back to article Intel's mystery Linux muckabout is a dangerous ploy at a dangerous time

This is a critical time for the Good Chip Intel. After the vessel driftied through the Straits of Lateness towards the Rocks of Irrelevance, Captain Pat parachuted into the bridge to grab the helm and bark "Full steam ahead!" Its first berth at Alder Lake is generally seen as a return to competitive form, but that design …

  1. SCP

    <sigh> Oh for the happy days of "fixing" your AMD K7 with a 2B pencil.

    More seriously though it does seem perverse that a model of production that should reduce costs to everyone is hamstrung by concerns that some won't "play fair". In several ways I am reminded of Arthur Dent's line of argument with L. Prosser - it all seems very reasonable, but we can see where the bulldozers are going to end up.

  2. Michael Hoffmann Silver badge

    Well written, almost poetic!

    Now, for contrast, I'd like to see what Linus had to say about it. I'm always on the look-out for new swear words. Wish he still used his mother tongue more!

    Is there a "pull request declined with most extreme prejudice and unkind words about the submitter's mother"?

    1. Doctor Syntax Silver badge

      I certainly hope so.

    2. Anonymous Coward
      Devil

      "I'd like to see what Linus had to say about it"

      That only depends on how much money Intel pays to the Linux kernel team, I guess....

      1. steelpillow Silver badge
        Megaphone

        Re: "I'd like to see what Linus had to say about it"

        Linus accepted Round One into the kernel. He did not have to, indeed he is notorious for his blunt refusals of shite he takes a dislike to.

        Our vulture was wrong to write "Submitting mystery kernel updates is a security nightmare." No it isn't. Accepting those updates is the nightmare. Ain't it th'truth, Linus?

        >Ding! Ding!< Round Two! Now, get back in the ring boy, and do your stuff this time.

        1. DS999 Silver badge

          What security nightmare?

          Because someone with root access (and maybe also the ability to reboot without someone noticing, as they probably don't support hot feature enabling) could find a hole in it? It only affects CPUs that support it, and you could compile that feature out of the kernel if you know you aren't going to be purchasing upgrades for CPUs.

          While I suppose it could be a method for Intel to add a backdoor, that ship sailed long ago with microcode updates, management engine, etc.

          1. bombastic bob Silver badge
            Linux

            Re: What security nightmare?

            Compiled into the kernel? (other than embedded, who does this any more?)

            I would expect that this kind of support would be in a dynamically loaded kernel module, loaded as needed.

            1. DS999 Silver badge

              Re: What security nightmare?

              If it is compiled with support for the module then even if the module isn't present on the system an attacker could provide an identical copy (i.e. bring one from another RHEL install) so to be really sure you probably want to compile it with a 'N' for that feature than an 'M'.

              1. bombastic bob Silver badge
                Meh

                Re: What security nightmare?

                in order to insert a kernel module you need to be root

                in order to modify an existing module you need to be root

                doesn't that kind of defeat the possibility of an exploit?

                1. Anonymous Coward
                  Anonymous Coward

                  Re: What security nightmare?

                  Not necessarily. Modules can be a way to turn a transitory root into a persistent one if you're working on an exploit.

                2. DS999 Silver badge

                  Re: What security nightmare?

                  Only if root is your ultimate goal. If for example there was a bug in Intel's CPU feature enablement functionality that allowed breaking out of a VM, then gaining root would be just a step in the exploit chain.

                  There have been some exploit chains that are five exploits long reported, gathering a little more privilege with each step.

      2. Anonymous Coward
        Facepalm

        Re: "I'd like to see what Linus had to say about it"

        Do you FOSS worshipers believe that Linux is developed by monks in a remote monastery, living of the products of the earth, and mostly of tin air?

        Intel is a platinum sponsor of the Linux Foundation, and many people there live a nice life because of a lot of CORPORATE money funneled into the Linux kernel development (as you don't pay for it, right?), because that companies found it a cheaper way than having to pay many more developers to develop the same code for themselves.

        In turn, don't believe the Linux Foundation will refuse that CORPORATE code just because it comes from a company you don't like. Maybe some has been briefed under NDA about what that code does (and won't tell you), maybe not, still they are not so stupid to block the largest CPU manufacturer just because its code is not anointed enough - Linux is still a commercial endeavour, not a religion, even if some of you believe so...

        1. Anonymous Coward
          Anonymous Coward

          Re: "I'd like to see what Linus had to say about it"

          *snicker*

          It is under a GPL license.

          Of course it is a "religious" issue for a lot of people. You'll find them in a circle at midnight chanting "All Hail Lord Stallman!" while burning ritual copies of the BSD and Apache licenses on sheepskin scrolls...

        2. This post has been deleted by its author

    3. bombastic bob Silver badge
      Linux

      It's the new kinder gentler less profane and angry Linus, now. Extreme prejudice, maybe, but no unkind words about the submitter's mother.

      Some dry wit and well targeted adjectives might be in order, though...

      Intel has to consider the perception of "unlock keys" for their hardware. I think it will cause them to lose sales. I bet AMD is paying very close attention. (they could easily implement this as part of the final assembly and test process and not reveal it exists outside the company, then just sell it with a different model number)

      Also worth mentioning, RPi has a feature unlock key for a hardware MPEG decoder last I checked.

      1. Jon 37

        RPi explained the MPEG decoder unlock. It's to pay for a patent license for the MPEG patents. If you're not going to use it, you shouldn't have to pay, so they don't include those charges in their board prices. And if you are going to use it then it's the patent holder's fault you have to pay. RPi don't make any significant money on the unlock codes, they mostly just cover their costs.

        1. James Hughes 1

          Not sure why you got the downvotes, you are correct. Although the key is no longer necessary on the Pi4, as it can software decode well enough without the need for the HW.

          1. Carrawaystick

            that and all the mpeg2 patents are expired anyway

      2. Peter2 Silver badge

        AMD has been selling lower core count CPU's since forever. Remember the x3 cores back in the Phenom days?

        AMD's MO has always been to test the hardware and then disable a core if it doesn't work properly and then sell it as a treble core for a bit less than the full quad core. Sometimes you could re-enable the additional core with software, and sometimes it worked properly most of the time without problems.

