Phoenix answers all our phone-home BIOS questions

And by the way, PhoenixNet is dead

As promised, Phoenix has answered all the questions we sent them about the controversial PhoenixNet BIOS. Now we know why it took so long to get our answers: the scheme was dying quietly as we corresponded.

1. Does the PhoenixNet installation software alert the user to the Net feature and give them a chance to decline to install it? (We understand that the user can disable the service in CMOS setup; but if an option is not present during installation, then the connection, when available, will likely be made without the user's knowledge since only a fraction of users will go into setup before using their machine.)

"When a PhoenixNet-Enabled PC running Windows 98 or ME is initially booted up, the BIOS causes a small application, called the Permission Application, to be enabled. The BIOS performs no other functions related to the PhoenixNet Delivery System after this occurs. The Permission Application presents a display screen than asks the user, following the Windows registration process, whether the user wishes to receive PhoenixNet services. If the user decides not to accept the PhoenixNet offer, an icon is placed on the PC's desktop, so the user can accept the offer later and enroll on the PhoenixNet web site. No other PhoenixNet application is installed if a user declines the offer, and the Permission Application will not launch again, unless the operating system is removed and reinstalled. In that case, the process described above occurs."

2. Are there any versions of PhoenixNet-enabled BIOS which do not offer the option to disable it in CMOS setup? If not, is Phoenix prepared to guarantee that there won't be any in future?

"PhoenixNet was designed to use a Permission Screen approach to give users an easy way to enroll or not in the PhoenixNet service. This feature eliminated any need for a user to go into BIOS setup to disable or decline these services. In some cases, motherboard companies went further and added a switch to the BIOS setup that allowed a PC system builder to disable PhoenixNet capabilities entirely. If the PC was shipped with the switch in the default position, the Permission Screen was displayed and the process explained in answer no. 1 took place. However, if a system builder disabled the option, the process never started. In short, the PC was not PhoenixNet-Enabled.

Because of a change in the PhoenixNet business model mentioned in our response to question 6, motherboard companies discontinued adding PhoenixNet Solutions Delivery clients to their products in the first quarter of this year. The shipments of the product that remain in the channel are from earlier production that will not be resumed." [our emphasis]

3. Certain PhoenixNet installed files, PTLSEQ.DAT; PTLSEQ.MET; and PTLSEQ.RCL, appear to contain some configuration and hardware information related to the individual PC its running on. What data about the PC is sent to Phoenix during the Net connection? Is it recorded? If so, what is it used for and by whom can it be accessed?

"Before a user accepts the PhoenixNet offer displayed by the Permission Application, he or she is provided with a link to the PhoenixNet privacy policy. The privacy policy notifies users that certain information is collected to determine which features to offer the user. This 'tailoring' is based on the user's country selection during enrollment and the operating system language settings. The privacy policy also informs the user that aggregate statistical information may be provided to PhoenixNet's partners. This statistical information is collected only if the user enrolls in the service, and relates to CPU manufacturer and model, amount of RAM, operating system version, and the number and type of connected IDE peripheral devices. No personal information is collected. This statistical information is only used to provide product configuration data to the motherboard companies upon their request. Personal information can only be collected or shared when the user registers for software or services provided by PhoenixNet affiliates, and only then if the user gives his or her specific permission to do so. (See also our response to question 4.)"

4. What data about the PC *can be* sent to the mobo manufacturer during the Net connection? In other words, how flexible is this feature? Could a manufacturer track the aggregate use of their mobos with this feature? Could they track individual use?

"PhoenixNet has no capability to track how the PC is being used by users, whether or not they enroll in the PhoenixNet service. As noted in the response to question 3, aggregate non-personal configuration data is collected in accordance with PhoenixNet's privacy policy from users who enroll in the service. The configuration data is transmitted to the PhoenixNet data center only once, upon enrollment. The aggregated data may be sent to motherboard manufacturers upon request. Statistical data that might be derived from the aggregate data is along the lines of the following: '25% of this model of motherboard in Taiwan use 128MB of RAM'. To date, however, no motherboard manufacturer has requested this data."

5. Is it possible to identify a particular mobo with any feature currently included in, or planned for, the Net service?

"If a user enrolls in the PhoenixNet service, the PC is identified to the service to indicate that the machine is enrolled, and to maintain a record of services that the user has chosen from our Web site. This practice is analogous to the placement of 'cookies' by various web services."

