Intel withdraws licence benchmarking restriction following criticism from Bruce Perens

Intel licence accompanying microcode patch had forbidden users from publishing performance benchmarks

Intel has withdrawn the licence clause in this week's Windows 10 microcode patch that forbade Windows 10 users from publishing benchmarks.

The patch was rushed out following the disclosure of the Foreshadow CPU security flaw last week. It also contained new code to mitigate the risks posed by the Spectre, one of the two CPU security flaws publicised in January.

Open-source luminary Bruce Perens had spoken out about what was widely regarded as an attempt to cover-up the performance hit users might experience as a result of the patches Intel has been forced to issue.

These flaws have disproportionately affected Intel microprocessors, with AMD, ARM and other CPU designers and manufacturers much less affected.

Perens was commenting on a new restriction inserted into the software licence agreement that accompanies the latest patches Microsoft has rushed out this week to mitigate the risks posed by the Foreshadow and Spectre CPU security flaws.

"You will not, and will not allow, any third party to... publish or provide any software benchmark or comparison test results," Intel's new agreement states.

Effectively, claimed Perens, Intel was attempting to prevent users from publishing the results of comparative before-and-after benchmarks.

"Since the microcode is running for every instruction, this seems to be a use restriction on the entire processor. Don't run your benchmarker at all, not even on your own software, if you "provide" or publish the results," wrote Perens in a blog post.

He added: "The security fixes are known to significantly slow down Intel processors, which won't just disappoint customers and reduce the public regard of Intel, it will probably lead to lawsuits (if it hasn't already). [Editor's note: It has]

"Suddenly having processors that are perhaps 5% to 10% slower, if they are to be secure, is a significant damage to many companies that run server farms or provide cloud services. I'm not blaming Intel for this, I don't know if Intel could have forseen the problem."

Microsoft issued the stand-alone patches for Windows 10 this week. The patch applies to a wide range of Intel CPUs, from 2012's Ivy Bridge to CPUs bearing the latest eighth-generation microarchitecture, dubbed Coffee Lake.

"This update is a stand-alone update targeted for Windows 10 version 1803 (Windows 10 April 2018 Update) and Windows Server Version 1803 (Server Core)," explains Redmond's support page.

"This update also includes Intel microcode updates that were already released for these operating systems at the time of release to manufacturing (RTM). We will offer additional microcode updates from Intel through this article for these operating systems as they become available to Microsoft."

Mitigation against Spectre Variant 2 needs to be enabled on Windows servers via registry settings, it adds.

The microcode update has been pushed out to protect users against exploits based on the Foreshadow technique, revealed last week. Uncovered by a team including researchers at Belgium's Catholic University of Leuven (KU Leuven), Intel was given plenty of notice before the researchers published their paper.

The updates should be pushed out automatically to the average Windows 10 laptop or desktop, whether users want it or not. But organisations with highly managed IT infrastructures and/or patching processes will require the patches to be manually pushed out.

Article updated 24 August to reflect shift in stance by Intel following Perens' intervention

Computing's Cloud & Infrastructure Summit Live returns on Wednesday 19 September, featuring panel discussions with end-users, strategic and technical streams and a session with guest speaker Inma Martinez. The event is FREE to qualifying IT leaders and senior IT pros, but places are going fast. Register now!