Open-source champion Bruce Perens has called out Intel for adding a new restriction to its software license agreement along with its latest CPU security patches to prevent developers from publishing software benchmark results.
The new clause appears to be a move by Intel to legally gag developers from revealing performance degradation caused by its mitigations for Spectre and Foreshadow or 'L1 Terminal Fault' (L1FT) flaw speculative attacks.
"You will not, and will not allow any third party to ... publish or provide any software benchmark or comparison test results," Intel's new agreement states .
[...] Another section of the license blocking redistribution appears to have caused maintainers of Debian to withhold Intel's patch too , as reported by The Register.
[...] Updated 12:15pm ET, August 23 2018: An Intel spokesperson responded: "We are updating the license now to address this and will have a new version available soon. As an active member of the open-source community, we continue to welcome all feedback."
(Score: 2) by RS3 on Thursday August 23 2018, @10:25PM (15 children)
So where is this valid? Where could Intel prosecute someone for publishing before and after benchmarks? I bet there are countries where Intel can't reach, and someone will publish results.
The fact is, most of us know that performance will take a hit, and that's just the way it is. We have the option of not applying the microcode patches and being vulnerable. And for many of us, Intel has said they will never patch our CPUs.
(Score: -1, Offtopic) by Anonymous Coward on Thursday August 23 2018, @10:35PM (9 children)
its called contract law. Yes, they can sue. Yes they can win.
(Score: 2, Insightful) by Anonymous Coward on Thursday August 23 2018, @10:49PM
No, violation of license conditions and a license is not a contract. I'm not sure they could win a lawsuit as the terms are onerous, being unilaterally imposed after sale to fix a product defect.
(Score: 5, Interesting) by bzipitidoo on Thursday August 23 2018, @10:57PM (7 children)
They can lose too. Contract law is not an absolute and cannot trump other laws. People cannot be held to a contract that enslaves them, forces them to break other laws, or recklessly endangers others. People also cannot always be held to NDAs and non-compete agreements.
But this one was lost in the court of public opinion before Intel even thought of trying it. It was a stupid move, and they should have known better. The powerful have to be repeatedly reminded that they are not above the law or the people. Wonder which moron thought this attempt at censorship was a good idea? The CEO?
(Score: 1, Interesting) by Ethanol-fueled on Thursday August 23 2018, @11:35PM (6 children)
Can't somebody just publish an anonymous article (with easily repeatable results) and then have a trusted buddy in the tech journalism industry publish it? Intel's Jewish lawyers probably thought of that one, too, but maybe not well enough to cover their asses from that extra abstraction-layer.
(Score: 2) by bzipitidoo on Friday August 24 2018, @12:22AM (5 children)
Sounds like Intel's lawyers did think of that: "You ... will not allow any third party..."
But I expect a contract agreement can't oblige one of the parties to become a vigilante. Does Intel seriously expect recipients of their patches to monitor and restrain thousands of users? Did they even think about what they were asking of Linux distro maintainers?
(Score: 2) by Runaway1956 on Friday August 24 2018, @01:10AM (4 children)
As a Linux User, and part of the worldwide Linux Users Group, I don't exactly answer to anyone. Whatever I do, is not by "permission". Linus Torvalds does not "permit" me to do much of anything. I can run benchmarks all day long (or all month long) and publish the results wherever I wish. My readership base is just about nil now, but the Streisand effect would probably cause that to balloon in no time at all. And, I have never signed a contract with Intel or any other tech giant.
In all of the world, is there not one single (already existing and circulated) tech publication with the freedom that I enjoy?
(Score: 0, Troll) by Ethanol-fueled on Friday August 24 2018, @01:56AM (1 child)
It appears to me that you are all chickenshit bastards.
(Score: 3, Informative) by Runaway1956 on Friday August 24 2018, @02:11AM
You should stop looking at the world through your chickenshit colored glasses. Try those silly rose colored glasses. Lev Sheckelzoid recommends them!
(Score: 0) by Anonymous Coward on Friday August 24 2018, @05:52AM
What if you just find one of these computers with the patch at a garage sale or whatever?
(Score: 0) by Anonymous Coward on Friday August 24 2018, @10:33AM
You're quite wrong about that. Torvalds permits you to do pretty much: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/plain/COPYING?h=v4.18 [kernel.org]
(Score: 5, Interesting) by TheGratefulNet on Friday August 24 2018, @12:58AM (4 children)
sudo apt-get remove --purge intel-microcode
fuck it, I'm outta here. I'll take NO microcode to the bullshit they are shoving our way.
the fact that they gag us says it all. I don't need to see numbers. I'm done buying intel cpus at this point.
its not just that they fucked up the silicon (and they have more people and money than they can count, so its NOT a resources issue!) - but they are actively hostile toward the userbase.
fwiw, I used to actually work for intel. I used to like them. that is now all gone.
all it takes to lose decades of repeat customers is one huge fuckup. welcome to that, intel. THIS is what is going to turn people off. not so much the si bugs, but its how you handle yourself. and this is what a total lack of grace looks like.
pitiful. from a once world leader in tech, we get this.
"It is now safe to switch off your computer."
(Score: 1) by Ethanol-fueled on Friday August 24 2018, @01:57AM
Too Late, buddy.
(Score: 2) by RS3 on Friday August 24 2018, @04:36AM (1 child)
I thought the microcode got loaded by BIOS (or EFI-BOOT) or by the kernel? [trundles off to check...] Yep, right there in kernel config. So just make your own kernel, or grab an older microcode and compile it into a newer kernel. May be easier said than done...
(Score: 0) by Anonymous Coward on Friday August 24 2018, @02:11PM
it's what I did to restore performance to a machine that infrequently touches the internet except for the occasional update.
which of course reminded me to check the updates more thoroughly before applying them, after I was unhappy with the result.
I had to get the microcode file from an old backup; I'd never even paid attention to the microcode file as applied by the OS prior to that. This also was before the whole spectre thing. something in the management engine was goofing up my overclocks..
(Score: 0) by Anonymous Coward on Monday August 27 2018, @09:12PM
Update 28 August: new intel-microkernel update arrived in my Mint 18.3.... the glacier moves noticeably faster after that. Even thumbnailing is back to almost pre-Intel-panic speeds, though apparently Ubuntu are ignoring a Gnome vulnerability "fix" on the thumbnailing... but do I trust Gnome devs (new "flat look", Gnome 3,..)