6. We assume that the purpose of PhoenixNet is to attract ad revenues for Phoenix and possibly mobo manufacturers by driving consumers toward commercial products and services which you or the manufacturers have been paid to promote. Correct us if we're wrong.

"Obviously, the success of any free Internet service depends on advertising and similar revenue sources. The weaknesses in this business model have become apparent recently and have been responsible for the termination of many free Web services. Phoenix has concluded that this business model no longer represents a viable approach to delivering services to its users, and the product is being phased out."


There was some confusion in our previous report. The company has clarified its position:

"Since we are clarifying what PhoenixNet Solutions Delivery is all about, we would like to take this opportunity to make one comment on the preliminary responses that were published in the July 8th edition of The Register. The preliminary information we provided stated in several places that PhoenixNet does not collect hardware configuration information or user personal data. This statement is true, insofar as it relates to a user who decides not to join PhoenixNet. For users who decide to join PhoenixNet, we collect certain hardware data and voluntarily provided personal data in accordance with our privacy policy.

"As we hope becomes clear from our enclosed answers, PhoenixNet is a permission-based system that a user must 'opt-into'. Before doing so, the user given the opportunity to review our privacy policy. If the user decides to join PhoenixNet, we may collect certain data in accordance with our privacy policy. Our use and distribution of this data is in accordance with our privacy policy, and industry best practices.

"We hope this clarification and our enclosed answers provide the information necessary to put any concerns to rest over PhoenixNet."

Has it? Hit the e-mail link at the top of the page and let me know what you think. I'll forward your comments to Phoenix. ®

Related Link

Phoenix privacy statement

Related Stories

Phoenix BIOS phone-home questions addressed
Phoenix BIOS mobos phoning home?

Other stories you might like

  • Suspected phishing email crime boss cuffed in Nigeria
    Interpol, cops swoop with intel from cybersecurity bods

    Interpol and cops in Africa have arrested a Nigerian man suspected of running a multi-continent cybercrime ring that specialized in phishing emails targeting businesses.

    His alleged operation was responsible for so-called business email compromise (BEC), a mix of fraud and social engineering in which staff at targeted companies are hoodwinked into, for example, wiring funds to scammers or sending out sensitive information. This can be done by sending messages that impersonate executives or suppliers, with instructions on where to send payments or data, sometimes by breaking into an employee's work email account to do so.

    The 37-year-old's detention is part of a year-long, counter-BEC initiative code-named Operation Delilah that involved international law enforcement, and started with intelligence from cybersecurity companies Group-IB, Palo Alto Networks Unit 42, and Trend Micro.

    Continue reading
  • Broadcom buying VMware could create an edge infrastructure and IoT empire
    Hypervisor giant too big to be kept ticking over like CA or Symantec. Instead it can wrangle net-connected kit

    Comment Broadcom’s mooted acquisition of VMware looks odd at face value, but if considered as a means to make edge computing and the Internet of Things (IoT) more mature and manageable, and give organizations the tools to drive them, the deal makes rather more sense.

    Edge and IoT are the two coming things in computing and will grow for years, meaning the proposed deal could be very good for VMware’s current customers.

    An Ethernet switch that Broadcom launched this week shows why this is a plausible scenario.

    Continue reading
  • Ex-spymaster and fellow Brexiteers' emails leaked by suspected Russian op
    A 'Very English Coop (sic) d'Etat'

    Emails between leading pro-Brexit figures in the UK have seemingly been stolen and leaked online by what could be a Kremlin cyberespionage team.

    The messages feature conversations between former spymaster Richard Dearlove, who led Britain's foreign intelligence service MI6 from 1999 to 2004; Baroness Gisela Stuart, a member of the House of Lords; and Robert Tombs, an expert of French history at the University of Cambridge, as well as other Brexit supporters. The emails were uploaded to a website titled "Very English Coop d'Etat," Reuters first reported this week.

    Dearlove confirmed his ProtonMail account was compromised. "I am well aware of a Russian operation against a Proton account which contained emails to and from me," he said. The Register has asked Baroness Stuart and Tombs as well as ProtonMail for comment. Tombs declined to comment.

