Slashdot | Phoenix BIOS Phones Home?
Paul E. Robichaux
paul at robichaux.net
Wed Jun 20 09:14:42 PDT 2001
Well, where I come from this is useful functionality! In combination with a
feature called RIS (remote installation service) in Windows 2000, you can
create a library of canned machine images and blast them out to machines over
the network. One of our major customers has cut the time necessary to replace
a failed machine down to about 15 minutes: plug in the new machine, hit F12
during boot to trigger PXE, lay down the image received from the RIS server,
user logs in, and voila!
As much as you & I may not like it, in many corporate environments the
computer should be no more personalized than the telephone. No one gets
emotionally attached to their telephone, and replacing it is a trivial
affair-- all the speed dial numbers, voice mail, and so on is stored in a
central box. So it is becoming with PCs.
As a side note, none of this is even remotely new. Microsoft & Intel, plus
their partners, have been pushing variations of this theme for almost 10
years now. My favorite feature is the one that sends a network yell for help
via SNMP when someone opens the lid on a machine.
> -----Original Message-----
> From: Ray Dillinger [mailto:bear at sonic.net]
> Sent: Wednesday, June 20, 2001 10:52 AM
> Cc: cypherpunks at einstein.ssz.com
> Subject: RE: Slashdot | Phoenix BIOS Phones Home?
>
> On Wed, 20 Jun 2001, Trei, Peter wrote:
>
>
> >To further expliain, this is no worse than Netscape or IE
> >starting with their default home pages. Also, if you to
> >install a non-Microsoft OS, the canned app in the BIOS
> >can do absolutely nothing.
>
> This is not quite true. Search on their site for the acronym
> "PXE" -- it stands for "Preboot eXtension Environment".
>
> I went and hunted on Pheonix's website and came across some
> interesting things: Aside from the preboot extension environment,
> which allows apps made by pheonix to run on your hardware before
> an operating system loads or in the absence of a functioning
> OS, there is a remote-boot facility, a capability for remote
> lockout of input from the local user, acess to the machine
> hardware (including disks, by physical sector and track
> addressing), etc. They claim it's part of an "Intel's
> initiative" to make machines "Universally Manageable and
> Universally Managed."
>
> Most of this crap appears to require access to the local ethernet
> to perform -- it's not a TCP/IP issue until someone uses TCP/IP
> to subvert another machine on the same local ethernet segment -
> but from there it looks like they can pretty much do whatever
> the hell they want with a machine, including remotely flashing
> the BIOS with new applications for the preboot environment -
> meaning if they figure out that you're running linux filesystems,
> they can just change their sector accesses to compensate and get
> into your files with a preboot extension. Slick, huh? Or they
> can remotely install an operating system of their choice over
> the network.
>
> Relevant search phrases to turn up a lot of scary shit:
> "Universally manageable and Universally managed".
> "Wired for Management"
>
>
> The particular URL that I'm taking this particular paranoia trip
> on: (It's a pretty long document, look toward the bottom)
>
> http://www.phoenix.com/PlatSS/pcplatforms/desktop/PBfeatures.pdf
>
> Got a new system with a pheonix BIOS? Congratulations!! Your
> machine may be among the "universally manageable and universally
> managed." Isn't that special?
>
> Bear
More information about the Testlist
mailing list