  3. Doctor Syntax Silver badge

    "After the vessel driftied through the Straits of Lateness towards the Rocks of Irrelevance"

    Are you saying they Haven't A Clue?

    1. Flocke Kroes Silver badge

      I think he is saying that Intel was drifting off to sleep and sleepy. They were a bit mimsy but perhaps they a switching back to uffish.

      1. PerlyKing

        Footnote

        For our overseas listeners, I think that the good Doctor was referring to the closing lines of that antidote to panel shows, BBC Radio Four's "I'm Sorry I Haven't A Clue", which is traditionally closed by the host using an expression like that. A few of them are collected here, from which I extract this gem:

        "As the rogue purple underpants of time begin their assault on the whites-only wash cycle of destiny, and the twin buttocks of fate are sucked into the malfunctioning chemical toilet of eternity..."

        ... I see that it's the end of the show. Goodbye!

        1. W.S.Gosset

          Re: Footnote

          "As the short-sighted octopus mounts the bagpipes of destiny...."

          1. Boris the Cockroach Silver badge

            Re: Footnote

            Quote "As the short-sighted octopus mounts the bagpipes of destiny...."

            Our legions are ready, they move at midnight to targe.... oopps

            Should have typed

            "The eagle has eyes to match the octopus of destiny"

          2. Michael Hoffmann Silver badge
            Thumb Up

            Re: Footnote

            This sounds like it came from the Foul Ole Ron Book of Poetry.

            Millenium, Hand and Shrimp, see if I don't!

            1. Kane
              Thumb Up

              Re: Footnote

              "This sounds like it came from the Foul Ole Ron Book of Poetry.

              Millenium, Hand and Shrimp, see if I don't!"

              Buggrem'

        2. JimboSmith Silver badge

          Re: Footnote

          For our overseas listeners, I think that the good Doctor was referring to the closing lines of that antidote to panel shows, BBC Radio Four's "I'm Sorry I Haven't A Clue", which is traditionally closed by the host using an expression like that. A few of them are collected here, from which I extract this gem:

          "As the rogue purple underpants of time begin their assault on the whites-only wash cycle of destiny, and the twin buttocks of fate are sucked into the malfunctioning chemical toilet of eternity..."

          ... I see that it's the end of the show. Goodbye!

          RIP Humph, Willie Rushton & Tim Brook Taylor.

          Thankfully the rest of the cast are still with us including Samantha and Sven.

          1. noisy_typist

            Re: Footnote

            Not to forget the late Jeremy Hardy. He added my favourite entry to the Uxbridge English dictionary:

            Trump - noxious emission from an arse.

        3. Inventor of the Marmite Laser Silver badge

          Re: Footnote

          Is it Friday already?

          Nearly time tomput the sprouts on for Christmas.

          1. ectel

            Re: Footnote

            Christmas 2022 i hope!

      2. Anonymous South African Coward Bronze badge

        Time to get out the snickerty snack vorpal sword then?

    2. This post has been deleted by its author

  4. Anonymous Coward
    Anonymous Coward

    I agree with the intent of the article whole heartedly.

    But I must point out that Linux land has been quite happy to leave things "hidden" when it serves their purpose, like being able to play games with their NVidia hardware...

    1. John Brown (no body) Silver badge

      Not exactly. Ask most users about which graphics card to use on *nix, and many will say "anything supported but try to avoid NVidia if possible."

      1. Anonymous Coward
        Anonymous Coward

        Not one person I've ever met, online or off.

        I guess I don't know any raving FOSS fanatics, just "regular" developers that use the best tool for the job from those made available.

        In my case, every Linux box got an old NVidia card I had lying around from the last gaming system upgrade. The next one gets a GTX1650.

        1. bombastic bob Silver badge
          Devil

          I also like NVidia. I have no problem with BLOBS because sometimes they are necessary, for regulatory reasons (WiFi drivers) as well as graphics stuff. So long as the driver has the right hooks that enable kernel reconfig and recompile, that is good enough for me. No need to force everyone to unzip their secret compartments for everyone (and their competition) to go fishing in.

          At least they ARE supporting Linux, and in NVidia's case, also FreeBSD

          (my 2 FreeBSD workstations have NVidia cards and I am happy with them)

          1. John Brown (no body) Silver badge

            "At least they ARE supporting Linux, and in NVidia's case, also FreeBSD"

            True, and I also use primarily FreeBSD and have NVidia cards in my two main boxes. But both a fairly old now, as are the GFX cards in them. The general consensus on the FreeBSD forums is that AMD is the way to go. NVidias support for FreeBSD (and Linux) isn't bad per se, but can be slow to catch up and often doesn't support all function, especially on more recent cards. Their non-Windows drivers very much seem to be an afterthought. But then, like many hardware manufactures, they probably don't see *nix as much of a market and so give it about as much effort as they think is worth it.

          2. Norman Nescio Silver badge

            I have no problem with BLOBS because sometimes they are necessary, for regulatory reasons (WiFi drivers) as well as graphics stuff.

            Er, no.

            You don't need a BLOB for regulatory purposes. You need a signed open database. A BLOB (binary large object), by definition, has no exposed structure, so it uses 'security by obscurity' to conceal what it is doing, and also possible security by encryption as well as not publishing ABIs/register definitions and suchlike.

            You can argue that regulatory data could and should be signed, although some people will argue for the right to absolute freedom ('radical freedom', as described by Jean-Paul Sartre, which encompasses the freedom to break the rules), but if nothing else, having visibility of the code that wants to run on your system would seem to be a reasonable position to take, especially if you are at all personal-security minded.

            You can, of course, decide what code you want to run on your system, but not everyone will want to make the same choices as you, and they might have good arguments for their position.

            NN

        2. Alan Brown Silver badge

          "Not one person I've ever met, online or off."

          Here's one - for the simple reason that Nvidia simply kept borking out when I asked it to do what it did happily in Windows (Quadro with multiple cards and monitors)

          AMD "worked first time"

        3. Zippy´s Sausage Factory
          Devil

          The Nvidia in my Thinkpad is a bear to configure. But as I don't use it for gaming I just disabled it and use the Intel chips instead. Which hurts, but at least means I don't have to reboot to change the brightness.

