"Big Brother" doesn't trust you!!!

**RE Dude** · 12-09-2003, 12:08 AM

This is probably old news to some, but I was alarmed to learn information regarding a collaboration between Microsoft & Phoenix Technologies to integrate Windows (to the exclusion of other OS products) more closely into the next-generation BIOS, known as Core System Software (CSS). Their "TrustedCore" firmware utilizes cryptographic keys to identify the machine AND user. Also, forget about using any legacy systems or today's PCs. They simply won't be permitted to logon to those servers running CSS. You are either "trusted" or you're not.

The implications of this new BIOS or CSS are more than a little scary. A friend and I have recently compiled a short list of the possibilities mentioned in various articles, if this thing goes through as planned. They are as follows:

- Current PC architecture, as we know it, will go away in one to two years.

- Its replacement will have the same level of functionality as a smart toaster, XBox or WebTV - virtually useless without proprietary software.

- You will not be able to run Non-Microsoft OS products, such as Linux, OpenBSD, and other operating systems, on the new hardware.

- You will probably not be able to run anything other than MS application-ware on it as well.

- Microsoft and the other members of the Trusted Computing Platform Alliance (TCPA) will have final say over the operation and content of your PC. In a nutshell: You (the end-user) cannot and will not be "trusted", as far as content of your (legacy) PC is concerned.

- You will not be able to connect through a "trusted" switch (such as the new Cisco line), without meeting a minimum level of "system trust". Forget the Net, unless you're running one of these new wonder boxes. Legacy systems need not apply.

- Microsoft is incorporating new file-searching technology into future OS products which will allow you to organize your drive's contents more efficiently. It also "phones home" to MS with a report about your system's contents.

- Attempts to circumvent any of the above will find you in violation of the Digital Millenium Copyright Act (DMCA) and subject to a hefty fine, federal prison time, or both.

Several articles regarding this subject can be found at the following links:

http://www.betanews.com/article.php3?sid=1069920675
http://www.againsttcpa.com/
http://zdnet.com.com/2100-1104_2-5111993.html
http://news.zdnet.co.uk/0,39020330,39116902,00.htm
http://deviceforge.com/news/NS6888038345.html

If those articles weren't convincing, there are so many others to verify what I'm saying. Just do a Google search for: TCPA, CSS, BIOS, Phoenix, Linux, Microsoft, TrustedCore NB, etc.

Having recently converted to Linux (via Knoppix) from Microsoft, I was alarmed to learn of the implications put forth by the Trusted Computing Platform Alliance (TCPA) - a consortium (headed by Microsoft) pushing for this technology. I like Linux, and I don't like the idea of someone else telling me whether I can logon to my ISP or visit a some website. I've never considered myself "Anti-Microsoft", but I'm liking them less and less these days.

Essentially, Microsoft would do an "end run" around its competitors. Never mind efficient, open source software, or the fact that Microsoft MUST develop better software as a result of competition from Linux. They won't have to, now that hardware (the new BIOS / CSS) has become the new gatekeeper.

Remember folks, the Non-MS OS (Linux, OpenBSD, etc.) will NOT boot if the CSS doesn't detect appropriate MS software. This is a close collaboration between Phoenix Technologies and Microsoft to the exclusion of everyone else.

Please respond to this post and other web articles on the subject. I would love to know what others, more technologically savvy, think of this.

Happy Holidays everyone!

**j.drake** · 12-09-2003, 04:05 PM

I can see how this could be really good news for sysadmins, and it would be very attractive for corporate environments. If you're running a small business, the last thing you need is for MS or SBA or RIAA to come in and bust your chops for violating DMCA or copyright law because some $7/hour punk script-kiddie wannabe has been using your network to go to KaZAA and warez sites. They can put you out of business in a hurry, and then issue press releases as warnings to others. I'd sure want that capability at my company if it were available. Plus, I'm pretty sure that it would eliminate a lot of support calls, which could otherwise result from some secretary's cute little BonziBuddy sucking up all of her RAM.

OTOH, as an individual/hobbyist, all I have to do is not buy that technology. There will be unencumbered alternatives for as long as there are custumers to buy them. Worst case scenario would be that the stuff they sell at BestBuy, CompUSA, etc. will have the new BIOS, and folks like us will either have to build our own or go to less mainstream outlets to avoid it, which is pretty much what we typically do anyway.

**RE Dude** · 12-09-2003, 08:46 PM

j.drake,

Thanks for your input. While I agree with what you said in the first 2/3 of your post, it is the latter portion of your post that drives to the heart of my concerns. Suppose companies install this new BIOS (CSS), and those same companies have a web presence, then individuals seeking to do legitimate business with them via e-mail, e-commerce, etc. would automatically become an unsecure source or NOT "trusted", simply because of their legacy hardware - older BIOS or even Non-Microsoft OS.

