, but it would be very cool. A truely awesome hack. I'd pitch in for some beer for whoever does it.

    I wonder if any motherboard makers are thinking about LinuxBIOS [lanl.gov]...
  • Like i said, it was a possible troll. :) Feel free to just ignore that part of the post.

    I was just pointing out what could happen, if not with this bios, but maybe a future one... You never know... I'd be right there in the riot with you if it ever happened. Kind of an odd comment comming from somebody with an antioffline email address.
  • by Klaruz ( 734 ) on Tuesday June 19, 2001 @11:46PM (#138704)
    According to the thread linked to in the story, if the computer boots up with a cool new screen, it's probobly this new BIOS.

    The following venders have signed up: AOpen, Chaintech, ECS, EpoX, Giga-Byte, Jetway, Legend-QDI, MSI, Soltek and Zida. Notice no ABit :)

    <possible troll> (but I don't think so...)
    It was interesting to read in that thread also, that this could bypass the OS level networking code, and use it's own stuff. I don't think I could imagine the destruction that would be cause by millions of PCs with a backdoor/hole/bug in their firmware, that could easily be remotely exploited. If you thought DDOS attacks were bad now, you ain't seen nothing yet.
    </possible troll>

    I didn't notice anything about being able to actually turn this off in the BIOS. There is allready talk of using a hex editor to disable it... Just what we need, buggy roms because the vendor does what people don't want.
  • Guess that shows how old my computer is! :(
  • Well, according to the thread on DSLReports, when you install the MoBo drivers from CD, it is installed as part of the default install options.

    It sounds like a custom install, skipping the PhoeinixNet stuff would get around it. Someone mentioned uninstalling the PhoenixNet stuff would also fix it.

    Could you imagine how complex it'd have to be to be at the BIOS level only - a TCP/IP stack, network drivers, somehow using the NIC without the OS crapping out. Though, I must agree that the info on the phoenixnet site makes it sound like it is a MB only deal.

    Guess I'll never find out...as now any new MB better have a huge Award sticker on it.
  • And the customers probably know when they are paying that this is a feature, and see it as a reason to go with Big Blue.

    An interesting billing model - the more disk space you use, the more we bill you. I know the 3090 we had in school would call IBM if something bad happened to it (failure, temperature indicators said the room was too hot, lonely)
  • >As for moral and technical issues,
    >they are often ignored by corporations

    As if corps are somehow special because of this behavior. Corps are run by people, and just like people, no, BECAUSE of the people that run them, they have the same failings. If anything, they commit fewer moral transgressions than the equivalent people just because there are some "good" people in the mix that will make efforts to counter the "bad" people.

    There are no "good" nor evil corps. There are however some good and some really, really, evil people, and evil people will do evil things whether they are in a position of power and influence or not.

    Good judgement comes from experience, and experience comes from bad judgement.
  • Just so you don't wonder what a graphics card has to do with hard drive speed: I erroneously typed "Matrox" for "Maxtor".
  • My Soyo motherboard (6BA-III+) has a boot up scren that announces "your computer is PhoenixNet enabled." I think I aquired this feature in a BIOS update that I installed to fix a Matrox related bug. Am I slightly paronoid about PhoenixNet? Yes. Do I reget that I flashed my BIOS, thus "enabling" my computer? No. The bug was rather nasty, reducing hard drive speed to 600 kbs.

    In one of the CSS licenses, one of the clauses essentially bound the licensees to offer "security upgrades" to the user only as part of a enticing upgrade. Thus, the security fixes would get installed along with whatever flshy multimedia "upgrade" a licensee had advertised to the end-user/mark.

    Now, I don't think Soyo delibrately intended to be dishonest, but be prepared to accept bugfixes packaged alongside unwanted (or even malicious) features.

    Of course, if you use open source software, this can be avoided. One does not always have to accept the evil along with the good.
  • How does this work financially? I assume no one would "buy" a computer with disbaled processors or HDs. Are these systems being leased?

    There are some computers you buy with disabled CPUs (IBM does it, and I remember Sun making a press release about it, but I don't know if they do it).

    CPUs have two real costs. One is the cost to fab (build) the CPU, this is a large percent of the low end embedded CPUs and the Celoron type CPUs were cost is a major issue (you can count the cost of the fab plant here). The other cost is the design cost of the CPU. The more CPUs of a given design you sell, the less you have to pay per CPU for this. High volume CPUs like the x86 have very very little design cost per CPU. Low volume CPUs like the POWER3 and UltraSPARC have a much higher per-CPU design cost.

    So IBM and Sun may charge well over $1000 for a CPU that costs them only $100 to build (in real life part of that $1000 is also profit). They can charge $100 for a CPU and not lose money on building it, but if they don't somehow get more money then that they won't manage to design the next CPU.

    They can put extra CPUs in a box for $100 each, and "just" charge you the other $900 (or $1500, or whatever) if you want to use them. Given the price of large IBM and Sun machines a few extra $100 won't be noticed (the small Sun machines are about $1000, so that can't do that!).

    Sun/IBM wins because there is a larger chance that you will buy the extra CPUs given the fast "shipping time". The customers win if they ever need another CPU in a hurry, because it can be "shipped" to them quite quickly. There was some talk that Sun would let you just turn them on and pay on the honer system. I don't know if that happened. If they never use the extra CPUs then they payed a extra few $100 on a multiple $10,000 box, which isn't helping them, but it isn't all that bad for them either.

    It isn't likely to happen to x86 CPUs because the design cost is a much lower part of hte final cost. The profit margins are also lower now that there are two real supplyers (AMD and Intel), so a CPU that sells for $200 can't be thrown in for $20 without someone taking a loss...