  5. Warm Braw

    Open source in general is there to be subverted

    There is bound, at some point, to be a major face-off between Open Source and commercial interests. We already have examples of the opposite happening: proprietary graphics drivers because manufacturers refuse to release details of the hardware. Unfortunately in the battle of open vs. closed, it's the users who end up being inconvenienced.

    There are several possible outcomes for the general user. One is that there is an acceptance that Open Source will have to better accommodate commercial interests by providing, for example, binary driver interfaces. Another is that the threat of commercial obfuscation leads to a greater interest in and supply of decent Open Source hardware. I see very little prospect of the former and the latter is still some way off.

    As I've said before, though, I think the power now lies not with the chip manufacturers, nor with Open Source developers, but with the major consumers of silicon - the big cloud companies. They may well want to cut proprietary deals - on their own terms - and will make their own software changes to accommodate them. If you're concerned about corporate carve-ups, that's the place to focus your attention. Don't even expect to be able to buy the CPUs that power cloud services in the future, never mind worry about how they might function.

    1. nematoad

      Re: Open source in general is there to be subverted

      "...a greater interest in and supply of decent Open Source hardware...and the latter is still some way off.

      Most of the hardware I have works well under Linux but then I check if it is compatible on the various Linux compatibility lists. It's the software that gives me problems, especially drivers.

      Having just spent the better part of last week struggling to get my system to use the NVIDIA driver for my video card I have to say that there is ample room for improvement in the handling of drivers in Linux. With the help of some knowledgable people on the PCLinuxOS forum I eventually got my rebuilt box to accept the use of the proprietary driver as the Nouveau one was failing miserably and screwing up the functioning of the whole system. In the end a step back from the current kernel installed as a default to an earlier one, in my case 5.10.81-pclos1, did the trick but if the Nouveau driver had been better I would not have had all the trouble I did have just to get a decent output on my monitor.

      It goes against the grain using proprietary stuff on my Linux boxes, one of the reasons I started using Linux, but if the alternative is a sub-optimal experience, it's one I am prepared to live with until such time as the FOSS offerings are as good.

      1. Anonymous Coward
        Anonymous Coward

        @nematoad - Re: Open source in general is there to be subverted

        This has been discussed on several occasions here and on dozens of other Linux related websites.

        You can't write a decent driver when the hardware manufacturer withholds crucial specifications from you. The Nouveau driver is written using pieces of information Nvidia reluctantly decides to share with the world and don't expect Nvidia to help in case things are not working properly. To make this clear once and for all, Nvidia team and Linux team are not working with the same set of specs and APIs and only one of the two teams has direct access to engineering team.

        And it's not only Nvidia.

        1. mattaw2001

          Re: @nematoad - Open source in general is there to be subverted

          If I may the nouveau lot have designed and implemented very powerful PCIe snooping/logging tools in Linux which are used to dump what the Nvidia driver is saying to the card.

          That enabled them to reverse engineer a lot of functionality by constantly replaying simple examples with minor variations to the card to see what the command sets were.

          I don't believe Nvidia has been prepared to admit more that they may in fact make zero or more graphics cards when it comes to 3d acceleration for the Linux graphics stack :)

    2. steelpillow Silver badge
      Trollface

      Re: Open source in general is there to be subverted

      There have been many face-offs over the years. Some have reached court. Others have brought changes to the open source licenses. Many have brought forks in which proprietary and open versions duke it out in userland. Copyleft is surely the most significant single weapon in the F/LOSS protective armoury against subversion, which is why GPL licenses have tended to a Darwinian rise and rise.

      If you want binary driver interfaces in the kernel, why not submit some patches? But you'll have to open up the functionality so your fellow open-sourcerers know which bits to leave alone when squashing bugs and vulnerabilities.

      Oh, and didn't you know? The SOC houses are turning to RISC-V in a big way now, as the only way to feed their growth - precisely because it is open-source. So yeah, do encourage the incumbents to go against the flow, close the doors and see if they can hold out against the siege. Give us all a laugh.

  6. Pascal Monett Silver badge

    It's only submitted code

    It doesn't have to be accepted.

    If the Linux kernel managers don't like it, they can refuse to incorporate it.

    Which, apparently, they should.

    Because indeed, if they can't test it, they can't trust it, and if they can't trust it, why include it ?

    1. Falmari Silver badge

      Re: It's only submitted code

      @Pascal Monett my thoughts exactly.

      Why would Linux kernel managers except code into the kernel that they can't test and therefore trust.

      In the case of this code I would expect they will refuse to incorporate it as it can not be tested, because you can't test something:-

      A) If you do not know what it is meant to do.

      B) There is no hardware to test it on.

    2. Roland6 Silver badge

      Re: It's only submitted code

      >If the Linux kernel managers don't like it, they can refuse to incorporate it.

      Which, apparently, they should.

      It should be rejected with extreme prejudice, until such time as Intel puts the full API and 'MIB'(*) for the Intel Software Defined Silicon (SDSi) into the public domain and thus usable under the same licence as Linux, enabling ALL CPU chip manufacturers to build chips using this interface without payment of any royalties to Intel.

      Linux is Open Source, the core distribution doesn't need extensions for proprietary features embedded in it.

      (*) I use the term MIB to mean the data strings, currently Intel proprietary, that will turn on/off chip features. Yes I know the features contributed are just data string transfer agents, but might as well start with a fully open specification and feature set.

  7. Flocke Kroes Silver badge

    Paranoia?

    In principle I am content to get my crippled CPU at a price the is effectively subsidised by other people paying for uncrippling keys. In practice I have been burned by Intel's inadequate support for their lowest end products too often. Perhaps Intel will test their driver updates on all their CPUs or perhaps they will decide that it is not worth the bother to test on the most crippled variations. I would also be concerned that part number XQ9100 gets good reviews but what is actually sold is part XQ9I00 and converting the I to a 1 requires a $299 key. Intel could also provide all new CPUs with a free x10 performance key ... that has a 12 month life span.

