BIOS maker builds PC "bomb shelter"
- — 18 February, 2003 08:22
Users with crashed PCs may be able to press a "panic button" and bring up a set of recovery and other utilities later this year if vendors start including a new data "bomb shelter" on the hard disk drives of their PCs.
Phoenix Technologies Ltd., which makes the BIOS that runs at boot-up on many current Windows PCs, will sell its Phoenix Core Managed Environment (CME) software to PC vendors along with technology for putting it on the least-used part of the hard drive, around the spindle at the center, said Bob Gager, senior director of product marketing at Phoenix, in San Jose, California. A version will also be available for servers, along with versions for embedded devices and information appliances such as TV set-top boxes, where software may be stored in another safe location.
CME is not an operating system but a separate, protected operating environment, Gager said. Because it's not part of the operating system, it remains available after a crash and can be used to bring a PC back up after the user presses the "panic button." It also can be used to store backups of a user's files and can include a utility that automatically backs up those files. Applications in CME can be updated securely with authentication through digital signatures, but new applications can't be added. That protects the environment from viruses, though it's still possible that a determined hacker could write one that hits CME, Phoenix spokesman David Tractenberg said.
Phoenix already supplies BIOS software to many large PC vendors, but none of the vendors was ready yet to discuss whether they will use CME, according to Phoenix. Analysts said although it could offer system vendors some benefits, cost and other issues might keep them from using it.
Phoenix already offers a set of system utilities that can be stored in a protected part of the hard drive. It includes diagnostic, recovery and emergency Internet connection software. With CME, Phoenix is moving that protected space to a safer part of the hard drive and at the same time opening it up to applications from other vendors. One company that plans to make its software available for CME is antivirus vendor McAfee Security, a division of Network Associates Inc.
"Phoenix can't make all of these utilities for everybody," Gager said.
PC vendors that include CME in their systems can choose how much space to set aside for it and which applications to put in it. The "panic button," an actual button on the machine, could bring up the CME Console, a GUI (graphical user interface), from which the user could choose which applications to run.
Not everything in the protected space has to be for emergencies or recovery. A PC maker can even co-brand the environment with Phoenix and include everyday applications such as digital photo browsing software, Gager said. One problem CME was designed to solve was vendors' desire to differentiate their PCs in terms of software as well as hardware. Phoenix even plans its own advertising campaign to build awareness of the technology so consumers will seek it out when they buy systems.
However, CME is not intended as an alternative to Windows or any other operating system. For one thing, users can't add new applications to it. Phoenix used the analogy of a bomb shelter to describe the environment.
"You can make it as pretty as you want to, but you're still not going to live in it," Tractenberg said.
PC makers that use CME could reduce their own support costs and those of enterprises, while also making notebooks safer from data theft, said Martin Reynolds, an analyst at Gartner Inc., in San Jose, California. Though buyers are unlikely to pay extra for the tools in CME, the added features might help to sell a particular vendor's system, he said.
Being able to get on the Internet through a special browser after a software crash could make it easier for vendors and corporate IT departments to lead a user through diagnosis and recovery, Reynolds said. In that case a notebook wouldn't have to be shipped back to a vendor or IS department just to fix a software problem.
CME also could serve as a pre-boot environment with sophisticated authentication tools such as fingerprint or face recognition, Reynolds said. Today on most notebooks, would-be thieves face only a simple password prompt to get into the OS. Stronger security methods can only go into the OS itself, he said.
In addition, antivirus software in a protected space like CME would be safe from a new breed of virus that specifically targets antivirus applications, said Roger Kay, director of client computing at IDC, in Framingham, Massachusetts. (IDC is a division of International Data Group Inc., the parent company of IDG News Service.)
The need for a "panic button" is declining in the U.S., where PCs have been prevalent for some time and the number of neophyte users is declining, Kay said. However, in other areas of the world, such as Eastern Europe, Latin America and Japan, that kind of "handholding" may have more appeal, he added.
The problem PC makers will face when considering whether to use CME is that the market is price-sensitive and customers already are "overserved," according to Kay. There are many tools already on the market for backup, antivirus and other functions that a vendor might want to put in CME, he said.
Customer unfamiliarity with the technology could create another challenge, according to Stephen Baker, director of industry analysis at The NPD Group Inc., in Reston, Virginia.
"It has to be self-evident to me why I would want to buy it. People don't buy things that have to be explained to them," Baker said.
CME is unlikely to light PC buyers on fire, Gartner's Reynolds acknowledged.
"It's fascinating technology and it has a lot of potential, but it's going to be very hard to get people excited about it," he said. "It just doesn't do exciting things."
Phoenix is offering four versions of CME: CME PC Edition, CME Server Edition, CME IA (Information Appliance) Edition and CME Embedded Edition. All are available to system makers now. Systems with CME should become available to end users in March or April, according to Phoenix.