Tag: Intel

ACPI testing with BITS Python

~ hucktech ~ Leave a comment

Recently, Josh Triplett of Intel gave a talk on using BIOS Interface Test Suite (BITS) at LinuxCon North America.
http://events.linuxfoundation.org/events/linuxcon-north-america/program/slides

Demystifying ACPI and EFI via Python and BITS

Click to access bits-with-demo.pdf

BTW, Josh also gave this talk at LinuxConNA’15 as well:

Everything’s a File Descriptor

Click to access fd_0.pdf

I think I’ve mentioned BITS in this blog before. But just in case I’ve not, BITS is a powerful, strange set of BIOS diagnostic tools. BITS started as a BIOS-centric tool, but now includes some UEFI support as well. BITS uses the GRUB boot manager as it’s UI, using GRUB menus for different features, see the screenshots page for a better understanding:
http://biosbits.org/screenshots/

BITS also includes a Python interpreter, so you can do interactive Python, or write scripts to test firmware. BITS has interfaces for BIOS, UEFI, and ACPI data.
http://biosbits.org/scripting/

Jake Edge wrote an excellent follow-up to Josh’s LinuxCON talk, with an article in LWN.net, discussing BITS’s Python for UEFI and ACPI investigations.

In a talk that could easily be seen as a follow-on to his PyCon 2015 talk, Josh Triplett presented at LinuxCon North America on using Python to explore the low-level firmware of today’s systems. The BIOS Implementation Test Suite (BITS) provides an environment that hearkens back to the days of BASIC, PEEK, and POKE, as he demonstrated at PyCon in Montréal in April, but it is much more than that. In Seattle at LinuxCon, he showed that it can also be used to look at and use the EFI and ACPI code in a system—all from Python.

The article is part of LWN.net subscriber-only content, and has been ‘leaked’ (see next URL below), and as the link on the page mentions, an occasional leak isn’t too bad, and helps with subscriptions. If you don’t have a LWN subscription, please think about it, they are probably the best news source for low-level Linux technologies. They have a 1-month free trial.

After reading this article, Laszlo Ersek of Red Hat started up a thread with Josh on the QEMU and UEFI dev mailing lists, with some new ways of thinking about using BITS Python for ACPI testing. Lots of good ideas on this thread, if you care about QEMU, ACPI, AML, or ACPICA tools please read the thread: sorry, I’m too lazy to summarize all of the ACPI nuances in the thread, it’s only a few messages.

Using Python to investigate EFI and ACPI
Newsgroups: gmane.comp.emulators.qemu, gmane.comp.bios.edk2.devel
http://thread.gmane.org/gmane.comp.emulators.qemu/358997

I hope some of the ACPI/AML testing ideas in this thread happen!

More Information:

https://github.com/biosbits/bits

Intel porting KGT to UEFI

~ hucktech ~ Leave a comment

The other day I learned about Intel KGT:

Intel KGT

Then I noticed Matthew Garrett’s twitter feed, saying that it didn’ t work with UEFI… But today I note that Vincent Zimmer of Intel has a new Twitter post,  saying that Intel is working on porting KGT to work with UEFI:

Looking forward to UEFI-enabled iKGT!

Intel announces Core 6 Skylake

~ hucktech ~ Leave a comment

I don’t give enough news to new CPUs. Skylake has been in the news for a while, but Intel just officially announced it:

Excerpt from press release:

Coming Soon: Intel® Iris™ Graphics, Intel® vPro™ for business, and products for IoT
In the coming months, Intel plans to deliver more than 48 processors in the 6th Gen Intel Core processor family, featuring Intel® Iris™ and Iris Pro graphics, as well as Intel Xeon E3-1500M processor family for mobile workstations and 6th Gen Intel® vPro™ processors for business and enterprises. A variety of devices across a wide range of form factors will be available now and over the coming months from manufacturers around the world. In addition, Intel is offering more than 25 products for the Internet of Things (IoT) with up to 7-year long-life supply and error correcting code (ECC) at multiple TDP levels. Retail, medical, industrial, and digital surveillance and security industries will all benefit from the new 6th Gen Intel Core processor improvements and includes IoT designs from the edge to the cloud.