    I only consider Intel when there is strong competition from AMD

    1. ThatOne Silver badge
      Devil

      Re: Paranoia?

      > could also provide all new CPUs with a free x10 performance key ... that has a 12 month life span

      "Could"? No, it's the whole point! "As a Service" is nowadays the wet dream of every bean counter, as it doesn't only allow full 24/7 control of the users (no hacking), but also yields a nice continuous income: Pay up, whatever we ask for, else your precious CPU turns into a pumpkin.

      I'm ready to bet that some "unlock your CPU" feature with weekly/monthly fees is arriving momentarily. It will obviously try to appeal to peoples' greed, like "why pay for CPU power you don't need right now? Be smart and sexy, pay only for what you need, when you need it!"...

      1. GuildenNL

        Re: Paranoia?

        Use cases support both, and as long as own vs SaaS are both available, that's fine. Just use your brain.

        I rent a Caterpillar product when I need one, but I own 23 and 21 yr old cars that were expensive when I bought them new, but still serve me well today. I won't be moving dirt with either BMW, and have no need to.

        1. ThatOne Silver badge

          Re: Paranoia?

          > I rent a Caterpillar product when I need one, but I own 23 and 21 yr old cars

          That's irrelevant, because you had the choice, and obviously did what makes sense for you. My own car, also initially expensive, is now 15 years old BTW.

          The trend (not only in IT, about everywhere) is to not offer the option to purchase items anymore, but only conveniently overpriced subscriptions. Think how much you initially paid for your cars, versus what 23 and 21 years of subscription would had cost you! Subscriptions make sense for them, doesn't it, and it's about what makes sense to those who take the decisions, ie. the bean counters.

          Don't ever be so naive as to think they might want to satisfy you (why?), all they want is to increase quarterly profits.

          1. dajames

            Re: Paranoia?

            Think how much you initially paid for your cars, versus what 23 and 21 years of subscription would had cost you! Subscriptions make sense for them, doesn't it ...

            Subscription can sometimes make sense when the product is needed only for a short time, and the cost of outright purchase cannot be justified over that time.

            After 20-odd years the cost of outright purchase of most things will have been amortized down to the proverbial nutmeg, and subscription would have made no sense at all.

      2. nijam Silver badge

        Re: Paranoia?

        "As a Service" appears to have much in common with a protection racket.

        1. SCP

          Re: Paranoia?

          More the sort of product CMOT would be pleased with. Perhaps this sort of thing ought to be regulated by professional Guilds.

    2. a pressbutton

      Re: Paranoia?

      Subscriptions are a bit of a loser

      Out in the real world, Intel instantly loses a lot of its market - or exposes the keys that make the speedups work

      Having hardware that needs to phone home removes Intel from the purchasing lists for

      - Defense

      - Govt

      - Banking

      - Infrastructure

      - any security conscious Corporate

      - any security conscious private person

      If they provide one off keys, they will leak / be discovered in short order.

      1. ThatOne Silver badge

        Re: Paranoia?

        > Having hardware that needs to phone home removes Intel from the purchasing lists for [list]

        Funny enough all those entities you listed already use "cloud computing", where not only the hardware talks to the mothership, but actually your precious secret data itself is stored "somewhere", potentially even in a different country, available to a host of employees you don't know and have no control on.

        So no, I don't think this will scare the bean counters, especially if served with a side dish of "pay only for what you need, when and if you need it".

        1. Alan Brown Silver badge

          Re: Paranoia?

          > I don't think this will scare the bean counters, especially if served with a side dish of "pay only for what you need, when and if you need it".

          What I've found scares the beancounters is when you sit down and work out exactly how much that's going to cost if you're doing more than casual computing or storage on someone else's hardware

          One group got roped in by claims of free storage - and then hit with very large bills for reading what they'd saved. To make matters worse it was a global FTP archive and got hit _hard_

          No it wasn't me smirking away when they told us they'd found a cheaper solution and saying "give it 6 weeks, they'll be back singing a different tune" - honest guv

          1. ThatOne Silver badge

            Re: Paranoia?

            > when you sit down and work out exactly how much that's going to cost

            I agree, but unfortunately most of the time that decision is taken by somebody without a clue, according to some irrelevant financial CAPEX vs. OPEX considerations (or some golf buddy's advice).

            If we lived in a perfect, rational world we would had noticed, wouldn't we...

      2. Pascal

        Re: Paranoia?

        It could easily work with an internal key in the CPU that intel needs to counter-sign to activate a feature, that can easily be done a) offline so "phone home" component, and b) with zero danger if the key leaks because it will only activate the feature for that one particular chip.

        Of course Intel's private key that signs all these things would be prime target for leaks/espionnage!

        1. Charles 9

          Re: Paranoia?

          But when was the last time a key of THAT nature got compromised? It's only in one, maybe two places, so it's s lot easier to guard.

  8. Al fazed
    Thumb Up

    Does this mean

    that in the near future - Intel's customers will be faced with the dire need to rip out and replace all of their recently purchased Intel produced hardware, just like we did with the Huawei 5G stuff.

    Maybe it's a trend, Intel closely followed in third position by NVidia .............. someone is losing gound on the straight.

    FFS it's a sign of the times, the software we must use is almost totally shit (Win 8/10/11) and the hardware it's running on is f**king unreliable with baked in backdoors and undisclosed instructions sets. Well no one actually knows about that anymore ............. just what we all need on the back of this Damnpanic, eh.

    ALF

  9. Arthur the cat Silver badge

    if your business model cannot withstand reality, it is not reality at fault

    That should be burned into every boardroom table in the world.

    1. Doctor Syntax Silver badge

      Re: if your business model cannot withstand reality, it is not reality at fault

      Or the foreheads of the board members.

    2. knarf

      Re: if your business model cannot withstand reality, it is not reality at fault

      Boardrooms and reality are non intersecting entities, its stuffed with power plays, egos, short term bonuses, gouge markets and customers and then its just a roll of the dice.