  • PhoenixNet does not involve the BIOS somehow directly interfering with your Internet connection. That would be absurdly difficult to implement. It actually appears to hook into the Windows setup procedure somehow. If you don't run Windows, you need never know about this.
  • This is probably part of why Phoenix has gone from market dominance to a 2nd, 3rd or 4th fiddle lately. Seriously, though, I've gone through 4 or so MB's in the last couple years, and, although they were all different brands with different chipsets, none had a Phoneix BIOS. Evidently, eMachines was trying to make a buck off of this, and with Phoenix, it looks like it would be Phoenix's buck. I think that this will probably alienate OEM's, and I think that the minority who buy retail motherboards all have the intellience not to do this. Besides, with broadband access, who uses a phone line anyway? My PC hasn't been connected to my phone for 2 years now. Tim
  • Yes, I think you should write a letter, and post it. The world would generally be a better place if people acted (even a very limited action like that email) on their beliefs and encouraged others to do the same. ]i

    Sent: Wednesday, June 20, 2001 2:48 AM

    To: pnetcust_serv@phoenix.com;

    Subject: banner ads for free motherboards?

    FYI, I will gladly take a 5 second banner on startup if it means I can get my motherboard for free.

  • Actually, ABIT is listed:
    http://home.phoenixnet.com/boards/index2.html

    ABIT
    ACORP
    AOpen
    ASUSTEK
    A-Trend
    BIOSTAR
    ELITEGROUP
    EPoX
    Gigabyte
    Iwill
    JETWAY
    Lucky Star
    MicroStar International
    Shuttle
    Soltek
    SOYO
    Tekram
    Taiwan Commate
  • flashing your bios, which is quite a dangerous operation for the common user

    That's pretty sick, dude. Can't you just visit a pr0n site to get your kick? I do agree that it's dangerous, there are all sorts of sharp corners inside a PC to catch nude skin on.

    --
  • Er.. screwing over customers *without them realising* has always been looked upon as good business sense. Capitalism sucks. Then again, so does communism....

  • And to turn it off, you have to get into the BIOS. Most users don't even know what a BIOS is and are scared when they see it the first time.

    Can you imagine getting a popup every day: "Do you want to install Compuserve?".

    Now it's the BIOS, tomorrow the ethernetcard, soundcard, videocard? All fighting to install software on your PC?

    And the fact you need Windows 98?? The feature could be cool, but only to fix a crashed OS. When your PC is booted, you just don't need the BIOS.
    --

  • At least two ways to disable:
    Include PhoenixNet.com to your blocklist of our junkbuster (you do use something like it don't you?)
    Get a version of win98 without the software on it (only for those games that do not have Linux versions)
    Any other takers for ways?
  • by account_deleted ( 4530225 ) on Wednesday June 20, 2001 @03:32AM (#138720)
    Comment removed based on user account deletion
  • i hate script kiddies just as much as the next guy but they aren't all stupid. some have come up w/ various highly dangerous suites of attacks. besides, by the very definition, they are getting scripts from somebody who did the real work. just because they didn't write the exploit doesn't make your box any less owned.

    something like this, if exploitable, could really be nasty. this is below os security controls and I imagine you could get away w/ nearly everything. can you have the bios write files to disk? i dunno but my guess would be yes.

    you say you would just block it at the firewall. that is all well and good for you but most people still don't have firewalls on their boxen. especially as this is turned on by default many people won't even know it is a risk. then suddenly one day their machine participates in another yahoo DDOS and then fries itself just b/c the script kiddie is a 15 yr old shit that thought it would be cool to ruin other people's hardware.

    i don't see this as "overhyped dramatics". i see this as a serious threat.

    cj
  • Well, it looks like a lot of people won't have to worry about this any more.

    Microsoft doesn't sell Windows 98 anymore!

    Seriously, how does the merge into WinXP (NT) affect this? Secondly, how does something like ZoneAlarm react to your hardware trying to access the internet? Geez...

    I understand the need for BIOS updates, and the need for companies to make it easier on the non-technical user... but this 'phone-home' capability (and all the data-collection demons it brings with it) is just a bit too much.

    Good thing the OS it needs isn't sold anymore (at least, not 'officially').

  • Guess I'll never find out...as now any new MB better have a huge Award sticker on it.

    You might find out even so, since Phoenix bought Award around 1998, and they've been a single company since.

    They've been shopping around this stuff for several Internet companies, offering them the "opportunity" to be the default home page of the user... whether he wants to or not. The PowerPoint presentation I saw specifically mentioned Phoenix AND Award BIOSes as part of the deal.

  • by Tofuhead ( 40727 ) on Wednesday June 20, 2001 @12:15AM (#138724)

    With tux running in the kernel, it was only a matter of time before we had the next step: web server in the BIOS.

    I smell innovation. Thanks Phoenix!

    < tofuhead >
    --

  • Instead of grinning...

    I would have stood up, told him that he could stick his idea where the sun didn't shine, that you were personally never going to buy a machine with the Award BIOS in it, and would recommend the same to friends, and why, and that as of that moment, your friendship was dissolved, and if he couldn't understand why, then that was reason enough.

    Your "friend" has created an idea that essentially allows remote monitoring and control of other citizens' property and habits. This is morally repugnant, and unethical, to say the least. People who dream up such stuff should be stuffed back into the holes from whence they came...

    Worldcom [worldcom.com] - Generation Duh!
  • That's simply absurd. While I don't think it was a particularly good idea, there is nothing "unethical" about this at all. If the consumer doesn't want it, then the consumer won't buy it. This is not about some secret society spying on people.

    The fact is that the idea is being foisted on a group of people who may be unaware that the system is capable of doing such a thing. If the consumer doesn't know about it, then they are unable to make a choice not to buy it. Your friend had to know this, yet went ahead and pitched the idea to be created anyhow - probably thinking "Yeah, more money for me!", rather than taking the high road (and not disclosing his idea to his employer).

    The fact of the matter is that alternate revenue streams would serve to drive down the costs of PCs. If someone wanted the lower end PC that was subsidized by this, then it would be their choice.

    We both know this is a lie. Such schemes won't drive the cost of PCs down, but rather keep them the same, and increase profits - it is all about money, and "Damn the citizen!"...

    In fact, who are you to decide what people should or shouldn't have?

    I am a person who knows that the nature of man is to be free, yet corporations and government continue to build chains to enslave and control. Do you honestly think people want their computers reporting details contained on their hard drives back to some "anonymous authority"? You may say it is only relevant details, but the individual doesn't know this - they can't see source code, and I doubt many know how to use packet sniffer/logging programs to analyze data coming out the backend. Do you honestly think people want another entity looking over their shoulders? If society honestly wants this, then we are far, far down the slope - and we might as well strip to the skin and be bonded in chains, because that is what the situation would be.