    Continue reading
  • As Microsoft's $70b takeover of Activision nears, workers step up their organizing
    This week: Subsidiary's QA staff officially unionize, $18m settlement disputed, and more

    Current and former Activision Blizzard staff are stepping up their organizing and pressure campaigns on execs as the video-game giant tries to close its $68.7bn acquisition by Microsoft.

    Firstly, QA workers at Raven Software – a studio based in Wisconsin that develops the popular first-person shooter series Call of Duty – successfully voted to officially unionize against parent biz Activision. Secondly, a former employee appealed Activision's proposed $18 million settlement with America's Equal Employment Opportunity Commission regarding claims of "sex-based discrimination" and "harassment" of female staff at the corporation. 

    Finally, a group of current and ex-Activision employees have formed a Worker Committee Against Sex and Gender Discrimination to try and improve the company's internal sexual harassment policies. All three events occurred this week, and show how Activision is still grappling with internal revolt as it pushes ahead for Microsoft's takeover. 

    Continue reading
  • Nvidia shares tumble as China lockdown, Russia blamed for dent in outlook
    Sure, stonking server and gaming sales, but hiring and expenses to slow down, too

    Nvidia exceeded market expectations and on Wednesday reported record first-quarter fiscal 2023 revenue of $8.29 billion, an increase of 46 percent from a year ago and eight percent from the previous quarter.

    Nonetheless the GPU goliath's stock slipped by more than nine percent in after-hours trading amid remarks by CFO Colette Kress regarding the business's financial outlook, and plans to slow hiring and limit expenses. Nvidia stock subsequently recovered a little, and was trading down about seven percent at time of publication.

    Kress said non-GAAP operating expenses in the three months to May 1 increased 35 percent from a year ago to $1.6 billion, and were "driven by employee growth, compensation-related costs and engineering development costs."

    Continue reading
  • Millions of people's info stolen from MGM Resorts dumped on Telegram for free
    Meanwhile, Twitter coughs up $150m after using account security contact details for advertising

    Miscreants have dumped on Telegram more than 142 million customer records stolen from MGM Resorts, exposing names, postal and email addresses, phone numbers, and dates of birth for any would-be identity thief.

    The vpnMentor research team stumbled upon the files, which totaled 8.7 GB of data, on the messaging platform earlier this week, and noted that they "assume at least 30 million people had some of their data leaked." MGM Resorts, a hotel and casino chain, did not respond to The Register's request for comment.

    The researchers reckon this information is linked to the theft of millions of guest records, which included the details of Twitter's Jack Dorsey and pop star Justin Bieber, from MGM Resorts in 2019 that was subsequently distributed via underground forums.

    Continue reading
  • DuckDuckGo tries to explain why its browsers won't block some Microsoft web trackers
    Meanwhile, Tails 5.0 users told to stop what they're doing over Firefox flaw

    DuckDuckGo promises privacy to users of its Android, iOS browsers, and macOS browsers – yet it allows certain data to flow from third-party websites to Microsoft-owned services.

    Security researcher Zach Edwards recently conducted an audit of DuckDuckGo's mobile browsers and found that, contrary to expectations, they do not block Meta's Workplace domain, for example, from sending information to Microsoft's Bing and LinkedIn domains.

    Specifically, DuckDuckGo's software didn't stop Microsoft's trackers on the Workplace page from blabbing information about the user to Bing and LinkedIn for tailored advertising purposes. Other trackers, such as Google's, are blocked.

    Continue reading
  • Despite 'key' partnership with AWS, Meta taps up Microsoft Azure for AI work
    Someone got Zuck'd

    Meta’s AI business unit set up shop in Microsoft Azure this week and announced a strategic partnership it says will advance PyTorch development on the public cloud.

    The deal [PDF] will see Mark Zuckerberg’s umbrella company deploy machine-learning workloads on thousands of Nvidia GPUs running in Azure. While a win for Microsoft, the partnership calls in to question just how strong Meta’s commitment to Amazon Web Services (AWS) really is.

    Back in those long-gone days of December, Meta named AWS as its “key long-term strategic cloud provider." As part of that, Meta promised that if it bought any companies that used AWS, it would continue to support their use of Amazon's cloud, rather than force them off into its own private datacenters. The pact also included a vow to expand Meta’s consumption of Amazon’s cloud-based compute, storage, database, and security services.

    Continue reading

Biting the hand that feeds IT © 1998–2022