Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday March 26 2020, @03:24AM   Printer-friendly
from the secret-code dept.

AMD Uses DMCA to Mitigate Massive GPU Source Code Leak (Updated) (archive) (2)

AMD has filed at least two DMCA notices against Github repos that carried "stolen" source code relating to AMD's Navi and Arden GPUs, the latter being the processor for the upcoming Xbox Series X. The person claiming responsibility for the leak informs TorrentFreak that if they doesn't get a buyer for the remainder of the code, they will dump the whole lot online.

[...] In a DMCA notice sent to development platform Github, AMD identified the recently-created 'xxXsoullessXxx' repository and a project titled "AMD-navi-GPU-HARDWARE-SOURCE" as the location of its "stolen" intellectual property.

"This repository contains intellectual property owned by and stolen from AMD," the semiconductor company wrote. "The original IP is held privately and was stolen from AMD."

Github responded by immediately taking the repository down, as per AMD's request. That prompted us to try and find the person behind the repo and to ask some questions about what AMD was trying to suppress. The individual informed TorrentFreak that AMD's GPU source code was the content in question.

The seller was reportedly looking for $100 million. AMD called the information "test files" and says that "the stolen graphics IP is not core to the competitiveness or security of our graphics products".

Also at TechRadar and Tom's Hardware.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 4, Informative) by takyon on Thursday March 26 2020, @03:58AM

    by takyon (881) <reversethis-{gro ... s} {ta} {noykat}> on Thursday March 26 2020, @03:58AM (#975718) Journal

    I think this is the sanitized version:

    https://github.com/xxXsoullessXxx/GPU-hardware-source-pt.2 [github.com]

    Found by searching text from a screenshot. I'm surprised that is still up even if it doesn't have leaked code in it.

    --
    [SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
  • (Score: 5, Informative) by edIII on Thursday March 26 2020, @04:36AM (1 child)

    by edIII (791) on Thursday March 26 2020, @04:36AM (#975727)

    Copied. Not Stolen.

    --
    Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 3, Funny) by DannyB on Thursday March 26 2020, @03:20PM

      by DannyB (5839) Subscriber Badge on Thursday March 26 2020, @03:20PM (#975912) Journal

      Back when Wikileaks was a new thing, and this is a vague memory, I seem to recall Hillary saying that the stolen digital documents should be "returned". I believe I read that on TechDirt, saying that's not how "digital" works.

      --
      People today are educated enough to repeat what they are taught but not to question what they are taught.
  • (Score: 5, Insightful) by bzipitidoo on Thursday March 26 2020, @04:42AM

    by bzipitidoo (4388) on Thursday March 26 2020, @04:42AM (#975731) Journal

    I too would like to see this incorrect and incendiary use of terminology stopped. It's right up there with "illegal downloading" and the iconic yelling of "fire" in a crowded theater.

    It'd be hilarious if the perps sued AMD for libel, and won that one, even if they are guilty of a hundred other crimes in this matter.

  • (Score: 2, Interesting) by Anonymous Coward on Thursday March 26 2020, @04:51AM (7 children)

    by Anonymous Coward on Thursday March 26 2020, @04:51AM (#975739)

    I often wonder how far ahead we would be if we just did away with patents and copyrights altogether.

    Instead of progressing as a species we allow ourselves to remain stuck with artificial constraints.

    • (Score: 2, Insightful) by Anonymous Coward on Thursday March 26 2020, @05:16AM (6 children)

      by Anonymous Coward on Thursday March 26 2020, @05:16AM (#975750)

      I'm not entirely against intellectual property. The problem here is that anything useful is a trade secret (as in this example with AMD) and what ends up getting patents are a bunch of broad ideas intended to be accidentally infringed upon by others. Patents were supposed to be about giving us what these companies would otherwise keep secret but we don't see that happening here. Instead companies are trying to keep their useful stuff secret while obtaining whatever useless patents they can obtain for the sake of having patents to cross license and sue others.

      • (Score: 5, Informative) by deimtee on Thursday March 26 2020, @05:37AM (4 children)

        by deimtee (3272) on Thursday March 26 2020, @05:37AM (#975754) Journal

        The problem you describe isn't with patents, it is with the legal protection of "trade secrets". The idea was you got a choice, legal protection of your monopoly OR you tried to keep it secret. There should be absolutely no legal protection for secrets. You decide on that option and people find out, tough luck.