http://newsroom.intel.com/community/intel_newsroom/blog/2015/09/01/introducing-6th-generation-intel-core-intels-best-processor-ever

http://www.intel.com/content/www/us/en/processors/core/core-processor-family.html?linkId=16730362

http://newsroom.intel.com/community/intel_newsroom/blog/2015/09/01/intel-announces-its-6th-gen-intel-core-processor-family

Intel August malware report released

~ hucktech ~ Leave a comment

Intel Security Group’s McAfee Labs Threat Report for August 2015 has been released. Firmware is listed, more than once. 🙂

https://blogs.mcafee.com/mcafee-labs/malware-trend-continues-relentless-climb/

Click to access rp-quarterly-threats-aug-2015.pdf

Intel KGT

~ hucktech ~ 1 Comment

Wow, I wasn’t aware of Intel’s Kernel-Guard Technology (KGT) for Linux, until today. 😦

As found on the Twitter feed of Alex Bazhaniuk (@ABazhaniuk):

Intel Kernel-Guard Technology (Intel KGT) is a policy specification and enforcement framework for ensuring runtime integrity of kernel and platform assets.  The Intel® KGT framework allows policy writers to specify:
 * Which OS/platform resources to monitor
 * Actions to take when the monitored resource is accessed
 * A policy

A policy can be specified at build-time (embedded in the code), boot-time (such as through grub module), or at runtime (via configfs and script), and is enforced by an outside-OS component.  The Intel KGT framework, along with an appropriate policy, can be used to achieve immutability and runtime integrity of critical resources such as kernel code pages, kernel pagetable mappings, kernel interrupt descriptor table (IDT), control registers (CRs), MSRs, and MMIO regions. The Intel KGT is based on xmon, which is a thin VT-x component. Xmon runs in vmx-root (ring -1), de-privileges the OS, and uses VTx controls to trap access to specified resources and enforce policy specified actions. Xmon is not limited to using VT-x and, in the future, is expected to incorporate other CPU and platform features in addition to VT-x to enforce policy.    

Their Overview page gives a good introduction.
https://01.org/intel-kgt/overview

It looks like the last release was August 7th, with Intel TXT/tboot support:
https://lists.01.org/pipermail/intel-kgt/2015-August/000012.html

More Information:
https://github.com/01org/ikgt-manifest
https://01.org/intel-kgt/

OS X Yosemite Security Guide

~ hucktech ~ Leave a comment

As found on the Twitter feed of David Barroso (‏@lostinsecurity):

DrDuh has a new Github project which is a Mac OSX Yosemite security/privacy guide. There is a brief section on firmware, using Apple’s new Firmware Password feature.

OS X Yosemite Security and Privacy Guide
https://github.com/drduh/OS-X-Yosemite-Security-and-Privacy-Guide

Linux Foundation IT Security Policies: firmware guidance

~ hucktech ~ Leave a comment

A  few days ago, the Linux Foundation released new guidance for securing Linux systems. Since the Linux Foundation has mostly remote workers, there are currently 2 documents: one on hardening Linux Workstations, and one for secure group communications, the latter something like a CryptoParty Handbook. Here’s an excerpt of the Hardware/Firmware/Pre-OS section from the Workstation document:

Choosing the right hardware

We do not mandate that our admins use a specific vendor or a specific model, so this section addresses core considerations when choosing a work system.

