Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel's ME May Be Massively Infringing on Minix3's Free Software License (ipwatchdog.com)

Posted by ryuzaki0 on from the secret-software dept.

Software engineer (and IP Watchdog contributor) Fredrik Ohrstrom (a.k.a. Slashdot reader anjara) writes: Almost all Free Software licenses (BSD, MIT, GPL...) require some sort of legal notice (legal attribution) given to the recipient of the software, both when the software is distributed in source and in binary forms. The legal notice usually contains the copyright holder's name and the license text. This means that it's not possible to hide and keep secret the existence of Free Software that you have stuck into your product that you distribute. If you do so, then you are not complying with the Free Software license and you are committing a copyright infringement!

This is exactly what Intel seems to have done with the Intel ME. The Minix3 operating system license requires a legal notice, but so far it seems like Intel has not given the necessary legal notices. (Probably because they want to keep the inside of the ME secret.) Thus not only is Minix3 the most installed OS on our recent x86 CPUs -- but it might also the most pirated OS on our recent x86 CPUs!

9 of 251 comments (clear)

  1. No by Anonymous Coward · · Score: 4, Informative

    "Intel's ME **May** Be Massively Infringing on Minix3's Free Software License "
    [Emphasis mine].

    No. They aren't Even the author of Minix thinks it's fine. He thinks it's rude they didn't even tell him. But but didn't have to.

    http://www.cs.vu.nl/~ast/intel/

    1. Re:No by Bruce+Perens · · Score: 3, Informative

      Does not matter what he thinks, what the license itself says is what matters in a court of law.

      If he's the only copyright holder, the decision to sue or not is entirely in his hands. Nobody else would have a right to sue.

      --
      Bruce Perens.
  2. The copyright holder does not seem to care... by williamyf · · Score: 4, Informative

    ... For now.

    1.) AST published an open letter, and the fact that the disclaimers are not posted does not seem to bother him much.
    See here: http://www.cs.vu.nl/~ast/intel...

    2.) Minix3 License, states that, when distributed in Binary form, the DOCUMENTATION has to reproduce the copyright notice and, well, there is no documentation whatsoever abut the ME.
    See here: https://github.com/Stichting-M...

    Having said that, security through obscurity is not a sensible policy, and AST's courtesy is not enough. If intel is using minix, they should say so and print the license.

    --
    *** Suerte a todos y Feliz dia!
  3. The license is four sentences. Read it by raymorris · · Score: 5, Informative

    The Minix3 standard license is four sentences:
    http://git.minix3.org/index.cg...

    The second clause / sentence of the license is:

    --
          * Redistributions in binary form must reproduce the above copyright
            notice, this list of conditions and the following disclaimer in the
            documentation and/or other materials provided with the distribution.
    --

    Intel did not comply with that. Intel violated the license. That's a fact. Tanenbaum isn't too mad about it, and that's fine. If he chooses not to sue them that's all well and good, but it doesn't change the fact that they did not comply with the license. Note Minix can ALSO be licensed under other terms - a company can contact the copyright holders to negotiate a different license, which may include payment. Intel didn't do that.

    They had no right to make and sell copies of Minix as part of their CPU, since they didn't do so under the normal license.

    Many years ago, Minix wasn't open source. It was sold for $69 / copy. After inflation that's about $150 in 2017 dollars. If Intel has unlawfully sold 500 million copies which they'd now need to pay Tanenbaum for - well he could be a very rich man if he chose to. Even at $1 per copy that's $500 million that Intel owes him.

  4. Actual license requirement text by Bruce+Perens · · Score: 5, Informative

    . Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

    This does indeed require that something shipped with the hardware should say that MINIX is in there. Even if there is no documentation provided.

    The BSD license is the most infringed. Most companies get this wrong. Many of them can tell you why they don't use GPL, and then they infringe on the BSD license, putting themselves in exactly the same place (being a copyright infringer) as if they had used GPL.

    --
    Bruce Perens.
  5. Re:SoSuMi by Bruce+Perens · · Score: 3, Informative

    The idea that Intel could violate an IP law is ludicrous.

    Ha ha ha ha ha he he. Haw. Snort.

    First, you can look at the number of patent infringement lawsuits against them, some of which they lost.

    Then, you can consider that any company, regardless of its size, can have a failure of due diligence.

    I get paid to fix them all day long.

    --
    Bruce Perens.
  6. Intel destroying itself? by Futurepower(R) · · Score: 5, Informative

    "ME is turning into a colossal dumpster fire."

    Or maybe the equivalent of a billion dollar ad campaign against Intel.

    Customers don't want spyware. It seems that, if Intel continues to try to force spyware on customers, Intel will eventually go bankrupt. That would be a very, very bad conclusion to the very, very bad management by Intel.

    It is EXTREMELY important for the entire world, in my opinion, that Intel stay healthy. (The world needs AMD to stay healthy, also.)

    Did the present Intel managers lack the social ability to understand that providing hidden access for hidden invaders would damage Intel's reputation? Apparently Intel needs a new CEO. Maybe other Intel managers should be replaced, also. Most of the technology development parts of Intel has seemed healthy to me; it's the business management that is failing, apparently.

    The world was told more than 3 years ago about the hidden control: Secret of Intel Management Engine by Igor Skochinsky. (Mar 12, 2014)

    Intel was told that there would be problems: Intel's Management Engine is a security hazard, and users need a way to disable it. (May 8, 2017)

    Did the present managers lack the social ability to understand that it was likely that hackers would find defects in the Intel Management Engine? One article: Intel Patches Major Flaws in the Intel Management Engine. (Nov 22, 2017) Intel's reaction: Intel Management Engine Critical Firmware Update (Intel-SA-00086). (Dec 5, 2017)

  7. Re:FAKE NEWS! by Anonymous Coward · · Score: 2, Informative

    Sure he did

    http://www.cs.vu.nl/~ast/intel/

  8. Re: Do you think they care? by AmiMoJo · · Score: 3, Informative

    There isn't actually all that much they can do other than demand that every Intel CPU owner gets a copy of the copyright message. Minix was released under a BSD licence so Intel don't have to publish any changes or give up any access, the only requirement being that the acknowledge the original authors and their copyright with every copy they ship.

    At best they could force Intel to waste some money notifying people. Since Intel can't know the details of everyone who bought an Intel CPU (I hope) they would probably have to take out adverts all over the world. That could actually be good though, because it will create more negative publicity about the ME.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC