http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

On 03/23/2015 01:51 PM, Kirk Bubul wrote:
> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>



Thanks for providing some very good info!

Kirk Bubul wrote:
> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>

The answer to his last question is "they can't help themselves".

--
A

Kirk Bubul wrote:

> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61

Microsoft requires UEFI so they can insert their product key to lock
that machine to run only Windows 10. Since I may want to multi-boot to
older versions of Windows (to which I have legitimate licenses that are
not fettered by being base versions to later upgrades) or to Linux
variants then I won't want Windows 10 in the mix.

The UEFI requirement also means I couldn't even use Windows 10 if I
wanted to until my next new build which is still probably a few years
away and long past Microsoft's "free" upgrade offer.

So the free update will be via Windows Update site, huh? Hmm, that
means for a clean Windows 10 that I'll have to save a backup, wipe the
OS partition(s) on my disk, install a clean Windows 7, and then use WU
to update to have a clean Windows 10. I detest polluted upgrades. If a
disk dies, I'll have to do that anyway (or restore from image backups)
to get Windows 10 back on my computer. The free offer is via the WU
site which means Windows 7/8 already has to be installed to be visiting
the WU site to get the Windows 10 upgrade download. So what happens
after the 1-year free upgrade expires and then my disk dies (and if I
was like most users that don't do backups)?

"The consumer free upgrade offer for Windows 10 applies to qualified
new and existing devices running Windows 7, Windows 8.1 and Windows
Phone 8.1."

"new and existing devices" is stupid. What other types of devices are
there? Just say "devices". It's just words to add verbiage.

"Some editions are excluded from the consumer free upgrade - including
Windows 7 Enterprise, Windows 8/8.1 Enterprise, and Windows RT/RT 8.1."

Yep, Microsoft doesn't want to lose their volume licensing revenue which
typically means the support contracts, too. So the free upgrade is
really targeting single-user [home] consumers, a much smaller dent in
their total user base, and not for business users.

Bott also figures "consumer" means the Home edition of Windows. Yuck.
I've had only one Home edition of Windows at home and many times got
snagged by features missing in it compared to the Pro version, like the
policy editors (local and groups), EFS, 16GB max RAM instead of 192GB,
Presentation support, software restriction policies (SRPs) that let me
block a program from ever loading (handy for apps that are rude in
reestablishing their startup program when they run), no domain joining
(so forget toting my laptop to work unless I go out to come back in but
into the corporate network's safe zone which means many resources are
unavailable), and probably more Pro-only features than I've tried. No
more crippled Home editions on my desktop.

I like how Bott noticed how the free upgrade to Windows 10 will still
leave that installation a pirated copy. That means all those updates
from the WU site that were refused due to an invalid license will still
get rejected after the free upgrade to Windows 10. They'll let you
upgrade to Windows 10 from a pirate copy of Windows 7/8 but you still
don't get a legitimate license with that upgrade.

As with luring most of their users to upgrade to the newest version of
Internet Explorer by including it in a list of updates from the WU site,
they'll use the same trick of offering the free update to Windows 10
from the WU site. So users NOT wanting to upgrade will have to be wary
and watchful of what updates Microsoft tries to push via WU.

Microsoft, as well as any commercial vendor, envies the subscription
model that anti-virus vendors have long enjoyed. Microsoft has tested
subscriptionware, like Office 365, and it looks like that is their
intended direction. When the free 1-year upgrade offer expires, my bet
is that it provides an interim during which Microsoft can tweak a
subscription model for Windows. Whether you upgraded free or got it
later at an initial full price, thereafter it'll be $69.99/yr to renew
your subscription to Windows. I fear that eventually you no longer can
disable automatic updates; i.e., auto-updates will be enabled for
"download and install" and you can't set to "notify only".

"Slowly I turned. Step by step, step by step, I crept upon him."
https://www.youtube.com/watch?v=nr6VBg1SiYI (a bit out of sync)
https://www.youtube.com/watch?v=N59pcYWsuSQ
http://en.wikipedia.org/wiki/Slowly_I_Turned

Kirk Bubul wrote on 3/23/2015 2:51 PM:
> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>
The OEM question is a good one. I have an OEM software I bought and it's legit/legal and passes the Genuine
validation. Hmmm This will be fun if nothing else.

On 24/03/2015 4:51 AM, Kirk Bubul wrote:
> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>
QUESTION

If the update to win 10 is free and is done via Windows Updates, and my
computer is set to automatic updates -- do I get updated from win 7 to
win 10 whether I want it or not?????????

I am going to set all my computers to manual updates until I know the
answers.


