Slashdot Log In
Phoenix Bios to Incorporate DRM
Posted by
michael
on Thu Sep 04, 2003 10:45 AM
from the goodbye-free-software dept.
from the goodbye-free-software dept.
defishguy writes "Extreme Tech is reporting that Phoenix Technologies is shopping a DRM-capable BIOS to OEMS. Reportedly the BIOS with DRM enabled allows for software to be tracked and traced from one PC to another." See also this older story about AMI.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Treat it like a Phoenix (Score:5, Funny)
If not, the name was inappropriate.
yeah, and... (Score:5, Insightful)
Re:yeah, and... (Score:4, Insightful)
Parent
Charming... (Score:4, Insightful)
Looks like we've gotten a heads up on whose equipment not to buy anymore.
Thanks a lot.
DRM Enabled (Score:5, Funny)
Re:DRM Enabled (Score:4, Funny)
Let's just hope that they're not packed in installer executeables that contain internal checksums to verify that the executeable hasn't been tampered with...
Parent
Re:DRM Enabled (Score:5, Funny)
Parent
Re:DRM Enabled (Score:4, Insightful)
What they could do is use public key encryption to sign the hash of the BIOS, then the BIOS chip checks that this is a valid signature before it flashes the new code.
But, BIOS chips aren't massively secure (well, in fact, they aren't at all, being just an EEPROM) so this wouldn't be too hard to reverse engineer. Until they go to using a smart-card (or other security system designed in a similar way) to authenticate, it would be pretty easy to get around.
Parent
Uses for good? (Score:4, Interesting)
If so.. its probably a good thing. Just make sure you don't steal anything, and if you do, use a mate's PC
Re:Uses for good? (Score:4, Insightful)
Just like those people don't sign their work with their names, phone numbers and signatures, they won't use these motherboards.
Parent
Re:Uses for good? (Score:5, Insightful)
And don't try to say, "Well, they'll need a subpoena." See how well that worked with the RIAA.
Parent
Re:Uses for good? (Score:4, Interesting)
And leave that "mate" in a position to prove his own innocence after the police confiscate all his computer equipment? Gee, you must have been best of friends.
Parent
Will this not require an DRM aware OS? (Score:5, Interesting)
Re:Will this not require an DRM aware OS? (Score:4, Interesting)
Parent
Re:Will this not require an DRM aware OS? (Score:4, Interesting)
That is my thought as well. So what would be the point of DRM Bios that would cause the bootleg market of Windows 98 or Linux to skyrocket just to pirate stuff? Would not such a bios be designed to not boot up an OS unless it is DRM bios aware? If I was going to do this I would want that feature.
Parent
Re:Will this not require an DRM aware OS? (Score:5, Insightful)
I think you're missing the fact that in order to capitalize on the DRM feature in the BIOS, new applications have to be written. You would not be able to install(pirate) a DRM enhanced AutoCAD on a Windows98 PC. You'd need Windows 2010 or newer. Ditto for Linux. If Matlab for Linux is DRM enhanced, then it would require Linux w/ DRM as well.
Phoenix probably couldn't care less if you elect to install a DRM unaware OS. It's just one more feature in the BIOS that's going unused. But by including the feature, they're opening the door for others to build off of it.
Parent
Re:Will this not require an DRM aware OS? (Score:5, Informative)
Yes, I'm 100% positive. I used to be a BIOS developer and I have 10 years' experience in device drivers. The whole point behind a modern OS like Linux and Windows 2000/XP is to prevent apps from talking to any hardware resource (and memory and BIOS count as hardware resources) without the OS's permission. An app can't issue an interrupt, nor can it make a call into some fixed memory location in the BIOS. The CPU will just not allow these operations.
Parent
Re:Will this not require an DRM aware OS? (Score:4, Informative)
It's good to get a few words on this forum from the voice of experience. Thank you.
As a followup, this and other discussion by BIOS-knowledgeable people would seem to suggest that DRM in the BIOS is not necessarily evil. From the way the design of it was described, it does not appear to prevent you from booting any particular OS you want, but applications may insist on using DRM features.
I know that Linus Torvalds has said that he would accept DRM-aware code in Linux. He's not a fan of DRM (and neither am I), but he sees what the people behind the Phoenix BIOS sees, a marketing opportunity. Someone is going to want this feature, and if Linux does not implement it, it will be left out in the cold.