Checklist

    System supports SecureBoot (CRITICAL)
    System has no firewire, thunderbolt or ExpressCard ports (MODERATE)
    System has a TPM chip (LOW)

Considerations

SecureBoot

Despite its controversial nature, SecureBoot offers prevention against many attacks targeting workstations (Rootkits, “Evil Maid,” etc), without introducing too much extra hassle. It will not stop a truly dedicated attacker, plus there is a pretty high degree of certainty that state security agencies have ways to defeat it (probably by design), but having SecureBoot is better than having nothing at all. Alternatively, you may set up Anti Evil Maid which offers a more wholesome protection against the type of attacks that SecureBoot is supposed to prevent, but it will require more effort to set up and maintain.

Firewire, thunderbolt, and ExpressCard ports

Firewire is a standard that, by design, allows any connecting device full direct memory access to your system (see Wikipedia). Thunderbolt and ExpressCard are guilty of the same, though some later implementations of Thunderbolt attempt to limit the scope of memory access. It is best if the system you are getting has none of these ports, but it is not critical, as they usually can be turned off via UEFI or disabled in the kernel itself.

TPM Chip

Trusted Platform Module (TPM) is a crypto chip bundled with the motherboard separately from the core processor, which can be used for additional platform security (such as to store full-disk encryption keys), but is not normally used for day-to-day workstation operation. At best, this is a nice-to-have, unless you have a specific need to use TPM for your workstation security.

Pre-boot environment

This is a set of recommendations for your workstation before you even start with OS installation.

Checklist

    UEFI boot mode is used (not legacy BIOS) (CRITICAL)
    Password is required to enter UEFI configuration (CRITICAL)
    SecureBoot is enabled (CRITICAL)
    UEFI-level password is required to boot the system (LOW)

Considerations

UEFI and SecureBoot

UEFI, with all its warts, offers a lot of goodies that legacy BIOS doesn’t, such as SecureBoot. Most modern systems come with UEFI mode on by default.

Make sure a strong password is required to enter UEFI configuration mode. Pay attention, as many manufacturers quietly limit the length of the password you are allowed to use, so you may need to choose high-entropy short passwords vs. long passphrases (see below for more on passphrases).

Depending on the Linux distribution you decide to use, you may or may not have to jump through additional hoops in order to import your distribution’s SecureBoot key that would allow you to boot the distro. Many distributions have partnered with Microsoft to sign their released kernels with a key that is already recognized by most system manufacturers, therefore saving you the trouble of having to deal with key importing.

As an extra measure, before someone is allowed to even get to the boot partition and try some badness there, let’s make them enter a password. This password should be different from your UEFI management password, in order to prevent shoulder-surfing. If you shut down and start a lot, you may choose to not bother with this, as you will already have to enter a LUKS passphrase and this will save you a few extra keystrokes.

Full information:

https://github.com/lfit/itpol

https://github.com/lfit/itpol/blob/master/linux-workstation-security.md

http://linuxfoundation.org/

PS: The Linux Foundation also just started a Core Infrastructure Initiative, which has security implications, which I’ve got to find out more on, and will blog on later.

SuspendResume

~ hucktech ~ Leave a comment

I also learned about Intel’s SuspendResume project today. Again, it is not new, it has been around since 2014. See this recent SmackeralOfOpinion blog for a screenshot and a better description:

http://smackerelofopinion.blogspot.com/2015/08/identifying-suspendresume-delays.html

The Suspend/Resume project provides a tool for system developers to visualize the activity between suspend and resume, allowing them to identify inefficiencies and bottlenecks. The use of Suspend/Resume is an excellent way to save power in Linux platforms, whether in Intel based mobile devices or large-scale server farms. Optimizing the performance of suspend/resume has become extremely important because the more time spent entering and exiting low power modes, the less the system can be in use. Using a kernel image, built with a few extra options enabled the tool will execute a suspend, and will capture dmesg and ftrace data from suspend start to resume completion. This data is transformed into a set of timelines and callgraphs to give a quick and detailed view of which devices and kernel processes are taking the most time in suspend/resume. The output of the tool is a single html file which makes use of embedded CSS and JavaScript to create the timelines and callgraphs. The file can be viewed in any Linux browser, such as Firefox or Chromium. This project is for kernel developers, testers, debuggers, and other contributors working on Intel-based client or server systems.