--
~~~~~~~~~~~~
Maurice Helwig
~~~~~~~~~~~~

On 03/23/2015 06:00 PM, Maurice Helwig wrote:
> On 24/03/2015 4:51 AM, Kirk Bubul wrote:
>> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>>
>>
> QUESTION
>
> If the update to win 10 is free and is done via Windows Updates, and my
> computer is set to automatic updates -- do I get updated from win 7 to
> win 10 whether I want it or not?????????
>
> I am going to set all my computers to manual updates until I know the
> answers.
>
>



Not likely it would just happen automatically.

Until Win10 is released...everything that's been talked about here is
still just speculation. Things can (and will) change.



That said: I prefer the idea of manual updates. Nothing worse than
having them happen when you are in the middle of doing something.

On 03/23/2015 03:50 PM, VanguardLH wrote:
> Microsoft requires UEFI so they can insert their product key to lock
> that machine to run only Windows 10.

Just out of curiosity, do UEFI motherboards have a discharge
berg to reset the whole mess?

T wrote:

> Just out of curiosity, do UEFI motherboards have a discharge berg to
> reset the whole mess?

I don't have any UEFI motherboard so I haven't personally experienced
[the nuisance of] using them. I'm assuming your "discharge berg" means
the header on the mobo used to reset the CMOS. UEFI replaces BIOS.
BIOS settings are read from the copy put into the CMOS table (which
requires a battery when the PC has no power source to retain the
settings in CMOS), not directly from the EEPROM(s) holding the BIOS
firmware.

You are not raising voltage on the EEPROM chips containing the BIOS or
UEFI firmware to, say, burn in a password when you enable it in BIOS.
You are updating the CMOS copy of the BIOS settings. Modifications you
make in BIOS are not replicated back in the EEPROMS (well, there may be
some mobos that let you burn the current CMOS setup back in the BIOS
EEPROMs but I haven't used them). The settings used are from the CMOS
copy. Flashing (burning) the EEPROM(s) is a hazardous action and why
they have users modifying a copy in the CMOS table (so screwups or
corruption can be corrected by re-copying the static BIOS settings).

http://dlcdnet.asus.com/pub/ASUS/mb/LGA1155/SABERTOOTH_P67/E6150_Sabertooth_P67.zip

That's a manual for an Asus Sabertooth P67 mobo and it has UEFI. Page
2-12, section 2.2.5, describes the reset jumper for CMOS.

UEFI is shorthand for UEFI BIOS to differentiate it from old or MBR
oriented BIOS. It's still a BIOS. UEFI is firmware code. [Old] BIOS
is firmware code. You don't modify the firmware. You modify a copy of
it in CMOS.

http://dlcdnet.asus.com/pub/ASUS/mb/LGA1150/MAXIMUS-VII-HERO/E9192_Maximus_Vii_Hero.pdf

Section 1.2.6, page 1-29. That UEFI mobo has a button called CLR_CMOS
you press (instead of digging around for a jumper to put across a couple
header pins on the mobo).

CMOS doesn't disappear just because the BIOS firmware changed in the
EEPROM chip(s). [Old MBR] BIOS and UEFI [BIOS] are firmware. There
might be updates to firmware over time but most times the old firmware
works just fine and users that flash to newer firmware have been well
trained in the mantra "newer is better" when, in reality it's "newer is
different". New code: might fix old bugs, may add new bugs.

I don't see any mobo maker wanting its users to casually flash (burn)
the firmware every time the user wants to tweak a setting in UEFI/BIOS.
They let you putz around with the CMOS copy and keep the firmware copy
safe to replace the CMOS copy when you or something screws up the CMOS
copy. How many times have you flashed your BIOS versus how many times
you altered the BIOS settings copied into CMOS (i.e., the "BIOS" screens
when you boot)?

philo wrote:
> On 03/23/2015 06:00 PM, Maurice Helwig wrote:
>> On 24/03/2015 4:51 AM, Kirk Bubul wrote:
>>> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>>>
>>>
>>>
>> QUESTION
>>
>> If the update to win 10 is free and is done via Windows Updates, and my
>> computer is set to automatic updates -- do I get updated from win 7 to
>> win 10 whether I want it or not?????????
>>
>> I am going to set all my computers to manual updates until I know the
>> answers.
>>
>>
>
>
>
> Not likely it would just happen automatically.
>
> Until Win10 is released...everything that's been talked about here is
> still just speculation. Things can (and will) change.
>
>
>
> That said: I prefer the idea of manual updates. Nothing worse than
> having them happen when you are in the middle of doing something.

