Is this something we (as consumers of FreeBSD) need to be aware of?

[Damien Fleuriot]

On 6/7/12 3:43 PM, Nomen Nescio wrote:
>>> But my point is that MS doesn't issue the updates, they have to ask the
>>> BIOS vendors to do so, and then the MB vendors have to take the update,
>>> and then the users have to install the update. The incentive at each
>>> level is generally very small. It does create some confusion, but is
>>> hardly an enforcement mechanism. It would disable older versions of
>>> FreeBSD on newer hardware, but not much else.
> 
> This can be automated. Many mobo manufacturers have software that searches
> for new BIOS and flashes it "for" you. All they have to do is get on board
> and make this automatic like Windows Updates. Don't think they haven't
> thought this far ahead. I believe some offer this now.
> 
>>> A previous poster has pointed out that MS can't revoke a certificate
>>> belonging to RH, but I suppose the could ask the BIOS vendors to treat
>>> it as revoked. I don't know what the response would be.
> 
> MS and Intel are running this. If Verisign is just a trusted 3rd party
> (without administrative duties) they can well defer to the Microshaft Mafia
> and do as they're told. It wouldn't be the first time. For example, did
> everybody already forget the Microshaft Mafias' initiation of the FBI server
> raids on the botnet? Many innocent companies and peoples hosting got screwed
> during this takeover. But it was all in the name of "justice". If we can get
> a few Russian hackers then it's well worth damaging your business and
> property. We're from Microshaft Mafia and the FBI and we're here to help.
> 
>> This is akin to, for example, Sony's race against Homebrewers on the
>> good ol' PSP.
>>
>> When hackers found a hardware flaw that enabled them to install custom
>> firmware, Sony had to release new versions of the consoles with fixed
>> hardware.
>>
>> The old ones were still exploitable but the new ones weren't.
> 
> That is a little different, possibly. For one thing, Sony detected whether
> you had the updates they wanted you to install and if you don't have them
> installed you can't play on their PlayStation network. For 99.99% of
> PlayStation users this is the whole point of buying their console. So if you
> don't upgrade all you have is a box for playing local games which most
> people don't seem to want to do. 
> 


Totally off-topic, but I actually used mine to run gameboy and gameboy
advance emulators ^^'



> All the Intel and Microshaft Mafia have to do is a similar thing, and make
> your PC or Windows stop working unless you install their updates, or tell
> the FBI your PC is possibly "infected" and part of a Russian botnet etc. and
> you won't be allowed on the internet until you upgrade your system to a safe
> level to avoid these horrible threats. This idea was floated publicly even
> unrelated to so-called "secure boot".
> 

I refer you to the years old threads about Palladium and the TCPA that
Microsoft dreamed back in the days.



> Windows activation can check the firmware level and Intel's management BIOS
> is connected to the net even when your new PC is shut off (as long as it is
> plugged in). If you go along with this they can do whatever you want. You're
> submitting to true remote management/control over YOUR hardware and life.
> 

Well, I don't know about that... how do you suggest the BIOS gets its IP ?
The 8-STABLE box that acts as my router is not going to serve one over
DHCP or BOOTP any time soon.

As for sniffing the network to guess the router + DNS servers, that one
might be a bit far-fetched.



> This is the beginning of a lot of bad Big Brother stuff and if people accept
> it now they get what they deserve tomorrow.
> 
> Say "NO" to the Intel/Microshaft Mafia. Say "NO" to "Secure" boot.
> 
> Run MIPS and Alpha hardware if you have to, just DUMP INTEL AND THE
> MICROSHAFT MAFIA.

Seriously you need to stop with the "wintel", "microshaft", "mafia" and
all the stuff.

We get it, you don't like them.

However, there are literally thousands of people reading this list and
just because they do not share your ideals doesn't necessarily make them
advocates of this so-called "mafia", or blind sheep.




Finally, I can't come up with a scenario where my CEO is going to okay
alpha boxes for our regular web servers and such.
Our x86 servers run just fine and are roughly 12.000% cheaper.

"We need to distance ourselves from Intel, apparently they run their
business like darned brigands" is not going to cut it.


Things aren't that easy in a corporate world, you get a volume contract
with a supplier, Dell for example, and purchase your hardware from them.

I can hardly see Dell shipping x86 servers with locked-in Windows
installs, that just won't do for their business.
I have to admit I'd love to see it though, I've always wanted us to try
Cisco or IBM's blade servers in lieu of Dell's.