Wow. I'm astonished. And upset. thanks, Peter Trei
---------- From: Ray Dillinger[SMTP:bear@sonic.net] Reply To: Ray Dillinger Sent: Wednesday, June 20, 2001 11:51 AM Cc: cypherpunks@einstein.ssz.com Subject: RE: Slashdot | Phoenix BIOS Phones Home?
On Wed, 20 Jun 2001, Trei, Peter wrote:
To further expliain, this is no worse than Netscape or IE starting with their default home pages. Also, if you to install a non-Microsoft OS, the canned app in the BIOS can do absolutely nothing.
This is not quite true. Search on their site for the acronym "PXE" -- it stands for "Preboot eXtension Environment".
I went and hunted on Pheonix's website and came across some interesting things: Aside from the preboot extension environment, which allows apps made by pheonix to run on your hardware before an operating system loads or in the absence of a functioning OS, there is a remote-boot facility, a capability for remote lockout of input from the local user, acess to the machine hardware (including disks, by physical sector and track addressing), etc. They claim it's part of an "Intel's initiative" to make machines "Universally Manageable and Universally Managed."
Most of this crap appears to require access to the local ethernet to perform -- it's not a TCP/IP issue until someone uses TCP/IP to subvert another machine on the same local ethernet segment - but from there it looks like they can pretty much do whatever the hell they want with a machine, including remotely flashing the BIOS with new applications for the preboot environment - meaning if they figure out that you're running linux filesystems, they can just change their sector accesses to compensate and get into your files with a preboot extension. Slick, huh? Or they can remotely install an operating system of their choice over the network.
Relevant search phrases to turn up a lot of scary shit: "Universally manageable and Universally managed". "Wired for Management"
The particular URL that I'm taking this particular paranoia trip on: (It's a pretty long document, look toward the bottom)
http://www.phoenix.com/PlatSS/pcplatforms/desktop/PBfeatures.pdf
Got a new system with a pheonix BIOS? Congratulations!! Your machine may be among the "universally manageable and universally managed." Isn't that special?
Bear