I also prefer manual but in the latest win 10 10041 there is no option
to disable auto update. Win 10 is also going to eliminate the control
panel. My opinion is that microsoft is going to try to lock down
everybody that uses or upgrades to win 10.I installed win 10 with an
iso.I also had ueif disabled and it installed.On 1 of my drives I had
win 8.1 + win7 dual booting.On the other drive I had Mint linux 17.1
cinnamon running.I installed win 10 to another unused drive.I only ran
win 10 for a day and removed it.I hate it. When I went to boot my other
windows 8.1 it would not boot.It would only boot the old win 10 drive no
matter which one I set in the bios. So I used the windows 8 disk to
repair the MBR and could then boot win 8+7.I then used the live cd and
was able to reinstall grub so I could boot linux.The one drive that I
didn't use was marked read only I assume by win 10,so I had to fix this
also. Buy the way this is my test machine so I pretty much don't worry
about hosing it. I have installed every preview of win 10 so far and
this was the 1st one to act this bad.I will never say that I will not
use win 10 but it going to have to prove me wrong about the lockdown and
I will only install it if I have a disk iso or whatever.I will not be
doing any over the air auto update to recieve the win 10 upgrade.

On 03/23/2015 05:29 PM, VanguardLH wrote:
> T wrote:
>
>> Just out of curiosity, do UEFI motherboards have a discharge berg to
>> reset the whole mess?
>
> I don't have any UEFI motherboard so I haven't personally experienced
> [the nuisance of] using them. I'm assuming your "discharge berg" means
> the header on the mobo used to reset the CMOS. UEFI replaces BIOS.
> BIOS settings are read from the copy put into the CMOS table (which
> requires a battery when the PC has no power source to retain the
> settings in CMOS), not directly from the EEPROM(s) holding the BIOS
> firmware.
>
> You are not raising voltage on the EEPROM chips containing the BIOS or
> UEFI firmware to, say, burn in a password when you enable it in BIOS.
> You are updating the CMOS copy of the BIOS settings. Modifications you
> make in BIOS are not replicated back in the EEPROMS (well, there may be
> some mobos that let you burn the current CMOS setup back in the BIOS
> EEPROMs but I haven't used them). The settings used are from the CMOS
> copy. Flashing (burning) the EEPROM(s) is a hazardous action and why
> they have users modifying a copy in the CMOS table (so screwups or
> corruption can be corrected by re-copying the static BIOS settings).
>
> http://dlcdnet.asus.com/pub/ASUS/mb/LGA1155/SABERTOOTH_P67/E6150_Sabertooth_P67.zip
>
> That's a manual for an Asus Sabertooth P67 mobo and it has UEFI. Page
> 2-12, section 2.2.5, describes the reset jumper for CMOS.
>
> UEFI is shorthand for UEFI BIOS to differentiate it from old or MBR
> oriented BIOS. It's still a BIOS. UEFI is firmware code. [Old] BIOS
> is firmware code. You don't modify the firmware. You modify a copy of
> it in CMOS.
>
> http://dlcdnet.asus.com/pub/ASUS/mb/LGA1150/MAXIMUS-VII-HERO/E9192_Maximus_Vii_Hero.pdf
>
> Section 1.2.6, page 1-29. That UEFI mobo has a button called CLR_CMOS
> you press (instead of digging around for a jumper to put across a couple
> header pins on the mobo).
>
> CMOS doesn't disappear just because the BIOS firmware changed in the
> EEPROM chip(s). [Old MBR] BIOS and UEFI [BIOS] are firmware. There
> might be updates to firmware over time but most times the old firmware
> works just fine and users that flash to newer firmware have been well
> trained in the mantra "newer is better" when, in reality it's "newer is
> different". New code: might fix old bugs, may add new bugs.
>
> I don't see any mobo maker wanting its users to casually flash (burn)
> the firmware every time the user wants to tweak a setting in UEFI/BIOS.
> They let you putz around with the CMOS copy and keep the firmware copy
> safe to replace the CMOS copy when you or something screws up the CMOS
> copy. How many times have you flashed your BIOS versus how many times
> you altered the BIOS settings copied into CMOS (i.e., the "BIOS" screens
> when you boot)?
>

Thank you! Wonderful write up.

VanguardLH wrote:
> T wrote:
>
>> Just out of curiosity, do UEFI motherboards have a discharge berg to
>> reset the whole mess?
>
> I don't have any UEFI motherboard so I haven't personally experienced
> [the nuisance of] using them. I'm assuming your "discharge berg" means
> the header on the mobo used to reset the CMOS. UEFI replaces BIOS.
> BIOS settings are read from the copy put into the CMOS table (which
> requires a battery when the PC has no power source to retain the
> settings in CMOS), not directly from the EEPROM(s) holding the BIOS
> firmware.
>

I'm not sure about storage options for UEFI systems.