      Intel would really like to slow innovation and enable better R&D return aka profits, this is what they have been doing for years until AMD kept them awake at night. Now Apple is spinning its own ARM (which it gets for free as its in its original funder contract). Now everyone is going.... hmm... if Apple can (MS was there first with ARM PCs, but as always its original effort was lacklustre at best).

  10. W.S.Gosset
    Thumb Up

    Hey Rupert

    Bloody good article, mate. Proper old-skool ElReg.

  11. Anonymous Coward
    Anonymous Coward

    Each CPU can have a readable unique identifier, and that CPU can only be unlocked with a corresponding secret key, which Intel will send when it receives the unique identifier plus some cash. Every time it boots up the key is fed to the CPU.

    1. dajames

      Each CPU can have a readable unique identifier, and that CPU can only be unlocked with a corresponding secret key...

      If there is a unique per-CPU identifier intel could create a signed 'feature enabling' certificate tied to any given CPU by including the that CPU's serial number in the certificate. All such certificates for all CPUs could be signed with the same intel feature-enabling private key (whose corresponding public key could be embedded in the CPU's microcode to enable certificates to be verified securely).

      There is no need for per-CPU secret keys, which would be a massive administrative overhead for intel.

      (Note that I'm not saying that this is a good idea, or that I want to see such a 'feature' implemented.)

  12. Anonymous Coward
    Anonymous Coward

    We've heard similar stuff before.......

    https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

    *

    ....an OS below the OS you thought was running on your computer.......

    *

    ....self-modifying code out of the control of the user.....

    *

    "TRUST"......yes, I've heard of it!

    1. Steve Davies 3 Silver badge

      Re: "TRUST"......yes, I've heard of it!

      But do we actually TRUST it?

      No we don't.

      Intel get stuffed!

      1. Anonymous Coward
        Anonymous Coward

        Re: "TRUST"......yes, I've heard of it!

        @ Steve Davies 3

        How I agree. But how many people will.buy the new Google phone with the Tensor chip in it. A chip designed by an advertising broker?

        Trust it? I'd lick my own shitter clean before I would trust the thing

        1. This post has been deleted by its author

  13. Steve Davies 3 Silver badge
    Pirate

    Future Intel chips will doubtless have cores and cache disabled until magic numbers appear,

    This means LOADSMONEY being paid weekly to Intel

    Subscription not paid? The system won't even boot into the Bios. It will be a brick until at great cost, a guru from Intel arrives, casts the money runes and brings it back to life.

    Welcome to the Intel Money Machine!

    1. Anonymous Coward
      Anonymous Coward

      Re: Future Intel chips will doubtless have cores and cache disabled until magic numbers appear,

      I think you meant to write Intel Money Engine

  14. Howard Sway Silver badge

    Performance subscription model?

    Seeing as Windows has been threatening a subscription model for "premium" features and services, perhaps Intel is going along with enabling this in x86 chips to enforce the more expensive performance options at a low hardware level. So, Linux would have to support these chips too, but whether or not you'd then need a "premium" subscription for your own processor is as yet unknown. But I would wager that if Intel sees that everybody's raking it in from enforced subscriptions, and "renting not owning", then they'd quite like to hop on that gravy train too.

    This whole "ship the same hardware, but enable features upon payment" model is exactly the same one that IBM has operated for years with its' high end servers and mainframes.

    1. Peter Gathercole Silver badge

      Re: Performance subscription model?

      To be fair, IBM is quite open about it's licensing and charges, unlike this latest Intel move (in fact IBM sells the idea of temporary resource uplift as a feature). But even this could change in the future if these mechanisms are in place.

    2. heyrick Silver badge

      Re: Performance subscription model?

      "perhaps Intel is going along with enabling this in x86 chips to enforce the more expensive performance options at a low hardware level"

      Which is another way of saying "perhaps Intel is going to toss a huge wodge of its potential profits at AMD".

      1. Charles 9

        Re: Performance subscription model?

        I don't know about that. If they do it at the same time as a new CPU release that makes AMD look slow, in a world where raw performance still matters...

  15. Omnipresent Bronze badge

    You Do Not Own Your Computer.

    They can take it, and what ever is on it, when ever they please. It's written into the contract for using the OS. Intel wants to extend this to the hardware, and dangerous for Intel it is. Clogging the hardware with the same drm and extras that bloat the software is obviously very bad for consumers. It also makes the chips more expensive. It stalls innovation, and creates a negative feedback loop from end point users. It presents more points of failure, and the extras will slow their chips with bugs. Increased weight and size? probably. It also keeps the power of the machine in the hands of the few.

    They may have good reasons tho. They may be doing it to keep new AI and Quantum tech out of the hands of the Chinese, or at least making it difficult, and they may be doing it under pressure from the US government.

    1. druck Silver badge

      Re: You Do Not Own Your Computer.

      There is no new AI and quantum tech.

      1. amanfromMars 1 Silver badge

        Re: You Do Not Own Your Computer.

        There is no new AI and quantum tech. ...... druck

        Oh yes there most certainly is ....... and a helluva lot more besides too.

        1. Anonymous Coward
          Anonymous Coward

          Re: You Do Not Own Your Computer.

          @amanfromMars 1

          There can't be, otherwise you would have written an essay of impenetrable prose instead of just 13 words...

    2. ThatOne Silver badge
      Devil

      Re: You Do Not Own Your Computer.

      > They may have good reasons tho.

      Obviously! They are only doing this to thwart terrorists and child botherers, of course. The fact it will make them a whole lot of additional money is entirely irrelevant and coincidental.

      So you'd better all accept it: Think of the children!

      (Didn't downvote you though.)

    3. Anonymous Coward
      Anonymous Coward

      Omnipresent - Re: You Do Not Own Your Computer.

      Oh, brother! Not the Chinese bogeyman.

    4. nijam Silver badge

      Re: You Do Not Own Your Computer.

      > They may be doing it to keep new AI and Quantum tech out of the hands of the Chinese.

      The Chinese are almost certain to develop it first anyway, so that's rather like killing your friends to harm your enemy.

    5. Doctor Syntax Silver badge

      Re: You Do Not Own Your Computer.

      "It's written into the contract for using the OS."