A DRM-aware Linux OS would not prevent you from installing and running free software. Free software would most likely simply not use the DRM features. Where the problem comes in would be writing free software to interact with, say, streaming audio/video sites. They may insist that the application talking to them be DRM-aware and enforce it by requiring the software to send the BIOS ID/key/whatever, which can be obtained only with a DRM-enabled kernel.
Someone feel free to correct me if any of my assumptions are wrong.
Parent
Re:Will this not require an DRM aware OS? (Score:4, Informative)
Parent
Why? (Score:5, Insightful)
If something like this sells, it just makes custom building of PCs more attractive IMO.
Re:Why? (Score:5, Insightful)
If you have a monopoly, you don't care about pissing off customers.
If you convince all of the other manufacturers to go along, then you have a collective monopoly, and don't care about jointly pissing customers off.
If you get legislation passed to make it mandatory, then all the other manufacturers have to go along, and...
Well, you get the idea. All they need to do is to make it universal, and it becomes irrelevant. If they can't accomplish that, then all they have to do is tie their DRM boards to some nifty new feature, that people want. This is how the screws get tightened down.
Parent
Re:Why? (Score:4, Insightful)
I'm sure they see it as all a matter of how they spin it. To home users, tout how $MARKETING_NAME_FOR_DRM Technology lets you "securely" watch movies, listen to music, download ebooks, and such. Once content-makers have final say over what goes on on your computer instead of you, new business models will emerge as companies try to use this to sell you stuff. This will be presented in terms of the services these business models make available rather than the loss of control required to implement them.
As far as business customers, you need only look as far as the recent article about Microsoft's spin on MS-Office DRM [slashdot.org] to hear how it will be presented as a new feature that lets companies disseminate documents while still controlling their spread and availablility, deciding when they expire, and so on.
I don't like DRM any more than most Slashdotters, but unless we can get a loud and articulate message out to the non-tech savvy people out there, it's definitely coming. To the masses, not having total, final control over everything your computer does (do they feel that they have that now?) is not a big loss to be able to use the new Acme internet movie rental service, or to send out your business document to people and not worry about them leaking it and spreading it to third parties.
Parent
Re:Why? (Score:5, Insightful)
We're talking a niche market here.
Some specialized software costs tens of thousands of dollars per seat. If this takes off, this software could require this DRM. Meaning that you must buy a PC which includes this scheme. Trust me, there will be software which requires this DRM and there will be PC makers which will provide the required hardware.
Parent
This IS scary. (Score:5, Interesting)
This option is most likely be available for a while. You will have the option to turn off the default enabled DRM system in your computer. As more and more people become comfortable (and ignorant) of the fact that DRM is enabled (and more and more companies start enforcing restrictions via the DRM'd BIOS) we will have less and less choice but to have it enabled.
This *IS* scary. DRM in Word is *NOT*. Just to clear that up.
What the Fsck!! (Score:5, Interesting)
An OEM will also have to decide whether or not to allow an end user to turn the DRM feature off, Eades said.
Since when does these schmucks start thinking that I as a consumer doesnt have the right to take apart, enable/disable features, and smash to smithreens whatever shit I buy from them?
Every other product or service that we are seeing these days for sale are increasingly tipping the balance in favor of the seller. Let buyer go to hell, be the new motto.
I can understand the importance of having digitally signed code and safe code, but tracking software across PC's sound a lot like 1984 than 2004.
Re:What the Fsck!! (Score:5, Insightful)
Since the US passed the DCMA.
Parent
Perhaps it's time to send Pheonix a message ... (Score:5, Informative)
And all of a sudden... (Score:4, Interesting)
Think about it: most PC enthusiasts around here build their own computers. However, now they will be faced with DRM at the motherboard layer. No matter of software liberation, from Linux to FreeBSD, will be able to cleanse motherboards of this impurity. Apple, on the other hand, has never incorporated any form of DRM into their basic system. Sure, there's iTunes music store, but its DRM is limited to the application level. I boycott iTunes because I care about the Right of First Sale, for example.
I know that it hurts to pay an additional $2,000 for the convenience of a computer company that respects your Freedom, but trust me: once you go Mac, you don't go black, Jack!
"Initial customer feedback ... (Score:5, Funny)
Oh, glorious day. I was so concerned that our new entertainment industry overlords would be displeased.
Well... (Score:5, Insightful)
Simple, don't buy em. (Score:5, Insightful)
Also don't think that your purchase won't make a difference. [utu.org]
Most obvious quote ever (Score:5, Funny)
If I was Jack or Hillary, I would have already gone through 3 pairs of underwear today.