The BIOS has *always* had the ability to flash the EEPROM chip.
On at least one brand of BIOS (Award or AMI), there is a
subroutine that knows how to flash EEPROM segments.

The area that a legacy BIOS updates, is DMI/ESCD. Any time the
CPU changes, more RAM is added, DMI is updated, the EEPROM segment
is burned. And this is one reason why, if you "upgrade" a BIOS,
pull the EEPROM chip out of the socket and put it in a lab
programmer later, the checksum won't match your original file.
It's because after the first boot, the DMI has been edited by
the BIOS and the whole image is no longer the same. I've tested
this, and right after a BIOS upgrade, my checksum was no longer
the same. And the DMI does it. Only a portion of the BIOS
image is "non-volatile", and only that area should be checksummed.

*******

As for the statements about BIOS passwords, there are two implementations.

On a desktop, typically two locations in CMOS RAM hold the password string.
On those, using the CLR_CMOS header, clears the password. So those are
easy to fix.

On "business" laptops, a 2KB EEPROM located near the Sourhbridge holds
the password. The tech support info says to ship the laptop back
to the factory, to have a forgotten password cleared. A dude in
Romania, charges $50 for a package (plus clip-on hardware connections),
to clear the EEPROM. It's not clear whether any special pattern has to be
stored in that chip, for the laptop to operate correctly. So those
don't have the easy option of a CMOS jumper. You're kinda screwed,
if helping a customer who owns such a laptop.

*******

The UEFI could be re-writing major portions
of the BIOS, and we'd never know it. Since UEFI
has a file system, and appears to have all sorts of
whizzy update options, I will not be surprised to
hear about it eventually getting trashed (somehow).
UEFI has all the earmarks of being an eventual
disaster (malware). It's just a matter of time until
someone figures out a way to brick it.

I've already read one posting, where someone managed to
disable BIOS access on a UEFI system, via a setting
in Windows. And there didn't appear to be any way to
reverse the operation. So UEFI is smelling liks
a disaster waiting to happen. About as safe as a
chocolate teapot.

Paul

On Tue, 24 Mar 2015 09:00:47 +1000, Maurice Helwig
> wrote:

>If the update to win 10 is free and is done via Windows Updates, and my
>computer is set to automatic updates -- do I get updated from win 7 to
>win 10 whether I want it or not?????????

It'll be a global disaster if that does happen. I don't think that's
an exaggeration either - imagine hundreds of millions of computers all
over the world suddenly unusable for several hours (or perhaps days
for those on dial-up) while they "upgrade" themselves and then display
a new system their users don't understand. And that'll just be the
ones where the upgrade itself goes without a hitch.

Rod.

On Tue, 24 Mar 2015 09:00:47 +1000, Maurice Helwig
> wrote:

>On 24/03/2015 4:51 AM, Kirk Bubul wrote:
>> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>>
>QUESTION
>
>If the update to win 10 is free and is done via Windows Updates, and my
>computer is set to automatic updates -- do I get updated from win 7 to
>win 10 whether I want it or not?????????
>
>I am going to set all my computers to manual updates until I know the
>answers.

http://dilbert.com/strip/2015-03-24

Rod.

Big_Al wrote:

> Kirk Bubul wrote on 3/23/2015 2:51 PM:
>> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>>
> The OEM question is a good one. I have an OEM software I bought and it's
> legit/legal and passes the Genuine
> validation. Hmmm This will be fun if nothing else.

go here for a windows 8.1 iso
http://windows.microsoft.com/en-GB/windows-8/create-reset-refresh-media

After i downloaded it and started to install, it said windows 8
but after the install i went to control panel and system and it said it was
windows 8.1 pro. i used my windows 8 pro cd-key to install.
I installed to virtualbox as i did not want to mess with my windows 8.1 pro
install.

i installed from fresh no upgrade. I downloaded windows 8.1 pro just to
prepare for what is coming. As i don't like what i am seeing. And i don't
like what i am reading on this news group.

I hope this helps others.

On 03/24/2015 02:11 AM, Roderick Stewart wrote:
> On Tue, 24 Mar 2015 09:00:47 +1000, Maurice Helwig
> > wrote:
>
>> On 24/03/2015 4:51 AM, Kirk Bubul wrote:
>>> http://www.zdnet.com/article/will-microsoft-piracy-obsession-create-a-windows-10-licensing-mess/?tag=nl.e539&s_cid=e539&ttag=e539&ftag=TRE17cfd61
>>>
>> QUESTION
>>
>> If the update to win 10 is free and is done via Windows Updates, and my
>> computer is set to automatic updates -- do I get updated from win 7 to
>> win 10 whether I want it or not?????????
>>
>> I am going to set all my computers to manual updates until I know the
>> answers.
>
> http://dilbert.com/strip/2015-03-24

Made me laugh!

