Intel Drops Security Patch Benchmark Ban After Public Outcry

Intel Drops Security Patch Benchmark Ban After Public Outcry

Intel hasn’t had a very good 2018. While the company’s quarterly performance has been excellent, it’s been repeatedly hammered by security flaws, some of which are baked into the fundamental structure of its microprocessors. While these flaws are not unique to Intel, the company has been uniquely exposed by its own market dominance and by certain design decisions it made years ago to enhance its CPU performance. To-date, the company has mostly reacted well, with good communication and prompt updates, but this week, it tried to gag anyone who applied a microcode patch under Linux to fix the Foreshadow flaw (the most recent major security problem). Specifically, it attempted to block anyone from discussing the performance impact of the security updates.

That’s a significant move by Intel, because most of the fixes that have been pushed out for Meltdown and Spectre have at least a small impact on performance in some scenarios. In some cases, particularly with older chips and in certain workloads, the performance penalty can be 10 percent or more. This is a serious problem in an industry where performance gains have been so small, often averaging just a few percent per year on a per-core basis. And Intel, apparently, didn’t want people to find that out.

Buried in the licensing document for the security patch was the following:

Unless expressly permitted under the Agreement, You will not, and will not allow any third party to (i) use, copy, distribute, sell or offer to sell the Software or associated documentation; (iii) use or make the Software available for the use or benefit of third parties; or (iv) use the Software on Your products other than those that include the Intel hardware product(s), platform(s), or software identified in the Software; or (v) publish or provide any Software benchmark or comparison test results. (Emphasis added)

When this blew up in the user community, as one might expect, Intel swiftly backpeddled. The new license reads:

Redistribution and use in binary form, without modification, are permitted, provided that the following conditions are met:

Redistributions must reproduce the above copyright notice and the following disclaimer in the documentation and/or other materials provided with the distribution.

Neither the name of Intel Corporation nor the names of its suppliers may be used to endorse or promote products derived from this software without specific prior written permission.

No reverse engineering, decompilation, or disassembly of this software is permitted.

“Binary form” includes any format that is commonly used for electronic conveyance that is a reversible, bit-exact translation of binary representation to ASCII or ISO text, for example “uuencode.”

It’s not uncommon to see these kinds of restrictions in enterprise deployments — it’s actually normal for large companies to claim the right to prohibit any benchmarking of their products — but in Intel’s case, these demands to not-publish data are taking place in an environment where the company’s previous insistence on a black-box approach only ensured that security vulnerabilities shipped for decades in some of its fundamental products.

Given that Intel is launching a new line of CPUs later this year with hardware repairs in place for some of these issues, it makes sense that it doesn’t want to talk too much about the performance hit its chips take from these fixes. An emphasis on any significant performance declines could be used to either hand AMD CPUs a representative advantage (which Intel obviously doesn’t want) or to argue that any “new” performance improvements delivered by Cascade Lake are nothing but a restoration of performance that Intel’s poor security practices removed. “Our new chips are 20% faster and contain new security features,” is a much more positive spin than “Our new chips improve performance by fixing the bits we broke in the last ones. Can we have $2500?”

Continue reading

Amazon’s Automated Grocery Store Opens to the Public
Amazon’s Automated Grocery Store Opens to the Public

The cashier-free store has been in beta for the last few years, but Amazon now says its automated technology is ready for primetime.

Intel Didn’t Disclose Spectre, Meltdown to US Government Until News Went Public
Intel Didn’t Disclose Spectre, Meltdown to US Government Until News Went Public

Intel has now acknowledged it decided not to inform the US government about Meltdown or Spectre, opting instead to let the news go public. It had no such qualms about warning other customers.

Republican Congressman Jim Bridenstine Confirmed as New NASA Chief
Republican Congressman Jim Bridenstine Confirmed as New NASA Chief

Bridenstine currently serves as a Republican US Representative from Oklahoma, making him the first politician to take the reins at NASA.

Fake-News-Generating AI Deemed Too Dangerous for Public Release
Fake-News-Generating AI Deemed Too Dangerous for Public Release

Your friendly neighborhood fake news writer could be out of a job if systems like GPT2 become commonplace. For the time being, the researchers who developed this AI consider it too dangerous to release.