Intel Shows RealVNC Embedded In the BIOS 154
LWATCDR writes "At Intel Developer Forum, Intel and RealVNC demoed RealVNC integrated at the BIOS level. Using VNC, one can now power down, power up, reboot, go into the BIOS, and even mount disk images on the network. All of this has been available for a while using IPMI but now it can be done using the open standard VNC. It is available now on Q57 and Q67 motherboards. One can just imagine how useful this could be in a data center, school, or any other system with a large number of computers. Let's hope AMD joins in."
And how bad it becomes when a vuln is found (Score:4, Insightful)
So..... we've had someone (I forget if it was AMD or Intel teaming up with trend micro to look for malware at the lowest possible hardware level) and then in teh same week an announcement about how you can have remote visuals for your WHOLE system from outside the O/S ?
While its useful if your server decides to hang and you don't know why - but this exists in DRAC cards and other forms of remote management for systems which NEED it. I don't think i've ever had to access the bios of a consumer level device remotely before, or even thought i'd be a wildly good idea...
So when a vuln is found, which it WILL be everyone has to update their bios now? I know of alot of people who are going to be very unhappy about that idea! - hey, at least they could do it remotely? (maybe!)
Re:And how bad it becomes when a vuln is found (Score:5, Insightful)
I don't think i've ever had to access the bios of a consumer level device remotely before, or even thought i'd be a wildly good idea...
You've obviously never worked in kiosks before - this would be endlessly useful for any company supporting a large number of kiosk computers. That being said, your point about possible vulnerabilities are well put. However, we can't let potential vulnerabilities get in the way of advancing technology. Just like I'm sure there will be some creative way for the bad guys to exploit this, I'm just as sure that there will be some equally creative way for the good guys to protect this.
Re:SSH? (Score:4, Insightful)
Because it's not adding a new interface it's connecting to the existing one. You want a tech to be able to correct say broken nic drivers. It's not meant for application sharing etc.