>
> Rod.
>

Paul wrote:

> VanguardLH wrote:
>
>> T wrote:
>>
>>> Just out of curiosity, do UEFI motherboards have a discharge berg to
>>> reset the whole mess?
>>
>> I don't have any UEFI motherboard so I haven't personally experienced
>> [the nuisance of] using them. I'm assuming your "discharge berg" means
>> the header on the mobo used to reset the CMOS. UEFI replaces BIOS.
>> BIOS settings are read from the copy put into the CMOS table (which
>> requires a battery when the PC has no power source to retain the
>> settings in CMOS), not directly from the EEPROM(s) holding the BIOS
>> firmware.
>
> I'm not sure about storage options for UEFI systems.
>
> The BIOS has *always* had the ability to flash the EEPROM chip.
> On at least one brand of BIOS (Award or AMI), there is a
> subroutine that knows how to flash EEPROM segments.
>
> The area that a legacy BIOS updates, is DMI/ESCD. Any time the
> CPU changes, more RAM is added, DMI is updated, the EEPROM segment
> is burned. And this is one reason why, if you "upgrade" a BIOS,
> pull the EEPROM chip out of the socket and put it in a lab
> programmer later, the checksum won't match your original file.
> It's because after the first boot, the DMI has been edited by
> the BIOS and the whole image is no longer the same. I've tested
> this, and right after a BIOS upgrade, my checksum was no longer
> the same. And the DMI does it. Only a portion of the BIOS
> image is "non-volatile", and only that area should be checksummed.

After flashing the BIOS (burning in new firmware), I don't see why you
would expect it to have the same checksum as the other but obviously
different old firmware code. The checksum for old and new code should
be different.

> *******
>
> As for the statements about BIOS passwords, there are two implementations.
>
> On a desktop, typically two locations in CMOS RAM hold the password string.
> On those, using the CLR_CMOS header, clears the password. So those are
> easy to fix.
>
> On "business" laptops, a 2KB EEPROM located near the Sourhbridge holds
> the password. The tech support info says to ship the laptop back
> to the factory, to have a forgotten password cleared. A dude in
> Romania, charges $50 for a package (plus clip-on hardware connections),
> to clear the EEPROM. It's not clear whether any special pattern has to be
> stored in that chip, for the laptop to operate correctly. So those
> don't have the easy option of a CMOS jumper. You're kinda screwed,
> if helping a customer who owns such a laptop.

I only mentioned in passing that some computers can write into the BIOS.
Sometime awhile back I saw mobos that provided a backup of the BIOS. I
don't remember if those had a separate set of EEPROMS or if it was just
reserved space inside the same EEPROM. The option to save the backup
was in the BIOS settings so the BIOS was the one doing the burning.

Aren't the BIOS update program (when you flash in new firmware) also
using the BIOS to perform that function. It has been a long time since
I saw a debug of the flash update program but, as I recall, it called a
function in the BIOS to burn in the new firmware.

As for the business computer with the password stored in EEPROM, I
thought that was a function of TPM where that password was used to to
secure the hardware via a crypto key that has a unique RSA key for each
TPM chip. However, upon recollection, maybe there used to be a
different means of passwording a laptop because TPM wasn't established
until 2009 and I remember my workplace assigning me an IBM Thinkpad back
around 2006 plus it was already a year, or more old, and was an IBM
laptop and not one from Lenovo who started acquiring IBM's products back
in 2004, and that laptop that had password protection that couldn't be
simply erased by clearing the CMOS. It did have some extra hardware for
storing the password but it was a password that I could change (but I
needed to know the correct old password to change it). The IT admin
that doled it out to me wouldn't tell me the password and I understood
their viewpoint. It was sysprepped for my use to do work at home over a
VPN so they needed to manage the laptop. Other than changing some
policies pushed onto the laptop when logging into their domain (with
their permission), I really had no need to be changing anything else on
the laptop. It was their property, not mine.

I've seen articles saying to clear CMOS to reset all passwords for the
Thinkpad and others saying that will clear the passwords except for the
supervisor password, like
http://superuser.com/questions/284231/how-to-bypass-lenovo-thinkpad-power-on-password.
I never really go into how passwording was enforced on that old Thinkpad
that I used about a decade ago. I've never been stuck before or after
will having to use one of those "business" class laptops. On a laptop
that goes on trips, encrypting the files is sufficient data protection.
With the loss of the hardware, it's not my concern if the thief can
continue using the hardware, and I don't need to protect the apps since
the thief can get those from anywhere and doesn't need my computer to
get them.