https://01.org/suspendresume

EFIDroid

~ hucktech ~ Leave a comment

I just learned about EFIDroid, “a multiboot solution for mobile devices”. It is not new, EFIDroid was announced Feburary 2014 on the Xiaomi.eu mailing lists:

Opensource (multiboot) Bootloader: Efidroid (formerly Grub4android):
This is the successor of GRUB4Android – a project to bring multiboot to Android. Even though most people hate UEFI on computers(users because of secureboot and devs because it doesn’t change many problems of BIOS afaik), Intel’s implementation (“EDKII”) actually is quite good and perfectly fits our needs. Also, it still allows you to boot GRUB – just in case you wanna do that.”

It is a Google+-based community, with over a hundred members. There’s been a lot of recent Github activity for the project, including an interesting Linux kernel module.

https://github.com/efidroid
https://plus.google.com/communities/114053643671219382368
http://xiaomi.eu/community/threads/dev-opensource-multiboot-bootloader-efidroid-formerly-grub4android.23615/

https://plus.google.com/u/0/MichaelZimmermann
http://mzimmermann.info/

Intel/UA/Turner 2016 TV: America’s Greatest Makers

~ hucktech ~ Leave a comment

As mentioned by Brian Richardson, Intel is teaming with United Artists Media Group to do a Maker-centric TV show. The ‘casting call’ is open.

Intel, United Artists Media Group, and Turner Broadcasting System are bringing a national makers’ challenge to television in 2016. “America’s Greatest Makers (working title) is coming to television in 2016. Are you ready to build the next truly amazing device? Bring your big ideas to life with Intel, in collaboration with United Artists Media Group, and Turner Broadcasting System. Competitors will vie for $1 million in prizes and the opportunity to bring their creations to market.”

Full announcement:
https://www-ssl.intel.com/content/www/us/en/wearables/americas-greatest-makers.html

I hope some Open Hardware and Free Hardware people turn out for the casting call. I hope some employees from Bunnie Studios, Purism, Inverse Path, and FSF, and some students at USB (RISC-V) and Wisconsin (MIAOW GPU) consider trying out. It appears participants must be US citizens 15 years or older, with max of 4 people per team.

Since it’s just a working title, I think they should rename it to be “Greatest American Makers”. I’m running late today, so please Insert your own “Greatest American Hero” TV joke here. 🙂

Intel IDF post-conference materials

~ hucktech ~ Leave a comment

Intel Developer Forum ended the other week:

Firmware at Intel Developer Forum

The other day I posted a pointer to a Redfish/UEFI HTTP Boot talk at IDF, and commented that I wish I could find the video. A kind reader showed me how to navigate the cryptic IDF archive site:

http://myeventagenda.com/sessions/0B9F4191-1C29-408A-8B61-65D7520025A8/7/5

The search function on that page works well, eg filtering on firmware. There are PDF and A/V links to many of them!  IDF had 200 talks, many of them interesting to firmware security. For example, here’s the talk on Redfish from yesterday:

http://myeventagenda.com/sessions/0B9F4191-1C29-408A-8B61-65D7520025A8/7/5

VirtualBox 5.02 released

~ hucktech ~ Leave a comment

A few days ago Oracle released a new version of VirtualBox. It is a maintenance release, no huge new features I noticed, but lots of bugfixes, many related to hardware security issues, though no CVEs that I noticed.

https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_08

https://www.virtualbox.org/wiki/Changelog

 

AMI announces AMIDuOS 2.0

~ hucktech ~ Leave a comment

Today AMI announced AMIDuOS 2.0, with support for Windows 7-10 along with Android 5.0.1 (Lollipop). AMIDuOS lets you run both OSes at the same time, using hardware acceleration and emulation. AMIDuOS 1.x supports Android 4.3 (Jellybean), and is still available for $10, free upgrade to 2.0 if you bought 1.x before August 7th. AMIDuOS is a closed-source OS.

