Intel backtracks on security microcode license that outlawed benchmarking | PCGamesN

Intel backtracks on security microcode license that outlawed benchmarking

Intel Foreshadow flaw microcode

Intel has removed a controversial clause in a microcode license after public outcry from across the tech community. Intel landed itself in hot water this week as it published a license for its microcode updates that banned anyone from publishing comparative benchmarks pre/post patch, but has since backtracked on the issue.

The microcode updates fix security vulnerabilities affecting huge swathes of Intel CPUs. The security bugs all come with catchy names like Spectre, Meltdown, and Foreshadow, and utilise speculative execution flaws to break into your PCs precious data. Don’t worry, few, if any, occurrences have been reported out in the wild that we know of.

But it was the microcode patches that Intel was rolling out to mitigate the vulnerability that were expected to be detrimental to users – the impact of which was expected to nerf performance of your rig by up to 10% when first announced back for Spectre and Meltdown. Benchmarks showed that wasn’t quite the case, however, especially for gaming workloads, but Intel recently felt the need to prevent anyone reporting up-to-date mitigation comparison benchmarks.

Since the Foreshadow bug, or L1TF flaw as it’s otherwise known, was reported, Intel has responded with some preliminary measures to lower the impact of the bug until in-silicon fixes are released to the world later this year inside Coffee Lake refresh and Cascade Lake server chips. While non-VM workloads were reportedly not at as great a risk from Foreshadow, VM-heavy implementations, such as some data centre and cloud servers, were sometimes required to even disable Hyperthreading to ensure security.

Intel CPU Foreshadow vulnerability

The now out-of-date license (reported by The Register) originally read:

“You will not, and will not allow any third party to… publish or provide any software benchmark or comparison test results.”

While the legality of such a clause is debated, the initial clause’s phrasing might have meant that any and all benchmarking on Intel systems wouldn’t be allowed to be published anywhere. This has led some onlookers to question whether whoever wrote the license up actually knew the repercussions it would have on the entire industry if enforced.

The licensing reversal has been attributed to a refusal of OS and free software distributor Debian to release the latest security update until the license issue was resolved. Open-source advocate, Bruce Perens, also got involved in the discussion, heavily criticising Intel’s latest licensing move.

Intel VP and GM of open source tech, Imad Sousou, has now confirmed that this final clause has now been removed and the license updated to allow benchmarking on systems yet again. Phew.