(Note: not because of bowel control problems - that's reserved for Steve Jobs)
Contact them and tell them (Score:5, Informative)
investor_relations@phoenix.com
Bring on the incompatibility clusterfuck! (Score:5, Insightful)
this... is how we spend our technology (Score:5, Insightful)
We have remarkable technology at hand, capable of verifying the source and integrity of data transmissions, communications, financial records, all manner of irreplacable information. We're going to use it to keep people from listening to music. Irrespective of copyright and how poor and hungry Metallica and Dr Dre are right now... that's a totally different issue. We're going to use it to keep people from listening to music. I hope somebody's proud.
Time to start stocking- (Score:5, Interesting)
What concerns me, is the addition of DRM into, say, the next generation video cards. It's all well and good to "merely" have an Intel P4 3.0 Ghz, or Amd Athlon 3000+, but what happens when Doom3 or beyond comes out and a new video card is needed? What is said new card has DRM on it, and decides not to play any videos you happen to own?
In short, where do we draw the line? Corps have finally started to get wise on the old adage about a frog and boiling water, it's high time Joe Generic does as well.
Any site that lists DRM products? (Score:5, Interesting)
Crippled CDs
BIOS
motherboards
Hard Drives
Consumer Audio (Minidisk, MP3 players)
Music (Buymusic.com - I have a special grudge against these guys, see my journal.)Itunes (gotta be fair, eh?)
Video Players
ect. ect. (Don't forget MS!)
This would be an excellent way for others to be educated on the general poo that is DRM, and also give regular joes a list of stuff *NOT* to buy. Perhaps a forum reviews and on breaking/ circumventing/ turning DRM back upon its evil creators would be in order as well.
Sadly, the only way to vote and be heard is with $$$, these days.
DRM in hardware (Score:5, Insightful)
Any protection mechanism of this scope - designed to work on many kinds of media, on all kinds of hardware, and on a host of operating systems - is bound to be full of holes when it's first released. Even Microsoft's audio-processing filters can be used to strip out DRM (i.e., to transform a locked sound file into an unprotected stream.)
Since this is known, the only really sensible way to implement an encryption method like this is to engage in an arms race with hackers. Release a first version, let hackers rip it to shreds, then release DRM v2.0 with those holes patched. Lather, rinse, repeat. If your encryption system has a sound basis and you're patching it in a smart, sensible way, the hacks will have to get more and more creative. Soon users will have to go to great lengths to defeat the scheme - mod chips, soldering connections onto circuit boards - so you've essentially made it tight enough that casual users won't bother. You can then crack down on the big sources of hacked media (e.g., large file-sharers on Kazaa), and voila, your scheme is fine.
But here's the key: Inherent in this arms race is the ability of the protection scheme to evolve in a robust way to patch holes. You can't do that if you create a hardware platform. Every new generation of DRM will (a) have to be backwards-compatible, in which case it can be broken on hardware running the older (unsecured) version; or (b) not be backwards-compatible, in which case you're breaking all of the old hardware.
Practical example: Look at today's media players - Quicktime Player, WMP, RealPlayer, DivX player. When new encoding mechanisms are invented for them, users have to grab a new version of the player, or at least download new codecs, to interpret files encoded under the new scheme. The new media won't play on the new players. This is greatly annoying, but users put up with it because it's software and it's easy to update.
Hardware is no such thing. Every time you release DRM version x+1, users have to download new drivers for their video card, sound card, hard drive, and bus and flash-update the ROMs on each device. Forget it. Users aren't going to put up with having to update their hardware devices every six weeks.
So, be happy: embedding DRM in hardware ensures the grand defeat of the whole thing.
- David Stein
Question about benefit (Score:5, Insightful)
Buy a new PC - repurchase all your software (Score:5, Insightful)
Hollywood and RIAA:New American Corporate Soviet (Score:4, Informative)
: The New American Corporate Soviet
Loss of Control and Backdoors
Read Microsoft Aims for Protection--From Users [eweek.com]
NGSCB + RIAA = NSA + KGB + CIA. ( R -> K )
From the Transcript of Internet Caucus Panel Discussion. Re: Administration's new encryption policy. Rep. Curt Weldon's statement [techlawjournal.com]
Read all of Curt Weldon's statement [techlawjournal.com].Consider that as of 26 August 2003:, There are currently 22 unpatched vulnerabilities [pivx.com] in Microsoft's Internet Explorer - many of the serous vulnerabilities Microsoft has not provide a fix to patch the hole in years!