“People should be able to run their Android apps on any device they wish,” explained Subramonian Shankar, AMI founder and President. “We created AMIDuOS to make it easy for anyone to get the full Android experience on their Windows machines. Now, even the most recent Android apps developed for Android 5.0.1 will run smoothly and with full compatibility on the Windows platform.”

AMI has utilized its decades of expertise to build hardware acceleration support into the app and support direct hardware access whenever possible. Emulation is only used when needed – otherwise code runs natively. This, plus 3D acceleration support, means incredible performance, so games and video-intensive apps run smoothly and quickly. Since AMIDuOS can access native PC hardware and drivers, any apps installed in the Android environment can take advantage of the touchscreen, sensors, peripherals, GPS, camera and more – to deliver a fully immersive Android experience. AMI has tested AMIDuOS with over 4,000 apps and is continually releasing updates to improve its compatibility.

Some of the requirements include: x86 processor, 32/64-bit version of Windows 7/8/8.1/10, OpenGL 3.0 and above, and Hardware Virtualization Technology enabled in the system’s BIOS.

http://www.amiduos.com

https://www.facebook.com/amiduos
http://ami.com/news/press-releases/?PressReleaseID=327&/American%20Megatrends%20Unwraps%20Lollipop%20%E2%80%93%20Run%20Android%205.0.1%20Apps%20on%20Windows%20PCs%20without%20Compromise/

Linux Security Summit 2015 proceedings available

~ hucktech ~ Leave a comment

As part of LinuxCon North America, the Linux Security Summit recently finished, and presentations are now available (I omitted the few talks which had no presentations from below list):

* Keynote: Giant Bags of Mostly Water – Securing your IT Infrastructure by Securing your Team, Konstantin Ryabitsev, Linux Foundation
* CC3: An Identity Attested Linux Security Supervisor Architecture, Greg Wettstein, IDfusion
* SELinux in Android Lollipop and Android M, Stephen Smalley, NSA
* Discussion: Rethinking Audit, Paul Moore, Red Hat
* Assembling Secure OS Images, Elena Reshetova, Intel
* Linux and Mobile Device Encryption, Paul Lawrence, Mike Halcrow, Google
* Discussion: Core Infrastructure Initiative, Emily Ratliff, Linux Foundation
* Security Framework for Constraining Application Privileges, Lukasz Wojciechowski, Samsung
* IMA/EVM: Real Applications for Embedded Networking Systems, Petko Manolov, Konsulko Group, Mark Baushke, Juniper Networks
* Ioctl Command Whitelisting in SELinux, Jeffrey Vander Stoep, Google
* IMA/EVM on Android Device, Dmitry Kasatkin, Huawei Technologies
* Subsystem Update: Smack, Casey Schaufler, Intel
* Subsystem Update: AppArmor, John Johansen, Canonical
* Subsystem Update: Integrity, Mimi Zohar, IBM
* Subsystem Update: SELinux, Paul Moore, Red Hat
* Subsystem Update: Capabilities, Serge Hallyn, Canonical
* Subsystem Update: Seccomp, Kees Cook, Google
* Discussion: LSM Stacking Next Steps, Casey Schaufler, Intel

http://kernsec.org/wiki/index.php/Linux_Security_Summit_2015/Schedule

Purism coreboot update

~ hucktech ~ Leave a comment

Purism is a new OEM trying to build hardware for consumers that care about personal privacy and security, and are concerned about any closed-source code that controls their systems, including OS-level and firmware-level “blobs”. They’ve chosen an Intel-based platform for their laptop, so they’re busy fighting to disable all of the silicon-level security protections that Intel has been adding to their products. This is more ambitious than other Intel-based “Linux OEMs”, which use stock BIOS, 100% firmware blobs. If Purism is able to accomplish what they want, I then wonder how insecure their new systems will be, from the pragmatic POV of an attacker (who cares less about if a system was built with closed-source blobs or not).