    Something tells me you don't have too many friends.

    The friends I do have are those who oppose corporate and government tyranny and control such as this. The friends I have know about freedom and rights.

    Something tells me your friends would backstab you and society for a buck, grinning all the way to the bank...

    Worldcom [worldcom.com] - Generation Duh!
  • Funny how we all know about it.

    We are not typical consumers - even people who buy boards to do their own upgrades may not know about it if they aren't reading the fine print, or staying up on the issues. Most just want to upgrade to play the latest game or whatnot...

    The answer is because competition drives prices down, with a floor at the cost of production. If you have more revenues coming in, then that reduces the overall cost of production, and thus there is more room to reduce prices to undercut your competitors.

    This assumes something though - that the consumers are aware of the monitoring aspect and are willing to have it monitor them. If the consumer goes along with all of this, and likes it, and others do as well, then I could see this happening - but I doubt the box is going to say on the side "Spies on all of your habits in exchange for a lower price!". It will do it secretly - and the extra stuff will appear to be "magic" to the oridinary consumer (they tend to be sheep). If they came right out and said what it does, I tend to doubt people would really want it...

    Second, yes, there are people who would be willing to have details of their lives reported in exchange for money.

    Why not just "sell" themselves into slavery? What you say is true, and is disturbing to think about - that money should be above privacy to some people. Doesn't that disturb you? If it doesn't, it should.

    The supermarkets pay you for the ability to track your purchases. Don't want to participate? Fine, then don't. But I have absolutely no problem with being paid for this.

    I take it when you mean "paid", you mean "getting lower prices" - the truth of the matter is in how these cards really work. The savings aren't really there if the prices are raised a bit beforehand. Or, if the products you buy aren't the "typical" ones, the ones that are already high-priced to begin with. Furthermore, some stores give you the savings even if you don't use the card, so what is the card really for?

    And what's so ironic is that you people like you who talk on and on about freedom are the first people who say that I should NOT have the freedom to decide whether I want to be tracked or not.

    Why would you want to be tracked? For a small monetary gain (if any)? I can think of advantages of tracking, but the risks far outweigh the gains, especially since the system would never be open enough for the plebes to watch Big Brother. Who watches the watchers, huh? Sure the hell won't be you or me...

    Right -- as long as you are the one controlling what freedoms people have.

    Gah! I can't understand why you don't understand that being monitored isn't freedom! Think of it this way:

    Let us suppose I am your employer. I give you a choice (to freely make) to place a leash around your neck, so that I may track what you do during the day, while you are in my employ. I tell you in exchange for this, I will give you double your salary. You are saying you would take this deal, freely - yet I control the leash. Are you now more free?

    Somehow, you argue that you are...

    Worldcom [worldcom.com] - Generation Duh!
  • So you are for indentured servitude?

    In any case, unless this employer is forcing me into slavery, yes, my freedom is perfectly intact -- because I choose whether to participate or not.

    No - once you are bound by the leash or by chains, you would become my "bitch" - you would have lost your freedom of choice, because at that point you would be under my control.

    Or maybe you didn't understand my "proposal" - when I said leash - I meant a physical leash, made of steel, with a chain anchored to it - perhaps locked to the desk, while I sat nearby, watching your every move. Whoops! You made a mistake - "bitch slap"! Bad sl... I mean... worker!

    Do you still maintain that you are free - I hold the key to the lock, after all...

    Worldcom [worldcom.com] - Generation Duh!
  • unaware, you purchase a new computer, with magick phoenix bios ...
    ... being super-geek, you install linux w/o ever booting to Win98 ...
    ... everything properly installed, you plug your new server in and go to bed ...
    ... only to wake up in the middle of the night to the sound of doom ...
    ... and a bright windows interface finishing installation.

    Your heresy was detected, Windows reinstalled from on-board memory, you've been reported to the proper authorities, and your email address sold to spammers.

  • ... which as I recall reading not long ago, for a PC to be certified for WinXP, REQUIRES that the user have NO access to BIOS settings.

    IOW, a NON-user-flashable, NON-user-customizable BIOS. But the spec says nothing about whether the manufacturer is allowed to mung it up.

    I've just notified Phoenix that under no circumstances will I purchase Phoenix-based products for myself nor for my clients. If that "limits" my choices, big deal, at least they'll be MY choices.

  • Er.. screwing over customers *without them realising* has always been looked upon as good business sense. Capitalism sucks. Then again, so does communism....

    Can't find a not-at-all-sucky system. Find the least-sucky system. Capitalism is less-sucky than communism, because there is the potential for liberty under capitalism. Too bad that potential has been sold out. Plus, the indoctrination of our children into a global corporate state in which they are merely docile consumerist droids is complete.
    --

  • Is this necessarily a bad thing?
    Yes. Installing unauthorized software on someone's computer is a bad thing. Legally, morally, and technically.

    Tom Swiss | the infamous tms | http://www.infamous.net/

  • If you can disable it, then this isn't news. If you can't, then it could be illegal (using your bandwidth/computer without permission, etc).
    ------
  • I think it may have already been done [linuxbios.org].
    ------
  • > User registers MS Windows and completes MS OOBE.

    ...and if you're running 'doze98 at home, blowing away C:\WINDOWS\SYSTEM\OOBE\*.* is an easy 4-5 megs saved. Poke around in there - have you ever seen any of that crap used? (And would you want to? ;-)

    (Why does it matter? I dunno about you, but I cram my '98 installs into either 256M or 512M partitions, just so I can keep my "OS" and data separate. OOBE is bloat, bloat, bloat.)

  • > I thought OOBE stood for Out Of Body Experience.

    Out Of Body Experience, Out Of Box Experience. I dunno, same thing to me. I spend so much time inside my PC's case that I don't even bother to put the cover on anymore.

  • > I think it would be nice if it were helping me to flash the bios.

    The hell it would be.

    When I want to flash BIOS, I'll flash BIOS. If I don't have any problems with my current BIOS regs, I won't flash BIOS and run the risk of introducing bugs that may have come with the new revision.

    > Q: What if I want to discontinue using the PhoenixNet resident application?

