Insyde Software security updates for Windows 10

Hurray, UEFI vendors focusing on security! 🙂

Insyde® Software Highlights Strategies to Strengthen Firmware Security at the Fall UEFI Plugfest

Company’s Chief Technology Officer to Present at The UEFI Forum Plugfest in Taipei, Taiwan

[…]In related UEFI-security news, Insyde Software announced its full compliance with the latest firmware security updates needed by Microsoft’s upcoming Windows® release. The Windows 10 Fall Creators Update adds new requirements that include improved support for TPMs (Trusted Platform Modules) and new functionality for Secure Boot BIOS update, all of which is fully supported by InsydeH2O® UEFI BIOS.[…]

https://www.insyde.com/press_news/press-releases/insyde%C2%AE-software-highlights-strategies-strengthen-firmware-security-fall

Insider_BIOS_Tools: BIOS tools from Insyde Software

Cool, Insyde  Software is releasing some of their tools. It appears they’re older tools, see the readme about restrictions and newer versions of the tools.

Insider_BIOS_Tools

BIOS tools for Insyde Insiders! (release approved by the management of Insyde Software Japan)

We believe that the commercial value of our outdated BIOS developer tools is quite low. As a gesture of good will towards the BIOS modding community and IT community in general, we have decided to release some of our outdated BIOS developer tools – which are a part of this GitHub repository.[…]

Includes:
* H20EZE: Easy BIOS Editor that helps edit binaries in the BIOS, including Option ROMs, driver binaries, logos, and Setup values.
* H20FFT: Firmware Flash Tool assists in quickly and easily updates flash devices with new BIOS firmware.
* H20SDE: SMBIOS Data Editor that facilitates easy modification of any SMBIOS (DMI) field by GUI and Command Line, with support for a wide variety of OS environments.
* H20UVE: UEFI Variable Editor

https://github.com/s-sosnitskiy80/Insider_BIOS_Tools

 

 

UEFI-Dumper

“UEFI-Dumper is a simple perl script to get access to your Insyde Bios hidden menus.”

The source code says: Copyright (c) 2013 Nurlan Mukhanov (aka Falseclock).

https://github.com/Falseclock/UEFI-dumper

The tool appears brand-new, from Github epoch. But given the 2013 date in the copyright, it is probably older. A quick search finds the same code from a 3-year-old post:
http://developers-club.com/posts/182676/

When I noticed this, I sent an FYI to the the UEFI Security team and to Insyde’s security team, in case they hadn’t seen it. Kevin Davis of Insyde responded with:

“Insyde Software takes the security of our customer’s platforms very seriously. InsydeH2O and SETUP page settings are based on public specifications.  Insyde is aware that the UEFI-Dumper allows individuals to get the information about SETUP pages that customers have hidden. Insyde believes that current customer platforms are following our guidelines for protecting sensitive system variables from malicious changes. As the first BIOS vendor to ship production systems supporting the UEFI standards, Insyde has always worked to improve the UEFI standards and our InsydeH2O BIOS.  Our customers are encouraged to work with their Insyde contacts to continue to build secure systems.”

[1] https://www.insyde.com/contact/reportsecurity

Tim Lewis resumes uefi.blogspot blog!

For a long time the uefi.blogspot.com was one of the only sources of UEFI blogging. It appears to have been inactive for about 2 years, but has 2 new posts from this month! Make sure this blog is still on your RSS feed list.

http://uefi.blogspot.com/2016/10/intel-and-insyde-embedded-white-paper.html

http://www.intel.com/content/www/us/en/embedded/software/fsp/fast-secure-iot-solutions-insyde-software-blink-boot-fsp-white-paper.html

http://uefi.blogspot.com/2016/10/pi-15-released.html

Insyde Software’s HumanOS

Last week at Intel IDF Insyde Software announced updates to get Android Lollipop on Intel Core M systems, working with Intel China.

Insyde has an Android-based OS called “Humanos(R)”, which I had not heard of until now (it reminds me of AMI’s AMIDuOS):

Humanos is an instant-on software environment developed for notebooks and netbooks running Microsoft Windows, and is currently optimized for use with Google’s latest Android and Chromium open-source mobile operating systems. Humanos utilizes Insyde Software’s Quick-to-Launch UEFI Software, giving mobile PC users immediate access to an expanding set of mobile applications through the instantly available operating environment. Many of today’s open source operating systems provide mobile platforms the opportunity to integrate lots of new functionality within a very small footprint. Humanos from Insyde Software addresses the increasing demand for these open source operating systems by implementing them as secondary instant-on software environments to Windows based platforms or as standalone “app ready” user-friendly environments. This solution provides easy integration and great performance through Insyde Software’s UEFI Instant-On technology, and brings additional value to the platform. Additionally, platforms featuring Humanos can access Insyde Market, the world’s first Android applications market for netbook computers. Insyde Market features a growing list of Android applications optimized for the mobile PCs, which provides a continual source of added value for users and platform manufacturers that choose to include Humanos.

http://www.insyde.com/products/humanos
http://www.insyde.com/products/androidsolutions
http://www.insydesw.com/press_news/press-releases/insyde%C2%AE-software-collaborates-intel%C2%AE-china-bring-android%E2%84%A2-50-latest-intel%C2%AE

Insyde updates InsydeH2O and Supervyse

This week at Intel Developer Forum (IDF), Insyde Software announced support of Intel’s new “Innovation Engine”. Insyde has a Supervyse Systems Management product, as well as their InsydeH2O UEFI BIOS. Insyde announced that both of these products will fully-leverage Intel’s Innovation Engine, a newly-announced new processor and IO subsystem targeting data center platforms. Excerpting their press release:

“The Innovation Engine gives us tremendous opportunity to extend our BIOS and BMC product offerings,” said Stephen Gentile, Sr. Vice President, Strategy at Insyde Software. “More importantly, this powerful and open resource gives us a new framework for products targeted at next-generation data center servers,” added Gentile.

“The Innovation Engine is a new way that developers can tap Intel technology to improve the capabilities of data center solutions,” said Lisa Spelman, General Manager of Data Center Marketing at Intel. “Through working with our ecosystem partners like Insyde, our data center customers will have comprehensive hardware and software solutions that will drive new innovations and platform differentiation,” added Spelman.

More information:

http://www.insydesw.com/press_news/press-releases/insyde%C2%AE-software-helps-drive-innovation-future-intel%C2%AE-data-center-platform