> *******
>
> The UEFI could be re-writing major portions
> of the BIOS, and we'd never know it. Since UEFI
> has a file system, and appears to have all sorts of
> whizzy update options, I will not be surprised to
> hear about it eventually getting trashed (somehow).
> UEFI has all the earmarks of being an eventual
> disaster (malware). It's just a matter of time until
> someone figures out a way to brick it.
>
> I've already read one posting, where someone managed to
> disable BIOS access on a UEFI system, via a setting
> in Windows. And there didn't appear to be any way to
> reverse the operation. So UEFI is smelling liks
> a disaster waiting to happen. About as safe as a
> chocolate teapot.

But is the Windows setting writing to the UEFI BIOS EEPROM(s) or is it
writing to the CMOS table copy of the BIOS settings? Be interesting to
know what was said and if a CMOS reset was attempted (and failed).

As with drivers, the UEFI firmware has to be bitwidth matched to the OS.
A 64-bit UEFI can only load a 64-bit UEFI operating system's bootloader
or kernel. Well, that means once a user buys or builds a UEFI computer
that they are stuck with the same bitwidth for OS. The OS can switch
bitwidth processor mode (Linux 3.15, and later, can do this) but who
knows what Microsoft might or might not do. Could be you'll be stuck
with 64-bit Windows 10 if the UEFI is 64-bit. Oh what joy in [possibly]
limiting a user's choices at a later time. It'll be "You can't get
there from here" and "Too late to change". I haven't played with the
Windows 10 preview to have tested if a 32-bit version can be used with a
64-bit UEFI.

I haven't heard that UEFI has its own file system. It loads a boot
manager, just like the old BIOS did, but now has EFI binaries it can use
for driver, application, and boot code (to finally load the OS loader).
There are EFI boot services and EFI runtime services. EFI boot services
are only available while the firmware is in control of the hardware.
The OS can make use of the EFI runtime services but the ones I've seen
mentioned are date and time (same as with MBR BIOS) and NVRAM access
(isn't that the CMOS table copy of BIOS settings?). I don't see why
UEFI would need a file system versus the EFI API simply knowing the
binary offset to call a function in the EFI binaries.

As yet, I don't understand what are "UEFI applications" that run
standalone of any OS and can be installed independently of the mobo
maker. Maybe that's where the hackers will figure out how to pwn a
system. The OS loaders are (can be) a class of UEFI Applications.
http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#UEFI_shell
is the part that sounds a probably target for malware.

From issues (bugs) reported with differing implementations of UEFI, it
doesn't look like anything that I want. What Microsoft wants doesn't
mean it's good for me. The deficiences of MBR BIOS and its cures does
not entail having to supplant it with the spaghetti mess of UEFI.

Guess I'll have to start reading up on the vulnerabilities of UEFI, like
http://www.bing.com/search?q=hacking uefi. Or maybe I'll wait another 3
years for Windows 10 and UEFI to either solidify and establish
themselves or fall down.

VanguardLH wrote:

>
> After flashing the BIOS (burning in new firmware), I don't see why you
> would expect it to have the same checksum as the other but obviously
> different old firmware code. The checksum for old and new code should
> be different.

The legacy layout looks like this.

Main code block <--- non-volatile
DMI <--- updates on first boot
ESCD <--- updates on first boot
(Microcode cache) <--- when present, updates on first boot
Boot block <--- is never supposed to be flashed, but
many stupid motherboard companies erase this,
and it's when this is erased, you have a
major brickage exposure

When you flash a new BIOS, let's pretend the entire chip
got erased and flashed. The DMI region is all-0s in the
image. On first boot, the DMI is populated by the BIOS
with discovered hardware. Later, you use Asus Probe or
Intel DMIExplorer, and you "read out" the hardware inventory.
Those are examples of uses of the DMI area, for hardware
inventory in large companies.

If you "burn" the BIOS, boot once, then do a run where
you "archive" the entire BIOS chip, the checksum of the
entire image now differs from the originally downloaded
image. The volatile portions have been populated with
new unique data. And that's what I'm referring to.

If you know where the main BIOS block checksum value
is stored, and how to interpret it, that one should
be a constant. As the main block is not changed
during normal operation. The main block checksum
is verified by the boot block code, before the
jump into that code during POST.

> I only mentioned in passing that some computers can write into the BIOS.
> Sometime awhile back I saw mobos that provided a backup of the BIOS. I
> don't remember if those had a separate set of EEPROMS or if it was just
> reserved space inside the same EEPROM. The option to save the backup
> was in the BIOS settings so the BIOS was the one doing the burning.

Gigabyte has dual BIOS, consisting of two chips,
two "MAIN" blocks, but apparently only one boot block.
So the chips are not completely identical. Only our
product at work had completely duplicated contents,
and an arbiter on board to select one.