    Of course, since I buy my drives OEM and install my own damn OS on 'em, I never have to worry about this in the first place - no phone-homeware installed, no phone-home risk.

    I really pity people who buy their PCs from name-brand manufacturers as opposed to screwdriver shops. I really do.

  • > My Soyo motherboard (6BA-III+) has a boot up scren that announces "your computer is PhoenixNet enabled." I think I aquired this feature in a BIOS update that I installed to fix a Matrox related bug.

    Question to all: Has anyone run CBROM.EXE on a PhoenixNet-enabled BIOS dump?

    I'm wondering if PhoenixNet is a module that can be unloaded from BIOS, and then the BIOS reflashed.

    Given that it's marketing-related (i.e, Award expects to make money off it), it's quite plausible that they'd release BIOSes that "have it" (because the manufacturer/reseller either paid or got paid for it) and "don't have it" (for those evil OEM types). The logical way to do this would be to modularize it, in the same way that the .BMP that makes up the "boot logo" is a module that can be loaded or unloaded before reflashing.

    For more information:

    BIOS Customization Page [geocities.com]

    (And many more, but this gives you the general idea of what CBROM.EXE is for.)

  • "It could be done with a backdoor, then leaving the port open, the script kiddie would have to scan complete address blocks, but if they're going to do something so difficult, then they're even bigger idiots for not downloading already availble trojans that'd do the same."

    And you don't think that Phoenix is probably leaving a _specific_ port open to accept incoming connections to the computer? If they don't now, I'd bet it wont be long. At that point all you'd have to do is spoof packets etc. etc. etc.

    From a security standpoint, this software is a horrible breach of "trust" between the MB/bios manufacturer and user.

    Somebody tell me when all of a sudden capatalism turned into sell-my-privacy-to-the-highest-bidder?
  • This frightens me, not just because it's happening already, but because it looks like the shape of things to come.

    It looks like the computer companies are taking lessons from the cell phone industry. Your computer will soon render itself useless unless you're sending money into the appropriate chain.

    Phoenix to your ISP: "Hey, we're gonna switch your user to our ISP unless you pay us not to."

    Your ISP: "Hey, you can't do that!"

    Phoenix: "We just did."


    In addition, if you thought you got telemarketing calls and junk-mail NOW, just wait! Phoenix knows which batches of mobos were shipped to which retailers. Now they'll know exactly where those computers are being used. Paying in cash is futile, you WILL be tracked. Changing your browser's start page is futile, your PC WILL contact someone. Not using Outlook is futile, you WILL have programs installed on your computer without your consent.

    Also, I doubt this thing can be made secure. How long until someone figures out a way to overflow the BIOS and install arbitrary code into the Flash chip? The ultimate BackOrifice involves control from the moment the machine's powered on.

    Only massive public outcry, like that which surrounded the Pentium III serial number, will persuade companies not to do this.
  • Or calling 911 when you're not looking, like Japanese phones are doing now.
  • Will traditional ad-blocking software work with this? If they're flashing ads into my BIOS so that I see sponsorship messages during boot, I don't think the Junkbusters are going to be able to stop it.

    Anyone think it'd be feasible to hijack this system and use it to provide greater USER configurability, custom logos during boot, and so on?
  • Yes, you can buy (or lease) them this way. IBM, Sun, and HP all have this feature available on one or more of their "midrange" systems; I don't know about any other co. 'cause we only use those 3.
  • ...the RS/6000 (Which isn't a whole lot more than a Power Macintosh)....

    Uh, the G4's are pretty hefty, and on the low end of the RS/6000-pSeries lines some of the systems are small, but there's a tad bit of difference between a 4-PCI slot, 1 CPU system (even with 1.5 GB memory) and a 24-CPU, 96GB system with 56 PCI slots, etc.

    Besides, those black cases & keyboards are way cooler than wimpy pastels, and how do you rack-mount the Mac? :-)
  • This BIOS is going to interface with your TCP/IP stack on whatever OS you are running, bind a port, and then have some sort of interactive interface on the other side? Gee, that's quite impressive. A bound port is no more useful than an unbound port unless you have some sort of service on the other side...
  • by joq ( 63625 )

    I see nothing wrong with Phoenix trying to make a call when I boot up my pc, because I barely ever shut it down for one, secondly I don't use Phoenix BIOS anymore, and thirdly if I did I would block it out on IPF.

    It's nice for companies to attempt to improve their products however I think they should notify their customers with their intents and base their judgement on those results. Not every single company is out to shaft everyone, and not every company is out to monitor you like Big Brother.

    Now what would have been an excellent YRO story would have been something about "Digital Angel [antioffline.com]." Now there is something I could spend hours on end posting on.
  • I don't think I could imagine the destruction that would be cause by millions of PCs with a backdoor/hole/bug in their firmware, that could easily be remotely exploited. If you thought DDOS attacks were bad now, you ain't seen nothing yet.

    First off this applies to Windows98, and many people have migrated off of it to other MS OS's (NT, W2K, etc) or other OS' entirely. How could someone remotely execute anything when someone would still need an IP address from their provider? Script kiddies can baReLy sPeLL cOrReCtLy 95% of the times, do you expect them to yank off an IP address from a provider and designate it to someone?

    Give me a break.

    As stated in my above post, if I did have Phoenix Bios and a Winshit98 machine I would auto block it on a firewall should I not be allowed to disable it, which would make it obsolete. Sure it may dial, but there isn't any data going through, and if I saw anything peculiar such as my machine making its own settings, I'd contact EFF, ACLU, and EPIC and start a riot.
  • the "Not all corps are out to get you?"

    People misunderstand our site, we're not anti anything, we just don't give a shit about anyone ;) I run AO have been running it since it was born www.antioffline.com/about.html [antioffline.com]

    Anyways as for the BIOS and script kiddiots, it'd be an enormous task for someone to create an exploit since as stated, well let me rephrase this a bit... It's be hard for someone to create an exploit for your typical dial-up customer, since they would (the script kiddie) need to know which machine to interact with upon boot.

