Video: Intel's patcher for Specter variant 4 will slow down your CPU.
Open-source champion Bruce Perens has called Intel to add a new limitation to the software license agreement along with its latest CPU security updates to prevent developers from publishing software benchmark results.
The new clause appears to be a feature of Intel to legal gag developers to disclose performance impairment due to its limitations for Specter and Foreshadow or L1FT error (L1FT) error speculative attacks.
"You do not want and will not allow any third party to … publish or provide any software reference or comparison test results," Intel's new deal says.
The new term appeared with the repairs for the "L1
Performance hits are a concern for users, and Intel is facing multiple lawsuit from investors over handling the case.
The chip producer argued when it revealed L1FT that "there has been no meaningful performance impact observed due to reduced measures" to PCs or data center equipment.
Another part of license blocking redistribution appears to have caused Debian maintenance partners to also hold back to Intel's patch, as reported by The Register.
But Peren believes that greater concern lies in Intel's requirement not to publish references.
"Since the microcode runs for each instruction, this appears to be a usage limitation on the entire processor. Do not run your reference on everything, not even on your own software, if you" give "or publish the results," he added. .
"So many people are interested in the speed penalty imposed on microcode fixes, and Intel has now tried to gag someone who would collect information to report on these penalties, through a license in the license.
Perens expects Intel to remain should own damage caused by patches.
"Silencing freedom of expression of those who would only publish reference marks? Bad business. Customers can not trust your components when you do. "
UPDATE 12:15 ET, August 23, 2018 An Intel spokeswoman replied," We are updating the license now to address this and will soon Get a new version available. As an active member of the open source community, we continue to welcome all feedback.
Researchers have broken Intel's software guard extensions, system management mode and x86 based virtual machines
The patches, as expected, brought Linux performance down, but their influence has not been as bad as feared.
Oracle's latest Linux solutions: New Specter, Lazy FPU patches steak up defense
Oracle has new fixes available for Specter errors affecting Linux systems on Intel and AMD chips.
First Intel, now AMD is also facing multiple class suits over Specter attacks
Customers accus e chip maker of charging premium prices for a defective product
Do you have an old PC? Find out if you want Intel's latest Specter patch TechRepublic
Intel has listed a number of CPUs released between 2007 and 2011, which are not will receive a firmware update to protect against Specter-related exploits.
Class Action Packages on Intel Specter, Melt Error Stop CNET
Since the beginning of 2018, the number of cases has increased from three to 32.