>
> Aren't the BIOS update program (when you flash in new firmware) also
> using the BIOS to perform that function. It has been a long time since
> I saw a debug of the flash update program but, as I recall, it called a
> function in the BIOS to burn in the new firmware.

I found documentation for a standard call for flashing.
If the BIOS wants to update the microcode cache, or
write to DMI, it pretty well must have that routine.
And it works in terms of the smallest block that can
be bulk erased and programmed, whatever that segment side
is. Back when I was programming the microcode cache on
my 440BX manually, the segment size was 2KB out of perhaps
a 128KB chip.

Since there was a shadow function, to copy the BIOS into
low RAM, it's also possible to flash the BIOS chip, while
the BIOS is still doing stuff (like say SMM).

>
> As for the business computer with the password stored in EEPROM, I
> thought that was a function of TPM where that password was used to to
> secure the hardware via a crypto key that has a unique RSA key for each
> TPM chip. However, upon recollection, maybe there used to be a
> different means of passwording a laptop because TPM wasn't established
> until 2009 and I remember my workplace assigning me an IBM Thinkpad back
> around 2006 plus it was already a year, or more old, and was an IBM
> laptop and not one from Lenovo who started acquiring IBM's products back
> in 2004, and that laptop that had password protection that couldn't be
> simply erased by clearing the CMOS. It did have some extra hardware for
> storing the password but it was a password that I could change (but I
> needed to know the correct old password to change it). The IT admin
> that doled it out to me wouldn't tell me the password and I understood
> their viewpoint. It was sysprepped for my use to do work at home over a
> VPN so they needed to manage the laptop. Other than changing some
> policies pushed onto the laptop when logging into their domain (with
> their permission), I really had no need to be changing anything else on
> the laptop. It was their property, not mine.

I was trying to help someone with a password issue in one
of the groups, and ran into the documentation for it.
It was a simple function, with a separate adjunct chip to
prevent "CLR_CMOS" junkies from having their way. I was
not able to get any other info - the dude who wanted
$50 to clear it, certainly wasn't going to give details
on his web site.

TPM is yet another era, and I'll just have to wait
for the next victim, for another "learning ezperience" :-)

>
> I've seen articles saying to clear CMOS to reset all passwords for the
> Thinkpad and others saying that will clear the passwords except for the
> supervisor password, like
> http://superuser.com/questions/284231/how-to-bypass-lenovo-thinkpad-power-on-password.
> I never really go into how passwording was enforced on that old Thinkpad
> that I used about a decade ago. I've never been stuck before or after
> will having to use one of those "business" class laptops. On a laptop
> that goes on trips, encrypting the files is sufficient data protection.
> With the loss of the hardware, it's not my concern if the thief can
> continue using the hardware, and I don't need to protect the apps since
> the thief can get those from anywhere and doesn't need my computer to
> get them.

Business laptops are just evil. I pity the fool
who has to support them, and all their failure modes.
For the ones with FDE, I hope someone is making
backups :-)

>
> But is the Windows setting writing to the UEFI BIOS EEPROM(s) or is it
> writing to the CMOS table copy of the BIOS settings? Be interesting to
> know what was said and if a CMOS reset was attempted (and failed).

The CMOS is only 256 bytes. You would be hard pressed (in our
modern bloated world), to design anything into a 256 byte
limit. I'm sure flash is being used. Just one code path
pointing to a UEFI object, is probably 256 bytes right there.

> I haven't heard that UEFI has its own file system. It loads a boot
> manager, just like the old BIOS did, but now has EFI binaries it can use
> for driver, application, and boot code (to finally load the OS loader).
> There are EFI boot services and EFI runtime services. EFI boot services
> are only available while the firmware is in control of the hardware.
> The OS can make use of the EFI runtime services but the ones I've seen
> mentioned are date and time (same as with MBR BIOS) and NVRAM access
> (isn't that the CMOS table copy of BIOS settings?). I don't see why
> UEFI would need a file system versus the EFI API simply knowing the
> binary offset to call a function in the EFI binaries.

I've seen one passing reference to "200 files" being in
there. But like the rest of UEFI, no tutorial articles
that go into depth.

Even the legacy BIOS had file systems of a sort. Read
only ones.

The main code block consists of LHA compressed code segments
with length fields. It was possible to parse the thing,
and decompress the code. I used to do some of that stuff
by hand. The code blocks would be things like PXE support
for the onboard branded NIC. Or a Promise RAID code module
for pressing the control-key hotkey sequence to enter
the RAID setup. Each of those is loaded during POST.
Storage code modules, have their Extended INT 0x13
disk I/O routines loaded, for usage by DOS.