      The only contracts written into my preferred OSs are GPL and BSD.

    6. Anonymous Coward
      Anonymous Coward

      Re: You Do Not Own Your Computer.

      @Omnipresent

      Are you shitfaced?

  16. nautica Silver badge
    Linux

    ...easier to digest.

    “Taco Bell wants to sell you a 30-day taco subscription”

    By Jordan Valinsky, CNN Business

    Updated 9:26 AM ET, Tue September 14, 2021

    https://www.cnn.com/2021/09/14/business/taco-bell-subscription-trial/index.html

    1. Anonymous Coward
      Anonymous Coward

      Re: ...easier to digest.

      I've not bothered to read the article, but I thought Taco Bell worked on a rental model. You rent the taco for several hours.

      1. Alumoi Silver badge

        Re: ...easier to digest.

        Mickey D patented that a long time ago.

        1. Charles 9
          Pint

          Re: ...easier to digest.

          I thought it couldn't be patented, given that's what happens essentially with beer...

  17. Lars Silver badge
    Happy

    Inside Intel

    There is a very interesting book about "old Intel" and Andy Grove named "Inside Intel". Well worth a read.

    There is also a lot about Bill Gates and Microsoft's relationship to Intel then.

    One story that made me smile was when the Intel guys tried to teach the Microsoft guys to take better advantage of the processor, but to that the Microsoft guys responded with - "that is not important. all that is important to us in Windows is features".

    As for all the paranoia, all copy sheets had the text "Secret" or was it "Top Secret" pre printed on them.

    1. ChipShop

      Re: Inside Intel

      I'm not sure why this is supposed to be amusing or shocking honestly. I don't know when your quote is from exactly but I'd say having the processor align with compiler backend req

    2. ChipShop

      Re: Inside Intel

      Not sure why anyone would want the machine and software to work at odds but okay

      1. SCP

        Re: Inside Intel

        Not so much a "want", but a "perfection is the enemy of progress".

  18. ThatOne Silver badge
    Facepalm

    "Open source is there to be subverted"

    Says the article. Obviously any corporate decision maker would consider Open Source as just another means to an end, which is maximizing their profit. The question is how much they can actually hope to subvert it. Will Linux/FreeBSD users have to henceforth pay a monthly subscription to Intel to be able to keep using their workstations/servers? On one side, we have (I quote) "a trickster company, one that ignores its customers and uses its heft to get its own way", on the other a bunch of developers mostly concerned with (other quote) "fixing gender and racially insensitive language rampant in code". That doesn't bode well...

    O wonder!

    How many goodly creatures are there here!

    How beauteous mankind is! O brave new world

    That has such dicks in it!

    1. bombastic bob Silver badge
      Unhappy

      Re: "Open source is there to be subverted"

      if subscription models start to take hold for hardware activation, an alternative WILL present itself, or market forces will drive sales to the floor. It would be like paying rent for your car engine. NOBODY would EVAR do that.

      1. W.S.Gosset

        Re: "Open source is there to be subverted"

        FLW...

        Any "phone home" car can be converted to a rental. Just disable ignition/motor remotely; re-enable when you renew your subscription. Teslas are obvious, but many high-end cars have had that (potential) capability for years.

        The risk is that some dickhead/groupthink thinks to do it and the meme takes hold in the manufacturers, becomes a norm.

      2. W.S.Gosset

        Re: "Open source is there to be subverted"

        !! Bob, we're too late. It's already started. Seriously.

      3. SCP

        Re: "Open source is there to be subverted"

        I thought the lease car market was doing quite well.

        1. W.S.Gosset

          Re: "Open source is there to be subverted"

          Ah, but they had a choice.

          ~2/3 are to businesses despite being a small segment ; private buyers mostly reject the choice.

          Also quite a different investment: ~$0 purchase price/100% upfront discount. And the recurring cost is heavily discounted/structurally subsidised by the implicit sale at end (ie, pay for only depreciation + financing). If future forced-subscription-model reduces sale value of cars, as seems likely (part of the old purchase price now diverted from the owner to the mfr for future subscription payments), that secondhand-sale value will drop, depreciation will rise, and leased cars will become more expensive.

          Negative consequences all round, in other words, if the whole market is forced into one subsector's choice.

      4. Anonymous Coward
        Anonymous Coward

        Re: "Open source is there to be subverted"

        Cough, Tesla, cough

      5. ThatOne Silver badge

        Re: "Open source is there to be subverted"

        > if subscription models start to take hold for hardware activation, an alternative WILL present itself

        Could you elaborate what makes you believe in that all-caps "WILL"? Why would it?

        Don't let me start enumerating all the customer-unfriendly "features" which appeared and became the norm over the years, despite people initially saying "I would never ever buy that"... (Like planned obsolescence, phoning home, ad spamming - Okay, I'll stop here because I don't have the time. But you get the gist).

  19. Anonymous Coward
    Linux

    FaaS

    I fear that Features as a Service, which is ubiquitous in software, is going to continue worming its way into hardware as well. Intel isn't the first and won't be the last to recognize the economics of designing build once, use anywhere chips.

    Consumers, beyond the cognoscenti, don't care. Few companies will object and many will like the idea of buying standardized kit for the entire office with the option to pay for enhanced features for those who need them.

    How Linus and Linux respond is another question. Now it's Intel but tomorrow it might be AMD or Qualcomm, or Nvidia or any hardware manufacturer. How to accommodate (or not accommodate) businesses in open source is a growing problem and I, for one, have concerns but lack suggestions.

    1. Jim Mitchell

      Re: FaaS

      "How Linus and Linux respond is another question."

      As far as I can tell, the article contains no responses from the Linux team (ie Linus) on the topic and presents that no attempt to get a response was made. This makes it feel more like an anti-Intel hit piece without such information.

  20. Anonymous Coward
    Facepalm

    All of this is speculation – but valid speculation.

    Paragraph 14 from the Article:

    > All of this is speculation – but valid speculation.

    No, it's not valid. Speculation cannot, by definition, be valid because it is not based on facts.

    You don't know why Intel pushed this update to the Linux kernel, and you have no clue what it will be used for. In fact, for the entirety of the article, you have no clue what you are writing about.