        --
        If you cough while drinking cheap red wine it really cleans out your sinuses.
        • (Score: 0) by Anonymous Coward on Thursday March 26 2020, @12:48PM (3 children)

          by Anonymous Coward on Thursday March 26 2020, @12:48PM (#975832)

          "There should be absolutely no legal protection for secrets."

          Seems like the theft, extortion, and breaking into other folks computer rules should still apply.

          Using DCMA should be an unfair misapplication of the copyright bargain without an intent to publish or eventually put in the public domain.
          A little too much of an eat and keep your cake situation to be advancing the useful arts.
          But probably the law. So, write your congress critter.

          • (Score: 2) by deimtee on Thursday March 26 2020, @12:55PM (2 children)

            by deimtee (3272) on Thursday March 26 2020, @12:55PM (#975835) Journal

            Seems like the theft, extortion, and breaking into other folks computer rules should still apply.

            Yep. They sound like crimes alright. What do they have to do with legal protection of secrets?

            --
            If you cough while drinking cheap red wine it really cleans out your sinuses.
            • (Score: 0) by Anonymous Coward on Thursday March 26 2020, @03:43PM

              by Anonymous Coward on Thursday March 26 2020, @03:43PM (#975926)

              "What do they have to do with legal protection of secrets?"

              In this case, they provide sufficient teeth to go after the bad guys without need for making IP rules even more nuts.

            • (Score: 0) by Anonymous Coward on Sunday March 29 2020, @09:42AM

              by Anonymous Coward on Sunday March 29 2020, @09:42AM (#976895)

              What does extortion have to do with legal protection of secrets?
              Nothing much actually - said 'protection of secrets' is handled under contract law, using NDA's etc, and doesn't have anything to do with IP 'protection' mechanisms.

              But extortion does have a LOT to do with IP law.

              Patents are a not 'shields', they are 'weapons'. Quite literally they confer the legal right to commit sanctioned extortion, by levelling a lawsuit at an 'infringer'. No 'protection' -- they do nothing at all if not actively employed -- much like a handgun does nothing to 'protect' you unless actually used to threaten, injure or kill an assailant.

              Patents are essentially the legal equivalent of an ICBM -- no real defence is possible if someone 'engages' with you by starting out with a C&D and going further. There isn't even much you can do if if the patent-wielder's goal is to simply stifle further development. Just like there's not much you can do if a handgun-wielder's goal isn't 'their protection' but simple death, destruction and mayhem.

              This exact thing hamstrung the first major research in to nuclear fusion. Go look up the guy who did that: Farnsworth I believe -- also famous as the inventor of practical television. We might have had functional nuclear fusion already for decades with losing the first generation of work on it so long ago.

              I think to keep things civil, for 'protection', the patent system we have might be in need of a few changes; not least being made compliant with the general prohibition against extortion.

              Right now, as it stands, patent law basically fails at everything it is purported to be 'good' for: It's nothing more or less than old corruption. Hell, it started out literally as a formalisation of corruption via a 'kings' authority to simply demand the market not compete with his 'friend', essentially via edict.

              We've never not had them, really, as long as the formal rule of law has existed. Along with globalisation they are certainly a key chunk of what we as a living planet are doing wrong.

              Posting anonymously, as my name is, in fact, on a patent.
              And yes, I am a coward. But I need to keep my job.

      • (Score: 0) by Anonymous Coward on Thursday March 26 2020, @12:38PM

        by Anonymous Coward on Thursday March 26 2020, @12:38PM (#975828)

        (and for the sake of having patents to avoid getting sued by others because they don't want someone else having that same patent instead).

  • (Score: 5, Interesting) by KilroySmith on Thursday March 26 2020, @04:56AM (4 children)

    by KilroySmith (2113) on Thursday March 26 2020, @04:56AM (#975745)

    So let's assume this is the Verilog or equivalent for the entire chip. What are you going to do with it?

    Even if it was complete and included all the necessary scripts and tools to compile it, you couldn't just send it to TSMC for fab. There would be...questions...asked.

