After a terminal receives any piece of control information sent by a management server, if the control information is used to indicate that a foreground operating system of the terminal is a target operating system, the terminal is controlled according to a control instruction carried in the control information. When the foreground operating system of the terminal is not the target operating system, the terminal does not control the terminal according to the control instruction. In addition, the terminal may store a correspondence between a system identifier of the target operating system and the control instruction, so that after the foreground operating system of the terminal is changed to the target operating system, the terminal may further obtain the control instruction based on the correspondence and control the terminal according to the control instruction.

A variety of applications can include apparatus and/or methods of controlling a secure boot mode for a memory system. In an embodiment, a system includes a memory component and a processing device, where the processing device is configured to control a boot process for the system to operate the memory component and perform a cryptographic verification with a host to conduct an authentication of the host. The processing device can interact with the host, in response to the authentication, to receive a setting to control the boot process in a secure boot mode. The processing can interact with another processing device of the system to store the setting and to receive a secure boot signal from the other processing device, where the secure boot signal is a signal to assert or de-assert the secure boot mode depending on a value of the setting. Additional apparatus, systems, and methods are disclosed.

A mobile device includes non-private memory that can store software programs and a private memory that can store copies of the software programs as well as exclusively store trusted programs that are not stored in the non-private memory. The mobile device includes a processor configured to execute the software programs of the non-private memory when the mobile device is in a non-private mode, execute a trusted program only when the mobile device is in a private mode, and enable switching between the non-private mode and the private mode in response to a reboot of the mobile device.

Provided is a non-transitory computer-readable recording medium that stores a control program causing a computer to execute a process, the process including determining whether first microcode stored in a first area of a storage device supports a processor, and when the first microcode does not support the processor, decompressing one of multiple sets of compressed second microcode stored in a second area of the storage device into the first area.

A method of provisioning a self-provisioning computer system is disclosed. The method includes executing code in a secure base activation image to perform various functions. This includes executing an identification process, using a cryptographically created identifier included in the base activation image, with an activation service to confirm an identity of the computer system with the activation service. This further includes confirming system integrity of the computer system with the activation service. Based on confirming the identity of the computer system and confirming system integrity of the computer system, The computer system is unlocked for load installation. Load installation is performed by providing capabilities for the computer system to the activation service and receiving the load based on the provided capabilities.

A method for managing an initiation of a computing system. In an embodiment, the method includes a computer processor detecting that a first computing system receives a request to initiate a second computing system. The method further includes accessing a table that includes information associated with a plurality of storage entities that include bootable OS images, where the plurality of storage entities are included in at least one storage system. The method further includes determining a first storage entity that includes a corresponding instance of a first bootable OS image of the requested second computing system. The method further includes initiating the requested second computing system based, at least in part, on the instance of the bootable OS image of the first storage entity.

A memory system includes a plurality of memory channels, each of the plurality of memory channels includes a plurality of memory dies and a die processor, each of the plurality of memory dies includes a plurality of memory blocks; and a memory controller including a monarch processor, coupled to the plurality of memory channels, wherein the die processor on each of the plurality of memory channels is configured in parallel to process to find last written data within at least a predetermined block of the plurality of memory dies; and provide information regarding the last written data to the monarch processor, the monarch processor determines which boot record to be used to identify firmware images based on the information.

In an approach to allowing a computer to boot from a user trusted device (UTD), the computer comprises a data storage device storing operating system (OS) services, and a version of an OS loader. The UTD is connectable to the computer and stores a boot loader, detectable by a firmware executing at the computer, and an OS loader, and wherein the UTD prevents an unauthenticated user to modify the boot loader and the OS loader stored thereon. The computer then, upon connection, lets the boot loader be detected by the firmware for execution of the boot loader at least partly at the computer, to cause to transfer the OS loader from the UTD to the computer, and executes the transferred OS loader at least partly from the computer, to execute at least one crypto driver for the OS, to start the OS services and complete booting of the computer.

A boot recovery system includes a serial peripheral interface (SPI) storage that stores a primary boot block. A primary SPI controller is connected to the SPI storage through a primary SPI bus. An embedded controller (EC) includes an EC storage that stores a recovery boot block. The EC is coupled to the primary SPI bus through a secondary SPI bus. The EC is configured to determine that the primary boot block should be replaced, retrieve the recovery boot block from the EC storage, replace the primary boot block in the SPI storage with the recovery boot block through the secondary SPI bus, and initiate an information handling system (IHS) reboot process. The determining, retrieving, replacing, and initiating may be performed by the EC while a processing system that is coupled to the primary SPI controller is not in an operating mode.

According to one general aspect, a method may include executing, by a processor of a computing device, a web browser presentation environment. The method may also include presenting at least one web page within a context of the web browser presentation environment, wherein presenting within the web browser presentation environment includes maintaining a first presentation data structure that includes a web browser presentation data structure portion and a common presentation data structure portion. The method may further include receiving a request to move the presentation of the web page from the web browser presentation environment to an emulation-based presentation environment. The method may include moving the presentation of the web page from the web browser presentation environment to the emulation-based presentation environment, wherein moving includes maintaining a second presentation data structure that includes an emulation-based presentation data structure portion and the common data structure portion.