    This entire article is the written equivalent of an early afternoon talk show on US cable TV. Just as factual and informative.

    1. Anonymous Coward
      Anonymous Coward

      Re: All of this is speculation – but valid speculation.

      It is valid speculation in that it deals with very realistic concerns and issues.

      But you're just trying to spin the meaning of "realistic" to spark an argument. Can't say as I find that surprising.

      We could twist the phrase to be talking about graphics instead; it would be equally irrelevant to the article.

      1. Anonymous Coward
        FAIL

        Re: All of this is speculation – but valid speculation.

        > But you're just trying to spin the meaning of "realistic" [ ... ]

        The only one trying to spin anything here is you.

        The word "realistic" does not occur in my original post. You are making shit up.

        Go ahead and talk about graphics if you want. The article isn't about graphics, and neither was my original post.

        As I've already said: speculation is by definition invalid, because it's not based on facts.

        Merriam-Webster:

        to take to be true on the basis of insufficient evidence

        If that's what you want to waste your time on, go right ahead.

        1. SCP

          Re: All of this is speculation – but valid speculation.

          [speculation] - "to take to be true on the basis of insufficient evidence"

          Is it not the intransitive form in this case - so "to meditate on or ponder a subject".

          Also for valid - "1 : fair or reasonable"

        2. dajames

          Re: All of this is speculation – but valid speculation.

          As I've already said: speculation is by definition invalid, because it's not based on facts.

          Merriam-Webster:

          to take to be true on the basis of insufficient evidence

          Nice one (I don't think)! The definition you cite is far from the only one given on that page.

          The first definition given at your link is:

          to meditate on or ponder a subject

          I also like the definition given by the Cambridge Dictionary:

          to guess possible answers to a question when you do not have enough information to be certain.

          These would seem to suggest that the truth of the matter is that it is always valid to speculate, but that one should attach no particular credence to any conclusion that may be drawn.

          That's not the same as saying that speculation itself is not valid.

          1. Anonymous Coward
            Facepalm

            Re: All of this is speculation – but valid speculation.

            > to meditate on or ponder a subject

            You can meditate and ponder all you want. Meditation, pondering and speculation are not facts, nor do they create ones.

            I can meditate, ponder and speculate about the use, purpose and effect of certain jumpers on an Intel motherboard. That doesn't imply, or prove, that I know anything about them, or that my speculation about their use, purpose and effect is correct, or factual.

            Unless I read a manual that explains what these jumpers do, all my speculation, pondering and meditation amount to nothing more than bullshit. Just like this article.

            It appears that some people confuse their own speculative bullshit with facts.

  21. amanfromMars 1 Silver badge

    For when reinventing the wheel is neither necessary nor possible

    The code itself doesn't say anything about SDSi, instead adding a mechanism to control whatever it is via some authorised secure token. It basically unlocks hardware features when the right licence is applied.

    Whenever necessary and/or advisable in abominable matters which many would prefer to remain secret and widely unknown to humans, a mechanism very similar to the issuance of a limitless company credit card to worthy parties unlocking the power of fiat currency in exchange for proprietary intellectual property restraint and agreed future silence in return for the ongoing facility ad infinitum, is some authorised secure token, second to none and well enough tried and tested to be fully expected a safe bet to make. whilst threats posed are dealt with to a mutually beneficial, positively agreeable reinforcing satisfaction.

    1. Anonymous Coward
      Anonymous Coward

      Re: when... ...possible

      oh....

    2. Anonymous Coward
      Anonymous Coward

      Re: For when reinventing the wheel is neither necessary nor possible

      @amanfromMars 1

      I have upvoted your comment... and I don't know why.

    3. FuzzyTheBear
      Pint

      Re: For when reinventing the wheel is neither necessary nor possible

      You should have been a lawyer or a politician .. upvoted because i didn't understand pants about what you meant .. Vote a manfromMars 1 for president :D

      1. AndyFl

        Re: For when reinventing the wheel is neither necessary nor possible

        Amanfrommars 1 for Prime Minister!

        Nobody can argue with him because half the time they don't have a clue what he is saying!

        Boris, watch out.

  22. heyrick Silver badge

    The idea of building one generic "thing" and enabling different versions of it through some sort of magic has been around for ages.

    I bought myself a video recorder (back circa '98 or so). When opening it up to deep clean the heads one day, I noticed a few links made between two rows of holes in the board. I unsoldered the links and added one of those tiny multi DIP switches in there instead. Some fiddling later, I had NICAM stereo and long play. Both of which were not on the "el cheapo" model that I purchased, but were enabled by changing some links inside. The different models were the same mass produced hardware, and what you paid determined what features were enabled.

    If Intel doesn't think somebody is going to hack this, they are misguided to the point of delusional. No matter how smart a person may think their crypto is, there's always a smarter person that will consider it a challenge.

    From video copy protection to WiFi encryption, all eventually succumb.

    This whole thing seems like a great way to drive business to a competitor. Not exactly a winning idea...?

    1. ChipShop

      Exactly. A winning idea would be a processor that gets slower over five years.

      1. KSM-AZ
        Happy

        Not neccessary to make the CPU slower every 5. The software will bloat up plenty in 5 years making the CPU barely functional.

    2. Charles 9

      Oh? What about the DNS root signing keys?

      For that matter, has ANY "golden key" actually ever been compromised within it's working life?

    3. ThatOne Silver badge

      > If Intel doesn't think somebody is going to hack this, they are misguided

      Your VCR was dumb electronics and never knew you hacked it. If you hack a 2021 "smart" piece of kit, it will simply stop working ("I've been tampered with! Filthy pirate!").

      (Not to mention the phoning home, where the hacked part simply gets told you didn't really pay, so it actually shouldn't work, and shuts down.)

  23. _andrew
    Unhappy

    All PC-platforms already run secret below-the-OS code

    This game (of knowing all of the code your system is running) was lost years ago. All PCs these days have varieties of secure-boot functionality, and whether the secure bits are turned on or not, the boot sequence winds up allocating a chunk of DRAM to various BIOS functions, and a significant chunk of peripheral interrupts route through that blob of mystery code before the host OS gets to see them. How else to you imagine "wake from lan" and other essential features work? And then there's the whole system-management-core issue. You know, that extra core that's running some minix dialect, with a full JVM stack to run the web GUI front end, all buried in there just waiting for the admin with the correct key to turn it on...