You're right. The script kiddies can be a problem, but my concern is for those people who choose not to embrace this MS-driven initiative. Now, if Phoenix Technologies were to collaborate with everyone (MS, Apple, Linux, BSD, etc.), then there wouldn't be a problem. As stated in the original post, Microsoft is doing an "end-run" around its competitors with this changeup in hardware. The hardware will soon determine if you are "trusted" or not. The hardware will become the gatekeeper.

Another example might include that of one family member using the new Core System Software and another family member using older BIOS. The family member wishing to correspond (using BIOS) with the family member using CSS won't be able to. Either that person will be rejected once mail arrives at the newer PC, or might even be rejected altogether by their own ISP server or the family member's ISP server. E-mail may not even make it to the other machine.

I just don't like the idea of being "herded" in a particular direction without alternatives. Again, I agree with your assessment regarding system adminstration, but this goes far beyond that, into virtually every niche of computing society.

**activeco** · 12-14-2003, 03:54 PM

Originally Posted by RE Dude

Suppose companies install this new BIOS (CSS), and those same companies have a web presence, then individuals seeking to do legitimate business with them via e-mail, e-commerce, etc. would automatically become an unsecure source or NOT "trusted", simply because of their legacy hardware - older BIOS or even Non-Microsoft OS.

So let it be.
At least in my case, they will loose a customer or a business relationship.
I don't think they will need anything from me, so I can't loose a lot. I only hope the alternatives will grip their chance.

**RE Dude** · 12-14-2003, 10:17 PM

You're right. I, too, would simply stop doing business with those companies using CSS, but like I said, what happens when most (if not all) ISPs begin using CSS? Granted, it seems far fetched, but you could find yourself without a means of connecting to the Internet - even if choosing to personally use legacy hardware.

You know, as an after-thought, it might be beneficial for someone to begin offering Non-CSS services. Anyway, thanks for your comments. They're most appreciated.

**Cuddles** · 12-15-2003, 03:44 PM

RE Dude,

1st -=- This whole CSS thing can be summed up into two issues, both of which, M$ has not been able to do, and even before that, "Big Blue" couldn't do it either.

First -=- Big Blue tried to release a BIOS chip that had BASIC on the chip, and any true-blue machine had to have this chip to run IBM's Basic. It failed. Phoenix Technologies released a version of Basic that ran on ANY chip. Thus began the heralding of the "IBM Clone's".

Second -=- M$ has tried, as hard as they might, to twart any attempts of getting at the monolopy they already have in the OS, Development, Internet Browser, Memory Manager, Compression Agent, Mice, Keyboards, and Office Software. To no avail, I might add. Netscape is still around, people develope with other products than just VB/VC/VC++, etc..., and Knoppix/Linux/Unix/Debian are examples of anti-monopoly OS's on the market, and I am sure Logitech is laughing all the way to the bank on the monopoly idea of Keyboards and Mice.

I would say that if M$ and Phoenix get in bed together on a "specialized" chip, someone will take advantage of making something that allows a good share of the machines that don't follow them to run fine and dandy. In fact, this whole technology may end up like the IBM/Apple get-together OS. Haven't heard anything about that one for years now. I think it was going to be called "Pink" or something.

M$ has tried to "swallow" anything that attacks it, or has the ability to over-take its share of a specific market - and they seem to fail on the attempt. M$ used to be "something" to be feared, like "OMG! MS is coming!" It has become so lack-luster now. MS may have lots of money, and have good shares in lots of markets, but they fail to see the "Big Picture."

Which is, as long as their is a will, their is a way. Someone will always see a "better" way to do something. As in the case of IBM, M$, Knoppix, Linux, Unix, Debian, AppleOS, etc... The market is getting flooded now with tons of options, and people have a "choice". Many follow blindly, like: "The Jones' have a new computer with M$ Win[fill in the version], we have to get one like them." -=- But, though a select few, or these many, care to get enlightened on the subject, and make choices on the findings.

I think Knoppix, Linux, Unix, and Debian will be around for many years. Even if this "combined forces alliance" comes true. If an amount of people are still using K/L/U/D OS' at the time of this CSS coming into reality, I am sure someone will make a way for that mass to still function as if the CSS didn't exist. IMHO

My thoughts,
Cuddles

**RE Dude** · 12-15-2003, 10:53 PM

Cuddles,

That was a great post!!! I was unaware of the historical precedents that have taken place. Furthermore, it was encouraging to learn that MS and others have failed so miserably in times past to exclude non-proprietary software via hardware methods. I suppose the question becomes: "When will they ever learn that it's not going to work?"

By the way, with regard to MS as "something to be feared", the "OMG! MS is coming!" quote was hilarious. I think I cracked a rib while laughing.

Thanks for your input.