    You can't decide you're going to use it as the basis for your own GPU. By the time you and your ASIC design team could grok the code (presumably without the architecture and design documents) sufficiently to use/modify it, it would be out of date. It's kind of like Microsoft releasing the source to MS-DOS 5.0 - it might be interesting from a curiosity POV, but it ain't gonna help you overthrow the WIntel duocracy.

    There might be bits of IP that you could steal for your own designs, but if you ship a GPU, you can bet that AMD's lawyers will be on your doorstep with an IP lawsuit faster than you can say "Anthony Levandowski".

    A hacker might be able to spelunk long enough to find undocumented capabilities or even bugs in the part - but that doesn't impact AMD's bottom line.

    Any current GPU manufacturer is going to treat this like radioactive garbage. Any engineer dim enough to download it and bring it into a competitor's network will find himself living under a bridge.

    It's possible that a company in a less-IP-friendly nation might wish to develop a local GPU to assure supplies. They could conceivably use the stolen design to eventually develop a homegrown GPU, perhaps 5 years behind the state-of-the-art. It's not clear that this would impact AMD's bottom line anytime in the next decade either.

    So, a big 'meh' from me. Sure, AMD doesn't want the code out there, because some bluenose politician somewhere will get their panties in a bunch about inappropriate comments or somesuch; or some patent troll will spelunk looking for evidence of some infringement on the 15 year old patents they bought by the pound at an auction, but that's about it.

    • (Score: 2) by Rupert Pupnick on Thursday March 26 2020, @11:55AM

      by Rupert Pupnick (7277) on Thursday March 26 2020, @11:55AM (#975815) Journal

      You’re right, even with a complete Verilog database you don’t have the chip layout, package design, qualification testing and so on. It’s really hard to gain a competitive advantage at leading technological edge by stealing IP.

    • (Score: 0) by Anonymous Coward on Thursday March 26 2020, @03:29PM (1 child)

      by Anonymous Coward on Thursday March 26 2020, @03:29PM (#975918)

      So let's assume this is the Verilog or equivalent for the entire chip. What are you going to do with it?

      1) China (or Russia, Israel, or country of choice) uses these and starts up a local domestic competing product. The US is already complaining about "forced technology transfer." This is almost as bad, and would jump-start a new industry by decades.
      2) Organized crime now searches the source for exploitable bugs. Or worse, it leaks out and becomes script-kiddy fodder.
      3) The FBI and other security groups now has "a plausible explanation" about why they should be able to crack into computers. They can use is as cover for Parallel Construction [wikipedia.org]

      That's not even considering how The Ministry of State Security [wikipedia.org] (or FSB [wikipedia.org], DPSD [wikipedia.org], or intelligence agency of choice) uses their state-level resources to examine the source to find exploitable bugs. That's more macroscopic The Great Game [wikipedia.org] style things which has very real effects on international geopolitical things, but is so far removed from individual experiences that most people can't grok it.

      So yes, this actually does have an impact to you and your life. Maybe not as much as a 0-day exploit of Windows, but it should be more than a "meh."

      • (Score: 2) by KilroySmith on Friday March 27 2020, @03:50PM

        by KilroySmith (2113) on Friday March 27 2020, @03:50PM (#976350)

        1) was covered in my comments about "a company in a less-IP-friendly nation". They won't be able to sell it outside their borders, and will be almost as far behind as if they started from scratch. Do you really believe that it would take India, China, or Russia "decades" to build a modern GPU from scratch? Have you ever been involved in a chip design? Didn't think so.
        2) Noted in my comments about a "hacker". So what exploitable bugs do you expect my GPU to have?
        3) I have no idea what point you're trying to make here. What's the link between the FBI and Verilog?

        As far as state-level intelligence agencies - you aren't suggesting that none of those are capable of accessing the design source if they desired are you?

        So, yeah, still 'meh' to me.

    • (Score: 0) by Anonymous Coward on Thursday March 26 2020, @07:57PM

      by Anonymous Coward on Thursday March 26 2020, @07:57PM (#976056)

      What seriously? Hacker be not the least bit curious about how their machines work? I'm disappointed. It's very useful.

(1)