Slashdot Mirror

← Back to Stories (view on slashdot.org)

Intel's ME May Be Massively Infringing on Minix3's Free Software License (ipwatchdog.com)

Posted by ryuzaki0 on from the secret-software dept.

Software engineer (and IP Watchdog contributor) Fredrik Ohrstrom (a.k.a. Slashdot reader anjara) writes: Almost all Free Software licenses (BSD, MIT, GPL...) require some sort of legal notice (legal attribution) given to the recipient of the software, both when the software is distributed in source and in binary forms. The legal notice usually contains the copyright holder's name and the license text. This means that it's not possible to hide and keep secret the existence of Free Software that you have stuck into your product that you distribute. If you do so, then you are not complying with the Free Software license and you are committing a copyright infringement!

This is exactly what Intel seems to have done with the Intel ME. The Minix3 operating system license requires a legal notice, but so far it seems like Intel has not given the necessary legal notices. (Probably because they want to keep the inside of the ME secret.) Thus not only is Minix3 the most installed OS on our recent x86 CPUs -- but it might also the most pirated OS on our recent x86 CPUs!

9 of 251 comments (clear)

  1. Re: Do you think they care? by Z00L00K · · Score: 5, Interesting

    No, just force them to give everyone access to the ME and also how to disable it.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  2. Nothing to see here by Sephr · · Score: 3, Interesting

    Intel paid for a license and the parties involved are under an NDA.

    1. Re:Nothing to see here by Anonymous Coward · · Score: 2, Interesting

      I don't think there was money involved, and i don't think there was an NDA.
      http://www.cs.vu.nl/~ast/intel...

      But they had a license :)

  3. Settlement terms: All CPU code must be released by Anonymous Coward · · Score: 2, Interesting

    But honestly I think we still need to focus on developing CPUs and SoC for which the end-users have complete control over every aspect if we want to inevitably gain control over our devices. We also need a complete set of source code for other chipsets. From wifi an GSM modem chips to graphics and keyboard controllers. It seems that right now the only real project with any progress aiming to do that is EOMA68. Unfortunately this stuff take YEARs and we still don't ultimately have a card or standard compliant device in hand yet. Though there are people already at work on CPUs and similar so it's a start and we do have EOMA68 designs that work and prototypes even if the final cards and devices aren't yet shipping.

  4. Alternate Licenses by neovoxx · · Score: 1, Interesting

    People forget that the software author can always privately license software under whatever terms they like. The likelihood of a company like Intel improperly licensing a piece of software is highly unlikely when more likely is that they obtained a license allowing them to do with it what they want.

    If I or anyone else publishes a work of open source software, we can always negotiate a different license with a company or individual to suit their purposes.

    This isn't unlike the people who freak out when a company has a piece of software they've licensed as open source, but charge for it, then don't have the source freely available - because people think the GPL requires source to be given away when it doesn't. The source must only be made available at reasonable distribution/copying costs when the binaries are distributed. If I want to charge a million dollars for a piece of open-source software I've written, I don't have to give away the source to anyone except the person who bought a license to the software, but a different license can always be negotiated.

    --
    0x68ADA2CC
  5. Re:Do you think they care? by AmiMoJo · · Score: 5, Interesting

    Hate to say it, but once again RMS is proven right. On multiple counts.

    Who am I kidding, I love saying that.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  6. Re:Do you think they care? by TheReaperD · · Score: 5, Interesting

    I favor the corporate death penalty. And I'm not being facetious, in general. I actually advocate for a corporate death penalty. Equifax and Wells Fargo are perfect examples of why it is needed.

    --
    "Be particularly skeptical when presented with evidence confirming what you already believe." -
  7. Prison for not disclosing Intel vulnerabilities? by Futurepower(R) · · Score: 3, Interesting

    Replies to:
    "Our feelings are not doing any financial or reputational damage to the Intel brand."
    and to:
    "... what are the geeks (such a small market that it can not be measured) going to do about it?"

    It is common, I've observed, that technically-knowledgeable people believe they should not get involved with social issues. In fact, however, they have discussions like this one and have a huge amount of power.

    What are the legal issues? Can you recommend Intel or AMD hardware without telling the managers of your company or your customers that the hardware is not secure? Could you go to prison for knowingly selling insecure hardware without informing the customers in a way that causes them to fully understand? Suppose a company loses millions of dollars because Intel hardware you recommended was found to be hackable, especially since that kind of vulnerability has already happened. Can you be found liable?

    "Intel has been richly rewarded for implementing ME and with AMD implementing similar backdoors..."

    Intel SHOULD be "richly rewarded" for that. "Implementing ME" was a good idea. The issue is that was done in a way that Intel has kept hidden, and in a way that customers who don't need that feature are not allowed to understand and cannot control.

    It seems to me that the business side of Intel is not being managed well. What I know about Intel management is from talking with Intel employees, sometimes at conventions, sometimes at social events not connected with technology, visiting an Intel campus during an open house event, and from news stories.

    Here is one example of what I have learned, from a 2013 news story:

    Intel has been emitting fluoride for years without state knowledge, permit. (Sept. 24, 2013)

    Quote from that story: "When Intel applied for D1X approval, the company considered its fluoride emissions insignificant and did not include those. It was only when the company applied for the new DEQ permit required by greenhouse gas regulations that it [Intel] requested a 6.4-tons-per-year fluoride emission limit."

    Intel is putting 6.4 TONS EACH YEAR of fluoride compounds into the air around its plant! Does that seem to you to be good business management?

    My understanding is that there are many areas of bad business management at Intel. The central technological group, however, seems to me to be well-managed. For example, in recent years Intel has released CPUs that provide the same computational power, but lower the electrical energy required. That achievement is good for all humans on the planet.

  8. Re:Intel destroying itself? by infolation · · Score: 3, Interesting

    The option is open hardware. One of Intel's most vocal anti-ME corporate customers is Google, who are gearing up to replace Intel x86-based servers with the OpenPOWER (IBM Power9) platform in data centres, in part, for this very reason.