    It could be done with a backdoor, then leaving the port open, the script kiddie would have to scan complete address blocks, but if they're going to do something so difficult, then they're even bigger idiots for not downloading already availble trojans that'd do the same.
  • I think it would be nice if it were helping me to flash the bios. I've had trouble finding the right update before, but it doesn't, it's a marketing tool for other technologies! Like everything else, there are some good things that could come of this, but they won't because the marketing people got to it first.

    also, I agree that it's not that bad because you can turn it off

    from the faq:

    "Q: What if I want to discontinue using the PhoenixNet resident application?
    A: That's easy. You can disable or enable PhoenixNet at any time with a right-click on the PhoenixNet tool tray icon."


    my overall feeling is 'meh, whatever'

  • The thing with IBM is, when you buy IBM servers, you also pay for them to manage the servers for you. Having this reporting tool is common sense for fast service.

    But when you buy a personal PC for your home, you want to install software you like on it, and play with it as much as you want. You don't want your MB maker to manage your PC for you. If you did, you would have paid someone to do it.

    So why would a MB maker be so stupid to offer a feature the consumer doesn't want to pay for or use, when it can sell the feature to corporate users? New features for the sake of new features?


    ---
  • a powerful tool for communication, entertainment, education and business.

    In other words, Advertising Revenue.

    ADs at Bootup...
    ADs at Shutdown...
    ADs at Hardware Setup...
    ADs at Hardware Failure....

    ADs...
    ADs...
    and MORE ADs....

    I'll bet they even sneak a commercial in for a motherboard upgrade when yours starts to feel dated (two weeks after you've bought it.)

    "Everything you know is wrong. (And stupid.)"
  • Obviously NOT. This isn't for updating your BIOS automatically, which would be good. It's to install Adobe Acrobat and like 3 other programs and set your home page and search page. It has not point, there is no demand for it.
  • by dgb2n ( 85206 ) <dgb2n&yahoo,com> on Wednesday June 20, 2001 @02:45AM (#138753)
    This "feature" is built into the bios of my new AMD Thunderbird motherboard, the Iwill KK-266 (nice MB by the way). Its not quite as evil as this article suggests. It is an attempt to get you to sign up with their ISP.

    Unless you activate it within the bios "phoenixNet-enabled PC" and agree to their ISP partnery, you never hear a word from the program. It sits quitely on your bios and never contacts the mothership ;-)

    Also from my mother board manual:

    1. User reads system information from graphic launch screen

    2. User registers MS Windows and completes MS OOBE.

    3. User accepts/Rejects PhoenixNet service

    4. User accepts/Rejects PhoenixNet ISP Partnery

    5. PhoenixNet and ISP icon appear on desktop.
  • by Greyfox ( 87712 ) on Wednesday June 20, 2001 @03:03AM (#138754) Homepage Journal
    IBM's low-end hardware doesn't do this, but very nearly all the big iron does. Starting with the RS/6000 (Which isn't a whole lot more than a Power Macintosh) and going all the way up the product line, the systems are designed to call home on a regular basis and report what hardware is installed on their system.

    Some machines require this data to be in the database so that hardware engineers can enable upgrades on your system. For example, you can get an S/390 with some of the processors turned off and it'll cost you less. Then, if you expect processing to hit a peak (Like, around Christmas maybe, if you're a retail outlet) you can pay IBM some money and they'll enable the other processors for a limited period of time. Several of the disk array products work the same way. You can buy an 11 terabyte array and only want to use 1 terabyte of it. You can turn on more disk storage as you need it and you get billed for the extra storage as you turn it on. If the machine doesn't report back when it's supposed to, a friendly IBM CE will visit to repair your defective device. I don't know what those guys bill out at. Used to be $120 an hour.

    Unlike the desktop segment of the population, IBM and its customers view this as business as usual, allowing IBM to deliver faster and better service to the customer. Sure it means IBM has more control over the system than it otherwise would have, but the customers often don't want to be bothered with the thing anyway. They just want it to work. They're paying a premium for just this feature as well as the IBM brand name.

  • No... Phoenix is smarter than that. They own Award [phoenix.com]. If you look at Phoenix's site (ugh: text in graphics is AWFUL web design) it says underneath "PhoenixNet":

    New and experienced users alike face some tough hurdles when trying to get running on a new computer. From connecting to the Internet to learning about and managing their PC. How do they get started? What do they need? How can they get these essential tools? Usually, it takes a computer expert to navigate the Internet and locate, access and install the latest Internet technologies for communication, entertainment, education and business. Most users don't even know what they're missing.
    To summarise: we'll dump lots of crap on your desktop, force us to be your home page and spy on you. People with packet sniffers have confirmed that the software sends stuff back even when "disabled". And one of their partners is RealNetworks, whose own spyware will be
    automatically packaged and installed
    alongside Acrobat Reader and other such rubbish. No thanks! There's always AMI [ami.com], of course...
  • Yet another case of a great idea and excellent engineering gone wrong due to ridiculous business practices (management?)...

    Mike Roberto
    - GAIM: MicroBerto
  • Well, I can start off by saying I watched AntiTrust last night. Wonder if there's a partnership in the making sometime soon with Phoenix and umm "Nurv".

    Seriously, does this exciting new "feature" work with all the newer versions of Windows too? Like ME, 2000 and XP? Or just 98? (Can't imagine buying a new machine with 98 on it anymore.)

    5 Steps to buying a computer:

    1) Go to computer store.
    2) Buy computer.
    3) bring home.
    4) Format Hard drive.
    5) Install Linux.
  • Can anyone recommend an alternative, non-snooping BIOS maker? Award [award.com] apparently merged with Phoenix.
  • What's next? M$IOS, which automatically installs the next version of windows and charges your credit card? In the race for money today, it seems that screwing over the customers is looked upon as good buisiness sense...
  • Didn't you know that capitalism is a virus. Everything else you need some revolution or an army to stay, but sooner or later capitalism takes over anyway. Can I buy some shares in capitalism soon?

    Sarcasm or criticising society? You decide;)
  • by Dr_Cheeks ( 110261 ) on Wednesday June 20, 2001 @04:07AM (#138764) Homepage Journal
    Hmm, it seems no-one at Phoenix is aware of those viruses that can flash a user's BIOS. Sure, mostly they just wipe it, but what if a virus is written to get the BIOS to do something more useful. Like, ooooh, say, connect to a cracker's server and download/install some sort of crack or backdoor (Back Orifice or similar).

