A huge controversy erupted earlier this week as the license governing Intel’s latest CPU microcode updates redistribution inserted a legally-binding clause that gagged its customers from publishing benchmarks or comparative testing that showed the performance impact of microcode updates that mitigate security vulnerabilities in Intel processors. Intel has since started reaching out to media sites. “We are updating the license now to address this and will have a new version available soon. As an active member of the open source community, we continue to welcome all feedback”, the opening remarks from the Intel spokesperson read. Not long after, Intel updated the license terms to have just three conditions:
Redistribution and use in binary form, without modification, are permitted, provided that the following conditions are met:
- Redistributions must reproduce the above copyright notice and the following disclaimer in the documentation and/or other materials provided with the distribution.
- Neither the name of Intel Corporation nor the names of its suppliers may be used to endorse or promote products derived from this software without specific prior written permission.
- No reverse engineering, decompilation, or disassembly of this software is permitted.
“Binary form” includes any format that is commonly used for electronic conveyance that is a reversible, bit-exact translation of binary representation to ASCII or ISO text, for example “uuencode.”
Sounds good so far, however, the language in the opening remarks got us thinking, whether Intel has two different licenses targeted at two different groups:
1. Big cloud-computing providers such as Amazon Web Services (AWS), Microsoft Azure, Alibaba, Google, etc; and
2. The “open source community” that downloads the microcode update from Intel website and posts performance numbers in news blogs.
TechPowerUp doesn’t just cater to the open source community. We are equally interested to know whether cloud-computing providers are gagged from disclosing performance impact of microcode updates, because a lot more money and jobs are lost as a result of lowered performance/$ or stunted performance/$ growth from cloud-providers.
We are awaiting a specific affirmative/negative from the Intel spokesperson on whether a cloud-computing firm like Amazon Web Services (AWS), for example, is free to disclose performance impact of the latest microcode update to its downstream customers without violating the applicable license governing the microcode update distribution.
Watch this space.