Attestation Monopoly
Microsoft's NGSCB model for DRM content management grants Microsoft effective root digital certificate control over both software and content. It would be a monopoly even stronger than Microsoft's existing desktop dominance. Just as with Microsoft's proprietary file formats and protocols, the network effect would result in any non-dominate player or vendor facing too great a barrier to provide effective monopoly negating free-market competition.
Loss of Fair Use Rights and doctrine of First Sale
Microsoft's NGSCB DRM model also grants content providers far too much restrictive power. For example, in the USA and in most of the world, you are legally allowed to tape broadcast content for later replay ( timeshifting ), gathering evidence for making a complaint, or legitmate research. The DRM model can be used by content providers to circumvent these legal rights. Also if Microsoft or the Codec developer drops support for a format or even a particular digital key, all that content "protected" by that methord or key becomes unreadable.
The DRM model circumvents the Doctrine of First Sale, by side shifting content from being "goods" into a so-called service. When I purchase a DVD, I own that particular physical instance of that DVD and the right to view the content on it. I expect to be able to play that DVD in any DVD player I choose to, including the DVD drive in my Linux system. Also when I have finished viewing that DVD, I expect to be able to pass or even resell that DVD to any party I choose. I might even give that DVD to my local library, and I am legally entitled to do so. As DMCA protected CSS DVDs already limits what you can do with a DVD, Microsoft's plans f
My Boycott list grows... (Score:5, Insightful)
Earth to dickheads: Your main customer is supposed to be motherboard manufacturers, and then ( indirectly ) computer users. Since when is the entertainment industry a customer?
Oh wait. I suppose if you count those brown paper bags that Sony and Disney have been sending...
Re:That's fine by me... (Score:4, Interesting)
Parent
Re:That's fine by me... (Score:5, Insightful)
That's why opposition must be raised now.
Parent
Re:That's fine by me... (Score:4, Insightful)
Nice theory but since profit margins on PC hardware is razor thin the manufactures are looking for anything to give them an edge. If DRM in the BIOS becomes common then there will be motherboards made, most likley in places like Korea, that do not have this "feature".
Parent
Re:That's fine by me... (Score:5, Informative)
The OpenBios [openbios.org] project has been in the works for a while now.
Parent
Re:That's fine by me... (Score:5, Insightful)
Well, DRM and open-source technology aren't mutually exclusive. Indeed, any protection of this scope (e.g., relying on a flawless interaction between the CPU, the hardware devices and drivers, and the OS) really should be so securely implemented that publishing the details doesn't weaken it - i.e., "obscurity isn't security."
(Whether or not this level of coordination is achievable is an interesting point to consider. The fact that Microsoft's implementation of DRM is breakable by a routine, authorized use of their DirectX processing-filter functions is striking.)
- David Stein
Parent
Re:That's fine by me... (Score:5, Insightful)
But thats not going to happen. There is no government agency that can legislate "only signed OS's can use the internet". There are no hardware manufacturers willing to piss away billions of dollars in revenue so the entertainment industry can make a paltry couple of extra million.
I don't do the conspiracy thing. This technology seems directly targetted at the office workstations of the world, and is a feature that PC's have been sorely lacking for much too long.
Parent
Re:That's fine by me... (Score:5, Insightful)
You're vastly underestimating the momentum behind this thing.
You know the *AAs' current actions? Suing Napster, cracking down on Kazaa users, non-rippable audio CDs? Why do we think they're foolish? That's right, because they're a whole lot of effort for not much copyright enforcement.
The *AAs know this, too. These are really just treading-water exercises - making an attempt to squelch the big offenders, and plant the idea in peoples' minds that piracy = theft. It's all they can do, and everyone knows it.
Their long-term strategy has to focus on making media completely non-rippable. Digital encryption will be how digital media is distributed in the future. By digital media, I mean all digital media that big corporations want to protect - music, movies, streamed video (i.e., all TV shows), electronic texts, you name it. It's the big gun that media producers intend to wield in the future.
This isn't conspiracy-theory stuff. It's sound business sense. Just look at the trends and listen to the *AAs talk about the future of distribution - it's obvious.
- David Stein
Parent
Re:That's fine by me... (Score:4, Informative)
Parent