SPYWARE on certain BIOSes - can be disabled - please read

hairygit

Member
May 11, 2001
135
0
0
Hi -
I saw the following post on another (sysopt.com) techie site.
Its a long one but frightening if it is true..............
Oh No! *Hardware-Based* Phone Home Apps!

It's true: Phoenix, the BIOS people (they make the Phoenix and Award BIOSes), recently launched PhoenixNet, which will work with an
advertising-based phone-home app built right into the hardware of your PC. Although the announcement is couched in careful terms, the gist is clear. "...system builders and resellers... can use PhoenixNet's
services to distribute... products and services to millions of users."
Millions of captive users, that is.

According to the PhoenixNet site:

The PhoenixNet Internet Launch System (ILS) is a patent-pending technology built into the firmware of your PC.
PhoenixNet's technology resides safely within ROM (Read Only Memory). PhoenixNet is activated automatically at the initial launch of your new PC....

Once running, the PhoenixNet software will use your Internet connection to force-feed you downloads, advertising, "sites to see," and support services. The PhoenixNet utility apparently integrates with Windows; it's controlled--- if that's the word--- via a system tray applet.

However, because at least some of this code is operating at the firmware/BIOS level, it's possible for this code to run "below the
radar" of the OS or of local desktop firewalls. It could be difficult to know just what this code was doing, or when it's doing it.

Why is Phoenix doing this? The PhoenixNet site (http://home.phoenixnet.com/about/index.html )
spins it one way:

New and experienced users alike face some tough hurdles whentrying to get running on a new computer. From connecting to
the Internet to learning about and managing their PC. How do they get started? ... Now, thanks to PhoenixNet, the solution is only a mouse click away. Save time and effort by using PhoenixNet built into the PC.... PhoenixNet services can be individually customized to meet the needs of any user. This service continues over the life of the PC. And it's free.

But despite this happytalk explanation, to me this doesn't look like an impartial third-party advisor to end users, but rather an advertising vehicle. The PhoenixNet site says, "... we select the best providers of
these products and enter into partnerships with them in order to provide these tools directly through our network," To me, this sounds like: "Vendors pay us, or give us a cut of their action, to get their stuff
listed on PhoenixNet."
PhoenixNet may be hard to avoid: A number of motherboard makers have already agreed to start using PhoenixNet: They include AOpen, Chaintech, ECS, EpoX, Giga-Byte, Jetway, Legend-QDI, MSI, Soltek and Zida.

For biased info on this, see the PhoenixNet FAQ at http://home.phoenixnet.com/about/index.html#fre ; for third-party,
independent views, see Steve Gibson's GRC newsgroup on 'spyware:" Point your usenet/newsgroup reader at news.grc.com, and join the grc.spyware discussion.


SPLICE SAYS IT CAN BE CANCELLED IF YOU GO INTO BIOS - so check them BIOSes and aim your mouse for 'phoenixnet' or 'phoenixware' and disable that mf.
 

Double Trouble

Elite Member
Oct 9, 1999
9,270
103
106
That sounds like a freakin' nightmare, spyware that you don't even install and can't get rid of. I'd be one VERY pissed off customer if I found that in my bios. The board would go back for certain, and I'd never purchase another motherboard based on that bios again.
 

xaigi

Golden Member
Oct 9, 1999
1,235
0
0
Bump for importance.

Remind me to stick with Award and other bioses.

Phoenix and Award are pretty much the same company now bro if I'm not mistaken.

Oops! Thought they were competitors!
 

KevinH

Diamond Member
Nov 19, 2000
3,110
7
81
Phoenix and Award are pretty much the same company now bro if I'm not mistaken.
 

Pretender

Banned
Mar 14, 2000
7,192
0
0
Is this a joke?
First, how exactly would a BIOS be able to do this? It's going to tell the OS (assuming it's an OS the BIOS was preprogrammed to communicate with) to connect to a site, and send data? Can you comprehend how impossible or just downright silly that is?
Second, the article itself (I'm assuming your post was a copy/paste of an article) says: "SPLICE SAYS IT CAN BE CANCELLED IF YOU GO INTO BIOS - so check them BIOSes and aim your mouse for 'phoenixnet' or 'phoenixware' and disable that mf." Has anyone here used their mouse when editing bios settings? No? What? It's impossible, you say? Wow, you'd think these 'hardware experts' on that site would know that.

The credibility of this article is in serious jeopardy.
 

Mrburns2007

Platinum Member
Jun 14, 2001
2,595
0
0


<< PhoenixNet

One application on the CD deserves explicit mentioning: PhoenixNet. The manual states:

Phoenix Net is a service that provides PC users with best-of-breed, free software services to support their PC hardware and software and to turn their computer into a powerful tool ?
These services are delivered to the user as hotlinks on the desktop and in the web browser or, as applications that PhoenixNet automatically packages, downloads and installs.

If it looks like a virus, walks like a virus and talks like a virus, what could it be? Here is what happens after installation of PhoenixNet which, incidentally, is highly recommended on the first page of the BIOS setup as an essential step to properly configure the board. To make matters worse, PhoenixNet is already included into the BIOS and, even in a fresh install, will crawl out and infest the desktop before even any of the drivers are loaded. The ultimate insult is contained on the driver CD where the setup utility states: Install Award Patch to make sure your system is working properly.

Internet Explorer settings are mercilessly overwritten so that the default startup page is PhoenixNet with a customized taskbar similar to the practices employed by some porn sites. All shortcuts lead to CNET or their online shopping mall MySimon, AOL and similar. In order to access the PhoenixNet, the user is prompted to submit his or her personal data to PhoenixNet and as the manual states &quot;user receives monetary reward by email&quot;. Yuck, at least they could have included the Register (even though they don?t pay you for visiting, not that they would have to, anyway). This is the worst case of spam I have ever come across and even uninstalling PhoenixNet will not remove all the desktop shortcuts and browser default settings.
>>



sounds great...
 

Double Trouble

Elite Member
Oct 9, 1999
9,270
103
106
<<Has anyone here used their mouse when editing bios settings?>>

Yes, as a matter of fact, I have. The BIOS software on most compaqs is completely gui, and has complete mouse support built in. The bios can in fact contain any type of programming.

I'm not sure if this is legit or not, but it certainly could come to be some day -- if it isn't already. Looking at some of the info on the Phoenixnet home page, it would appear that they are actually gonna try it :| Tell ya what, I'd be sure to let the company building my board know that if they ever even consider putting this crap on my computer, it would certainly be the last of their boards I'd ever purchase.
 

Mrburns2007

Platinum Member
Jun 14, 2001
2,595
0
0
Can we start a petition to call attention to the motherboard manufacter's that we don't want this crap.