    I doubt this is beyond the realms of possibility, and once some clever hack has figured out how to do it the skript kiddeez will soon get hold of it. Hell, maybe it could even be tagged onto a VB app and turned into an Outlook worm - cue millions of cracked boxen that can only be made safe by flashing the BIOS, and how many regular (i.e. non /. visiting) users have the first idea how to do that?

    Please someone tell me if I'm just scaremongering here (and give details), but I do genuinely believe this is a problem waiting to happen.

  • I run everything through a dedicated linux router/firewall/server. it will not be upgraded. when it dies, it will be replaced by ... the same thing. Since all my other connections would have to go through it, I can cut off the phone-home on ANY application, firmware or not.

  • Here's the list of vendors to avoid. Note that Phoenix is the maker of the "AWARD BIOS", so that's the name to look for.
    "Here is a list of the system board makers that are PhoenixNet-enabled. " [phoenixnet.com]
    • ABIT
    • ACORP
    • AOpen
    • ASUSTEK
    • A-Trend
    • BIOSTAR
    • Chaintech
    • ELITEGROUP
    • EPoX
    • Gigabyte
    • Iwill
    • JETWAY
    • Lucky Star
    • MicroStar International
    • Shuttle
    • Soltek
    • SOYO
    • Tekram
    • Taiwan Commate

    Ask for them by name, and just say no.

  • There's a review [lostcircuits.com] available on LostCircuits. It's very bad. Items:
    • "Internet Explorer settings are mercilessly overwritten so that the default startup page is PhoenixNet with a customized taskbar similar to the practices employed by some porn sites. All shortcuts lead to CNET or their online shopping mall..."
    • "even uninstalling PhoenixNet will not remove all the desktop shortcuts and browser default settings."
    • "every access of MySimon caused the system to hard crash."
    • "Including this utility in its present form is the worst of all cardinal sins a mainboard manufacturer can commit and whoever came up with this glorious idea to get kickbacks from CNET should be put in front of a firing squad."

    And new, more intrusive features are coming. Here's PhoenixNet's pitch to resellers [phoenixnet.com]:

    • "PhoenixNet can identify and reach users any time they are online. Regular market reports generated by PhoenixNet on users -- and the products they use -- can help you deliver more effective products, services and promotions to your customers."
    • "Soon, PhoenixNet will have the capability to identify users' PC needs (such as a full or failing disk drive), alerting you to a potential up-selling opportunity specifically to that user. Also, if you offer on-site technical support for your local customers, PhoenixNet will be able to integrate your contact information into our Tech Support Portal's list of tech support providers."
    • "Our services will soon be available to users of Microsoft Windows Millenium and Windows 2000."

    This needs to be publicized in the mainstream media. It's far worse than the Intel Pentium III serial number fiasco.

    It also needs to become well-known to corporate IT managers, who aren't going to want those things on employee desktops and won't like all those unauthorized outgoing connections.

  • The BIOS apparently force-installs services into Windows. How it does this isn't clear. Does anybody know how this is actually implemented?
  • supposedly a fake device reported by the PnP routines that plug 'n' plays its way right into your windows...

    Oh, joy. Next we'll have peripherals that install spyware and spamware. It's a good thing the CueCat people went bust before this was developed.


  • There is the whole privacy issuses, etc... but I have a stupid question: What does a BIOS (Basic Input/Output System) have to do with push technolgy?

    Seriously can I get a low level hard drive interface in my AOL Messager? I want my memory timings driven by my Email Client. I also think that the chip on my sound card to be able to download stock updates though hardware and my CMOS should store my Intenret Explorer book marks.

    What ever happened to "Do one thing well"?

    Oh wait, I guess I forgot BASIC INPUT/OUPUT these days involved http connections behind my back.


  • Sent: Wednesday, June 20, 2001 2:48 AM
    To: pnetcust_serv@phoenix.com; pnet_tech_sppt@phoenix.com; public_relations@phoenix.com
    Cc: robert.blincoe@theregister.co.uk; editors@tomshardware.com; news@arstechnica.com; henry.kuo@anandtech.com
    Subject: re: PhoenixNet BIOS - backdoor whether I like it or not?

    Phoenix,

    I certainly hope that the information about PhoenixNet on your site [http://home.phoenixnet.com/about/index.html] is incomplete, or that I'm misinterpreting it.

    My interpretation is that there is no way for me to disable PhoenixNet on a hardware level, that the program will run in Windows whether I like or not.

    I consider this an unconscionable invasion of my privacy and a theft of my computing resources. I think that you're going to get lots of backlash and bad press, and you'll deserve all of it.

    I for one will never buy a motherboard equipped with a PhoenixNet BIOS, nor will I install one in any of the dozens of PCs I manage.

    Yours,

    /me

    "We all say so, so it must be true!"
  • Blockquoth the AC troll:
    because of you they will change their entire product line and forget about all the money they spent developing this.
    Maybe they will, yes. There's certainly precedent [slashdot.org]. Even if they don't, I like my solution (action) better than yours (cynicism).

    "We all say so, so it must be true!"
    1. I'm already at the stupid karma cap. Plus, if I'm playing down here with you ACs I obviously don't care if I lose karma anyway. So, no whoring.
    2. Yes, I think you should write a letter, and post it. The world would generally be a better place if people acted (even a very limited action like that email) on their beliefs and encouraged others to do the same.


    "We all say so, so it must be true!"
  • by jchawk ( 127686 ) on Tuesday June 19, 2001 @11:51PM (#138774) Homepage Journal

    Easiest way is to not run windows.

    But if you must, here's how to remove it. Uninstall Phoenix net in the windows, and in the bios change Phoenix net from installed = yes to No.

    Phoenix net is installed when you install the drivers from the motherboard and you go with the defaults rather then choosing your own options.

  • by jchawk ( 127686 ) on Tuesday June 19, 2001 @11:47PM (#138775) Homepage Journal

    4.1 PhoenixNet Introduction

    PhoenixNet is a service that provides PC users with best-of-breed, free, software services to support their PC hardware and software and to turn their computer into a powerful tool for communication,entertainment, education and business.