Later, I got copies of MMTool and some other thing,
and that made extraction a whole lot easier.

http://rayer.g6.cz/romos/amimtool.gif

For some of those modules, they have VID:PID, so
you can figure out what the PCI Option ROM is for.
And say, check the version of your Silicon Image
RAID code for the SIL3112, and see whether you have
a buggy version.

>
> As yet, I don't understand what are "UEFI applications" that run
> standalone of any OS and can be installed independently of the mobo
> maker. Maybe that's where the hackers will figure out how to pwn a
> system. The OS loaders are (can be) a class of UEFI Applications.
> http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#UEFI_shell
> is the part that sounds a probably target for malware.
>
> From issues (bugs) reported with differing implementations of UEFI, it
> doesn't look like anything that I want. What Microsoft wants doesn't
> mean it's good for me. The deficiences of MBR BIOS and its cures does
> not entail having to supplant it with the spaghetti mess of UEFI.
>
> Guess I'll have to start reading up on the vulnerabilities of UEFI, like
> http://www.bing.com/search?q=hacking uefi. Or maybe I'll wait another 3
> years for Windows 10 and UEFI to either solidify and establish
> themselves or fall down.

I know very little about UEFI, and I don't expect I'll
find a web page that gives a complete dump. Maybe if
you want info at this point in time, it's a "textbook"
at the bookstore or Amazon.

Paul

T wrote:

> Roderick Stewart wrote:
>
>> http://dilbert.com/strip/2015-03-24
>
> Made me laugh!

Then enjoy these (disable the annotation crap, if present, along with
having to close those phucking ad popups):

https://www.youtube.com/watch?v=p4-uaxBhw5c
https://www.youtube.com/watch?v=6u8LWU59aXw

On 03/24/2015 07:31 PM, VanguardLH wrote:
> T wrote:
>
>> Roderick Stewart wrote:
>>
>>> http://dilbert.com/strip/2015-03-24
>>
>> Made me laugh!
>
> Then enjoy these (disable the annotation crap, if present, along with
> having to close those phucking ad popups):
>
> https://www.youtube.com/watch?v=p4-uaxBhw5c
> https://www.youtube.com/watch?v=6u8LWU59aXw
>

:-)

Loved the crack about Windows Nein

VanguardLH wrote:

Playing catch-up in this group. Comments below , apologies in
advance for being weeks late in replying.
[i]
> So the free update will be via Windows Update site, huh? Hmm, that
> means for a clean Windows 10 that I'll have to save a backup, wipe the
> OS partition(s) on my disk, install a clean Windows 7, and then use WU
> to update to have a clean Windows 10. I detest polluted upgrades. If a
> disk dies, I'll have to do that anyway (or restore from image backups)
> to get Windows 10 back on my computer. The free offer is via the WU
> site which means Windows 7/8 already has to be installed to be visiting
> the WU site to get the Windows 10 upgrade download. So what happens
> after the 1-year free upgrade expires and then my disk dies (and if I
> was like most users that don't do backups)?

The quoted print below clarifies (and corrects) your above statement
where you noted Windows 7/8.
- The Win10 upgrade requires Windows 7Sp1 and Windows 8.1 (Win8.0 does
not qualify)

>
> "The consumer free upgrade offer for Windows 10 applies to qualified
> new and existing devices running Windows 7, Windows 8.1 and Windows
> Phone 8.1."
>
>
> Bott also figures "consumer" means the Home edition of Windows. Yuck.
> I've had only one Home edition of Windows at home and many times got
> snagged by features missing in it compared to the Pro version, like the
> policy editors (local and groups), EFS, 16GB max RAM instead of 192GB,
> Presentation support, software restriction policies (SRPs) that let me
> block a program from ever loading (handy for apps that are rude in
> reestablishing their startup program when they run), no domain joining
> (so forget toting my laptop to work unless I go out to come back in but
> into the corporate network's safe zone which means many resources are
> unavailable), and probably more Pro-only features than I've tried. No
> more crippled Home editions on my desktop.

If you visit the MSFT Store both 8.1 (Core and Pro) are 'consumer versions'
- while Ed raises the issue of of consumer being 'Home' (Win7
terminology) that may not necessarily be as constrained as appeared -
there are consumer SKU's and commercial SKU's. Ed raised the issue but
didn't necessarily state Win10 free upgrade was solely limited to the
entry level prior o/s. Second, 8.1 as noted above which only came in
full version media are both consumer version (Core and Pro) available in
the retail market and from the MSFT Store. i.e. I wouldn't extrapolate
too much in Ed's statement which imo is more postulative than concrete.


--
....winston
msft mvp consumer apps