Read the update here:

http://blogs.coreboot.org/blog/2015/08/24/2015-08-21-librem-13-weekly-progress-update/

Excerpting from the summary of their blog post:

BIOS development is hard. One of the major challenges facing BIOS developers is a lack of accurate, comprehensive documentation for all the hardware coreboot interacts with. The “elephant in the room,” for an Intel-based laptop, is the Management Engine.

I’m wiling to bet a buck that Purism’s their 3rd model will not be based on Intel, but ARM or AMD systems. where they can more easily have zero firmware blobs, and have to fight fewer pink elephants, and can use U-Boot or Libreboot. Recent libreboot efforts with some Chromebook models is also very encouraging. I would almost rather focus on COTS Intel/ARM dev boards for the next few years, until RISC-V boards (like Raven3) are available for Purism to use. A thick laptop with room to fit a Beagle or Panda or Minnow or RPI — or two — would be nice to see.

It is nice to see Purism, like Bunnie’s Novena, trying to build a system that people want, not just a system that the industry trade groups want for enterprises. I hope they’re able to manage to deal with the various silicon and firmware issues that they face.

HP/Intel presentation on HTTP Boot and Redfish

~ hucktech ~ Leave a comment

Samer El-Haj-Mahmoud, a System Firmware Architect at Hewlett-Packard, was kind enough to give me an URL to a recent presentation at Intel Developer Forum (IDF), on UEFI HTTP Boot and DMTF Redfish:

STTS001: Firmware in the Data Center:
Building a Modern Development Framework Using UEFI and Redfish REST APIs.
Mark Doron, Intel
Dong Wei, HP
Samer El-Jah-Mahmoud, HP

The HP/Intel co-presentation is on HTTP Boot and Redfish, and the UEFI based deployment solution on HP ProLiant Servers. Topics include PXE -vs- UEFI HTTP Boot, IPMI -vs- Redfish, and clarification of HP’s implementation -vs- recent UEFI 2.5/TianoCore implementation. I wish I could find audio or video archives of this talk, not just slides. 😦

I’m not a fan of URL-shorteners, and this is a LONG URL, I think you need all the stuff after the .pdf extension:

https://hubb.blob.core.windows.net/e5888822-986f-45f5-b1d7-08f96e618a7b-published/0ed65053-1511-4d28-b55c-4e0813a0519a/STTS001%20-%20SF15_STTS001_100f.pdf?sv=2014-02-14&sr=c&sig=RJybmBnFV2JOPeXMlwn1UB9DHcQTC7cZfkPkupXc5kw%3D&se=2015-08-25T18%3A50%3A04Z&sp=rwd

Also, check out the UEFI videos and other resources at HP’s site:
http://www.hp.com/go/proliant/uefi

Intel’s new Innovation Engine

~ hucktech ~ 1 Comment

Last week at IDF, a few UEFI Forum ecosystem vendors announced support for Intel’s new Innovation Engine (IE). But I still don’t know what it is. All I know so far is that the “Innovation Engine is a small Intel(R) architecture processor and I/O sub-system that will be embedded into future Intel data center platforms“, and that it’s roughly like an integrated service process or base board management controller (BMC). I presume everyone from Intel is taking post-IDF “comp-time” Summer vacation, and haven’t uploaded the IE data sheets to intel.com yet. 😦 So far, this is all I can find is this blog post by Jesse Schrater from last week:

Intel’s New Innovation Engine Enables Differentiated Firmware

Historically, platform embedded firmware limits the ways system-builders can customize, innovate, and differentiate their offerings. Today, Intel is streamlining the route for implementing new features with the creation of an “open engine” for system-builders to run firmware of their own creation or choosing.
    This important advance in platform architecture is known as the Innovation Engine. It was introduced this week at the Intel Developer Forum in San Francisco.
    The Innovation Engine is a small Intel® architecture processor and I/O sub-system that will be embedded into future Intel data center platforms. The Innovation Engine enables system builders to create their own unique, differentiating firmware for server, storage, and networking markets.
    Some possible uses include hosting lightweight manageability features in order to reduce overall system cost, improving server performance by offloading BIOS and BMC routines, or augmenting the Intel® Management Engine for such things as telemetry and trusted boot.
    These are just a few of the countless possibilities for the use of this new path into the heart of Intel processors. Truthfully, the uses for the Innovation Engine are limited only by the feature’s capability framework and the developer’s imagination.
    It’s worth noting that the Innovation Engine is reserved for system-builder’s code, and not Intel firmware. Intel supplies only the hardware, and the system builder can tailor things from there. And as for security, the Innovation Engine code is cryptographically bound to the system-builder. Code not authenticated by the system-builder will not load.
    As the name suggests, the Innovation Engine will drive a lot of great benefits for OEMs and, ultimately, end users. This embedded core in future Intel processors will foster creativity, innovation, and differentiation, while creating a simplified path for system-builders implementing new features and enabling full customer visibility into code and engine behavior.

Read the full blog post here:
https://communities.intel.com/community/itpeernetwork/datastack/blog/2015/08/19/intel-s-new-innovation-engine-enables-differentiated-firmware

Looking forward to some actual specs… Wondering if ‘open engine’ may imply Open Hardware, or at least Open Source code to interface with device. 🙂

Insyde Software’s HumanOS

~ hucktech ~ Leave a comment

Last week at Intel IDF Insyde Software announced updates to get Android Lollipop on Intel Core M systems, working with Intel China.

Insyde has an Android-based OS called “Humanos(R)”, which I had not heard of until now (it reminds me of AMI’s AMIDuOS):

Humanos is an instant-on software environment developed for notebooks and netbooks running Microsoft Windows, and is currently optimized for use with Google’s latest Android and Chromium open-source mobile operating systems. Humanos utilizes Insyde Software’s Quick-to-Launch UEFI Software, giving mobile PC users immediate access to an expanding set of mobile applications through the instantly available operating environment. Many of today’s open source operating systems provide mobile platforms the opportunity to integrate lots of new functionality within a very small footprint. Humanos from Insyde Software addresses the increasing demand for these open source operating systems by implementing them as secondary instant-on software environments to Windows based platforms or as standalone “app ready” user-friendly environments. This solution provides easy integration and great performance through Insyde Software’s UEFI Instant-On technology, and brings additional value to the platform. Additionally, platforms featuring Humanos can access Insyde Market, the world’s first Android applications market for netbook computers. Insyde Market features a growing list of Android applications optimized for the mobile PCs, which provides a continual source of added value for users and platform manufacturers that choose to include Humanos.

http://www.insyde.com/products/humanos
http://www.insyde.com/products/androidsolutions
http://www.insydesw.com/press_news/press-releases/insyde%C2%AE-software-collaborates-intel%C2%AE-china-bring-android%E2%84%A2-50-latest-intel%C2%AE

Optane memory

~ hucktech ~ Leave a comment

One of the things at Intel’s IDF last week was Optane 3D Xpoint memory. It sounds very interesting, I’m still not sure of the firmware “RAMifications”:

There are multiple news sites that provide detailed background on Optane:

http://www.theplatform.net/2015/08/18/intel-reveals-plans-for-optane-3d-xpoint-memory/

http://forwardthinking.pcmag.com/none/337065-intel-details-3d-xpoint-memory-future-products

http://www.forbes.com/sites/tomcoughlin/2015/08/21/optane-drives-future-intel-processors/

https://thestack.com/data-centre/2015/08/20/intel-optane-will-use-new-3d-xpoint-memory/