    4.1.1 Internet Launch System The PhoenixNet Internet Launch System (ILS) is a patent-pending technology built into the firmware to enable online PC users worldwide to communicate with PhoenixNet and to receive the free PhoenixNet services. ILS resides safely within ROM and is activated the first time a user launches a PhoenixNet-enabled PC with a Windows 98 Operating System.

    4.1.2 PhoenixNet Online Services When the PhoenixNet ILS detects an Internet connection, it makes contact with the PhoenixNet server and delivers user-selectable services from PhoenixNet's Internet Partners. These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs.

  • I really pity people who buy their PCs from name-brand manufacturers as opposed to screwdriver shops. I really do.

    I always build my computers too, even workstations for work. I used to buy work computers from "screwdriver shops", but there is too much instability. It is really because so many people prefer to buy from a big company. They seek saftey in numbers.

  • ... and put the web server totally out from the machine, in the network!!!

    ... oh .... wait a minute ...

  • Well perhaps they could get around the legal issues by not SELLING the motherboards, only LEASING them.

    Then it would be theirs to mess with at will.

    As for moral and technical issues, they are often ignored by corporations.

    As long as people will buy it...

  • Even better, if you haven't upgraded within what they consider a reasonable time, the BIOS could force the issue by cauing something to fry (*) or erasing itself.

    (*) BIOS can be erased, various other NVRAMS erased, clock chips can be programmed to overspeed and burn stuff out, overvoltages can be caused by software commands (look at the motherboards that let you set CPU speed and voltage from BIOS), etc.
  • From Futurama [fox.com]...when Fry wakes up explaining that he had the weirdest dream about underwear and it turns out it was an advertisement. Heh!

    We are not far now...
    --

  • It's a good thing this is only a Windows-only deal. It's not just a bad idea, it's outright deranged.

    The BIOS is firmware. That's all it is, and that's all it should behave as. And the point about reflashing BIOSes is worth remembering -- don't forget that nasty little firmware update that B&W G3 Mac users had to deal with last year.

    I'd go so far as to say that it's a shame that OpenBIOS and LinuxBIOS aren't as far along as they could be -- at least the early IBM PC users could look through the listing for security holes and such. This is just flat out ridiculous.

    (For the record, the LinuxBIOS idea seems to be a pretty specialized design -- too clunky and potentially difficult to maintain IMHO. I wouldn't use it personally, though OpenBIOS seems to have potential even if it's a comatose project.)

    /Brian
  • You'll have to run a transparent proxy on a different machine. But then, sure, you can probably hijack it. Unless they've done some kind of weird public-key thing in the BIOS, which is hard to believe.
  • by peccary ( 161168 ) on Wednesday June 20, 2001 @03:35AM (#138787)
    I'm surprised that no one has already posted this.

    Microsoft has placed very strict limits on what customizations vendors can do on systems before they ship. Microsoft wants Windows to control the horizontal and the vertical. Well, there's another player in town with a pretty large market share, and the tactical high-ground: Phoenix. The BIOS rules the machine, not Windows. I'm positive that this feature was requested by the systems vendors, and it's just a case of them fighting back against one of their suppliers who has gotten a bit too pushy.
  • by NerveGas ( 168686 ) on Wednesday June 20, 2001 @07:10AM (#138789)
    Using your processing cycles, bandwidth, and connection time for their own purposes? Sounds like "Theft of computers services" to me. It would be interesting to see that used *against* corporate computer stupidity.

    steve
  • I wasn't sure I wanted to post this, because it could possibly give away my "secret identity", but...

    A friend of mine is reasonably high up at Phoenix. He had been working on a "secret project" that he wouldn't tell me anything about, but he told me that it was going to be big. Of course, I badgered him for information, but he wouldn't tell.

    Well, I had lunch with him one day not long after PhoenixNet was announced. I asked him, "so what's up with this PhoenixNet thing?" He replied, "what do you think of it?"

    I then went on to totally trash the idea, saying why it wouldn't work, that people wouldn't stand for their BIOS downloading advertising, on and on. I railed on for quite a while. I might've even called it a "stupid idea".

    Then I said, "hey wait a minute... is this the secret project you've been working on??"

    He said, "Yes. It was my idea."

    Oops. I kind of grinned sheepishly. Huge case of "open mouth, insert foot."


    --

  • by revin ( 191651 ) on Tuesday June 19, 2001 @11:46PM (#138804)
    http://home.phoenixnet.com/privacy/pcusers.html [phoenixnet.com]
    This is bios level spying and advertising, even from Phoenix's partners. I think most users will not even know it is installed (by default). The only way to get rid of it is flashing your bios, which is quite a dangerous operation for the common user
  • "No way"; the whole idea of BIOS doing that sort of thing within an OS seems crazy -- installing items on a filesystem by the BIOS would be, reasonably possible probably -- but detecting a network, constructing packets, and independently talking with their little site? I doubt that.

    What they're probably doing is a whole lot simpler and more plausible too... Since their BIOS can't do things like access the network itself, they have to depend on software they have the user (or the OEM) install on the system.. by making their `windows driver software' for supposed components on the motherboard include other software that simply launches an internet client they could do what they need without any involvement from the hardware; *Recalls flashbacks of 'MSN Network' setup icons mysteriously appearing on desktops of new windows installations and the desktops of any new user profile being created that drove him crazy*.

    While it may be theoretically possible for a BIOS to implement its own network layer and a separate IP stack, to have built-in know-how to scan the status of modem/NICs to detect not only that a network is present but that the network is connected to the Internet; it is extraordinarily unlikely that this is what is happening -- it would simply be a waste if Phoenix could just as easily have software installed on the system's hard drives through traditional means.

    The idea that their entire system (hardware drivers, client, network code, DNS stuff, etc) could be reasonably contained within BIOS ROM is preposterous in my opinion.

    I think what is more likely; however, is that those who install software provided phoenix or those using pre-built systems with their BIOS get this installed by default and the otherwise traditional software might be able to make use of 'special BIOS hooks' which could have been created for its benefit...