  24. ChipShop

    I couldn't be arsed reading it all so may have got it wrong. Anyway, it makes sense for companies to sell products that can be programatically in the field, whether it be an egg box, a Tesla, a processor or an OS. As far as Intel, don't need to maintain and produce so many SKU's, possibility for aftermarket sales without a tock. Am I happy about it i don't know. Not particularly. I hate gatekeeping shit. Also, when a company starts letting marketing direct product development it's probably a bad sign

  25. YetAnotherJoeBlow
    Megaphone

    Let me be the first to thank Gelsinger for my shiny new 128 core chip at a bargain price!

  26. W.S.Gosset
    Alert

    Not just computers! Cars requiring ongoing Subscription too:

    Timing...I just saw this. For now, just a keyfob: instead of a key to unlock, you have to unlock your key.

    But nothing stopping them in future disabling your car's engine, re-enabling it when you pay your subscription. Cars --> CaaS.

    "Toyota owners have to pay $8/mo to keep using their key fob for remote start"

    > Yet recently, as 2018 Toyotas have passed their third birthday, owners have been discovering that the fob’s functionality is dependent on maintaining an active Remote Connect subscription. Vehicles equipped with Audio Plus receive a free three-year “trial,” while Premium Audio vehicles receive 10 years. Once those subscriptions expire, though, the key fob remote start stops working. Toyota didn't change the rules, though that detail was buried in the fine print. When the time comes, Toyota simply cuts off access to one of the functions on the key fob already in the owner’s possession. To get the feature back, owners have to pony up $8 per month or $80 per year.

    ...

    Why the [2018] cutoff? It may seem like an arbitrary date, but it happens to be when Toyota stopped building cars with 3G chips.

    1. W.S.Gosset

      Anyone else remember this?

      The 2030Vision* of the World Economic Forum:

      "I own nothing, have no privacy, and life has never been better".**

      "Everything you considered a product, has now become a service." Tough luck if there's a cashflow hiccup, eh?

      .

      * Interesting list of IT Partners on that page.

      ** Long-memory types will notice that after the backlash from the plebs, they've added-in a very different spin intro, plus changed the headline. IT types will notice that they didn't understand their own CMS and the original is still in the titlebar. Then they deleted the whole page.

  27. James Hughes 1

    Not convinced the article is looking at this the right way

    The premise is that you need a key to unlock a piece of hardware, and that people who don't have the key are going to be pissed they paid for silicon that can do something but doesn't. The people who have paid for the feature look on the cheap one and think "same hardware, but cheaper".

    This is not the way to look at it. It's much simpler to ignore that fact it done by enabling parts of the silicon, just look on it as paying for a specific feature, irrespective of how it is supplied. The fact the HW is there to support it is a bonus! It means you CAN upgrade in place.

    Of course, Intel being sneaky with regard to getting the kernel support is a different kettle of fish, but I see no problems with the premise of keys to unlock extra features. It's done in many other industries after all, with great success.

    1. Ace2 Silver badge

      Re: Not convinced the article is looking at this the right way

      I hope everybody realizes that your CPU already has extras cores and cache that are disabled. Maybe manufacturing blew a fuse on it when it failed test, or maybe it’s the odd man out (7th working core on a product line with 6- and 8-core SKUs). It doesn’t really change that much to make it configurable.

  28. Nursing A Semi

    Different

    It is hard to see how this will be enforced, with software DRM kind of makes sense but for hardware? If I buy a chip it is now mine, if someone figures out how to provide me with a free token to make it better then thats great, I don't see how anyone can complain about what I chose to do with MY chip although I am sure they will try.

  29. Anonymous South African Coward Bronze badge

    I can see our resident BOFH having a go at this "feature" to throttle the Bossly Unit's computer/laptop to near-useless performance levels, then get The Bossly Unit to procure a new top-of-the-range PC/laptop, then unthrottle the original PC, clean it up, and pretend that the new PC/laptop have already been installed...

    ...while getting the new PC/laptop all set up in Mission Control without anyone being any wiser.

  30. Anonymous Coward
    Anonymous Coward

    What are they doing in there?

    https://www.youtube.com/watch?v=04qPdGNA_KM

  31. jobardu

    Linux is a community of people, not a corporation or group

    It is more than a commercial endeavor and not a religion. There is a social contract that keeps the entire Linux community going. It is open source so that users can modify the source code. Open source should also provide a degree of security and privacy so that users can avoid having every word, program, model, comment logged and sold by enterprises and governments. Some of that is now inevitable. The implicit assumption is that such surveillance is limited to national security and is vetted, so out of control agencies and corporations can't monetize the user and turn them into products.

    The Linux community and open source, in general, are being compromised and destroyed. There are two high costs society will pay for doing this:

    1. The open-source community, which has contributed immeasurably to advances in all phases of computing, will dry up, and a fundamental technical advantage to the West and the US will be lost:

    2. The West was founded on Enlightenment focus on individual rights. That is being lost, and we are now entering an era of group rights. Group rights societies are centralized, intellectually stagnant, poorer, and weaker. They are also more cynical and beat down because they have no rights they can rely on to protect themselves and theirs.

    If one agrees with those trends, then sit back and enjoy it. If you prefer more control over your life and some privacy, you should oppose it. Welcome to the new world where the Wokestitution replaces the Constitution, and group rights supersede individual rights.

    1. Anonymous Coward
      Anonymous Coward

      Re: Linux is a community of people, not a corporation or group

      I believe a late Vulcan once said, "The needs of the many outweigh the needs of the few."

      Besides, if you don't believe in the power of groups, try handling yourself against a swarm of army ants.

      Humans are social creatures, first and foremost. To an extent only, yes, but nonetheless not solitary by nature.

  32. linuxdev

    Very good article!

    Very very good article. I could not have said it better myself!

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like