    In my opinion, this is similar to the makers of web browsers settting a default page of their maker; example: netscape's home.netscape.com; Microsoft's www.msn.com -- the difference? Phoenix is selling BIOSes, not client software: this is akin to buying a calculator program and having its installation add banner ads to your /etc/motd (ala desktop -- i'm assuming that Phoenix will make use of the advertisement opportunity; but that I think you can count on.) oh yeah and sending your hostname, browser name, and of course random /etc/passwd snippets to the vendor!

  • by TheOutlawTorn ( 192318 ) on Tuesday June 19, 2001 @11:34PM (#138806)
    Hmmmm, what did you say your Phoenix Technologies BIOS serial # was?

    clickity-click

    Oh dear, looks like your hard drive has been disabled. No, I can't fix it from here, but I have a friend who lives by you and could fix it in his spare time, he charges about $200/hr. Uh-oh, looks like one of your RAM chips just went!
  • by b0rken ( 206581 ) on Wednesday June 20, 2001 @03:51AM (#138811) Homepage
    I must admit I'm having trouble fathoming just how this works. But I know why Phoenix has done this.

    Remember the Microsoft anti-trust trial? One detail that emerged was that Microsoft does not permit OEMs to perform modifications to the desktop, startup sequence, etc. This means that the OEMs can't give the user a "custom experience" or differentiate their machine from others using Microsoft's software.

    This Phoenix BIOS trick lets OEMs skirt the Microsoft OEM license by performing the customization after the user has the machine.

    So, in one way, I say "kudos" to Phoenix for figuring out how to subvert Microsoft's restrictive OEM licensing agreements in this way.

    On the other hand, I'd like to understand more technical details of the feature, whether it could bite me while I'm trying to use Linux, etc. Has anybody turned up relevant patents?

  • Time to cover the computer with tin foil now too (you should see my cat...) You should see his cat during a thunder storm... "Here, Sparky!"


    Tongue-tied and twisted, just an earth-bound misfit, I
  • I agree. It's nice for companies to attempt to improve their products with services that customize their behaviour based on a user's needs. However, they should disable this feature by default and prompt the user during an installation of Windows to turn this feature on or not. The prompt should clearly explain what is being transmitted each way. Not every company is Big Brother, but it'd be nice to know Phoenix isn't trying to pull a fast one on us ala Digital Convergence.
  • by AFCArchvile ( 221494 ) on Wednesday June 20, 2001 @04:15AM (#138817)
    CounterExploitation's summary of PhoenixNet [cexx.org]

    It sums up everything, and also contains key (annotated) paragraphs from the PhoenixNet site (so if you're too afraid of evil scripts to visit the PhoenixNet site, you can see it safely from this site). The main page of cexx.org [cexx.org] (no relation to anything disgusting; it stands for Counterexploitation) has other helpful and interesting pages about spyware, foistware, backdoors, scams, and such. Most of it pertains to Windows, but there's some other cross-platform/no-platform topics there (including a way to make the CueCat output raw barcodes without requiring any software intervention [cexx.org].)


  • We have a right to expect honest, open behavior.

    Before we buy a product, we have a right to understand anything that might make us change our minds.
  • Did you read the story? It doesn't try to make a call when you boot your PC (BTW: in many countries software trying to do this is illegal as actions that may cause cost / data loss / damage can only be performed at the specific request of the user) - it steels a bit of your connection space when you go online.

    And from what is said it doesn't look like a privacy issue, but more the problem is that it might be subverted to install trojans on your system (eg the "law enforcement" monitoring trojan recently discussed on cryptome).

  • by FreeMath ( 230584 ) on Tuesday June 19, 2001 @11:58PM (#138821) Homepage Journal
    Yet another reason to switch to OpenBIOS [linux.de].
  • Hello Phoenix Helpdesk, what can i do for you ?

    >Hey its me the new kid on the IT department and i cant seem to remember my password.

    No Problem, *tickclickclick* your new password is *****

    >And now we are on the phone anyways, what was the dialin number to connect to the network from home ?

    Thats (insert telephonenumber here), is that all ?

    >Yes, thank you.

    *dailing into PhoenixNet Network*

    Upload your Windows Auto Linux installer to be started with the ISL and set back and wait, reboot all win98 machines....

    PhoenixNET user wakes up in morning, looks at his computer, who changed the start button for a big foot ?

    Tralalala.....party on.....

  • Did you notice they said this code was in a "Read-Only" portion of the BIOS?
  • Maybe someone could hack this to make his/her motherboard automatically work at getting first post!

  • Not every single company is out to shaft everyone, and not every company is out to monitor you like Big Brother.

    Isn't Phoenix the same BIOS maker that pushed hard for CPRM? Perhaps not every company is out to shaft everyone, but I'm pretty sure Phoenix is.

  • While some people question the feasibility of this system to exist on the BIOS ROM (ie, too many components), remember the most important aspect of this phoenixNet script: Windows (98). While its not confirmed that it can run on other flavors of Windows (good god, I used flavors and windows in the same sentence), we must assume that ME is also compatible. 2000 and XP are a bit of a stretch. Next, take into acount the piss-poor(it's all relative) networking capabilities of Windows. I wouldn't doubt that there is some file somewhere in the Windows OS that acts as a flag for a network connection. After that, there's the network device. Windows, once again, stores all that info in the registry. Tricky part is understanding it. Couple hundred kilobytes can do that, along with cloning the driver info. All this stored on the new, practically empty (but still corrupted by M$) HDD. And finally, the actual code to execute the "phone home" portion. Low level communication via TCP/IP isn't that hard, if you know how to construct packets from scratch. A few more kilobytes can take care of the initial handshake + serial #. The rest of the program can be run on the HDD. See? It's not that difficult. Give some BIOS engineers this project for a few weeks, and they'll spit out the same thing. Nevermind the ethics, because as my Econ 301 teacher used to say: "In order for capitalism to thrive, greed must be considered 'good.'" Yay capitalism! ---- O Viespatie! Vel Desreles! Man bloga.
    O man, Sausage again! I'm sick of it.
  • by Zpottr ( 461496 )
    Would be cool to be able to ap-get a complete Debian system onto your disk through your BIOS, no? That way you would'yt even need an boot floppy.

Reality must take precedence over public relations, for Mother Nature cannot be fooled. -- R.P. Feynman

Working...