https://www.tomshardware.com/news/massive-20gb-intel-data-breach-floods-the-...
n fact, the title of many of the documents do correlate to the list of purported information posted by the leaker:
- Intel ME Bringup guides + (flash) tooling + samples for various platforms - Kabylake (Purley Platform) BIOS Reference Code and Sample Code + Initialization code (some of it as exported git repos with full history) - Intel CEFDK (Consumer Electronics Firmware Development Kit (Bootloader stuff)) SOURCES - Silicon / FSP source code packages for various platforms - Various Intel Development and Debugging Tools - Simics Simulation for Rocket Lake S and potentially other platforms - Various roadmaps and other documents - Binaries for Camera drivers Intel made for SpaceX - Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake platform - (very horrible) Kabylake FDK training videos - Intel Trace Hub + decoder files for various Intel ME versions - Elkhart Lake Silicon Reference and Platform Sample Code - Some Verilog stuff for various Xeon Platforms, unsure what it is exactly. - Debug BIOS/TXE builds for various Platforms - Bootguard SDK (encrypted zip) - Intel Snowridge / Snowfish Process Simulator ADK - Various schematics - Intel Marketing Material Templates (InDesign) - Lots of other things
I'm not touchin' any of this.
Reminds me an awful lot of the story of the PowerVR leak's cautionary tale: https://libv.livejournal.com/26972.html
-Matt
On Thu, Aug 6, 2020 at 3:40 PM Simon Newton simon.newton@gmail.com wrote:
https://www.tomshardware.com/news/massive-20gb-intel-data-breach-floods-the-...
n fact, the title of many of the documents do correlate to the list of purported information posted by the leaker:
- Intel ME Bringup guides + (flash) tooling + samples for various
platforms
- Kabylake (Purley Platform) BIOS Reference Code and Sample Code +
Initialization code (some of it as exported git repos with full history)
- Intel CEFDK (Consumer Electronics Firmware Development Kit
(Bootloader stuff)) SOURCES
- Silicon / FSP source code packages for various platforms
- Various Intel Development and Debugging Tools
- Simics Simulation for Rocket Lake S and potentially other platforms
- Various roadmaps and other documents
- Binaries for Camera drivers Intel made for SpaceX
- Schematics, Docs, Tools + Firmware for the unreleased Tiger Lake
platform
- (very horrible) Kabylake FDK training videos
- Intel Trace Hub + decoder files for various Intel ME versions
- Elkhart Lake Silicon Reference and Platform Sample Code
- Some Verilog stuff for various Xeon Platforms, unsure what it is
exactly.
- Debug BIOS/TXE builds for various Platforms
- Bootguard SDK (encrypted zip)
- Intel Snowridge / Snowfish Process Simulator ADK
- Various schematics
- Intel Marketing Material Templates (InDesign)
- Lots of other things
-- Kind Regards,
Simon Newton
E: Simon.newton@gmail.com _______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-leave@coreboot.org
Matt B wrote:
I'm not touchin' any of this.
Reminds me an awful lot of the story of the PowerVR leak's cautionary tale: https://libv.livejournal.com/26972.html
Luc writes essentially two things there;
1. He had previously worked with those leaked materials under a contract and decided not to view the leak.
That's of course up to him, and noone else knows his contract situation.
2. He claims that someone studying the leaked software becomes "tainted" and could not work on other software for same hardware.
I'm not convinced that this claim is correct, but I do expect that it could vary on one hand with jurisditction and on another with individual contract situations.
The few NDAs that I've seen always had a clause to explicitly exempt materials made available through no breach of (that) contract, and while I am not a lawyer I have always understood a leak (by someone else) to fit that.
Either way, any leaked Intel code can obviously not be contributed to the coreboot project, except possibly by Intel.
Only Intel can publish their code under GPL, if anyone can.
Now that source code for some modern platforms seems to be publically available, actually by far the smartest thing that Intel could do is exactly that - to publish the their source code under GPL.
Anyone interested in the code can get it now, so Intel would be far better off working *with* that community, instead of working against it.
But Intel's contract situation may not allow them to do so. In that case really everyone loses, except perhaps bad guys who don't care about contracts anyway and now save lots of reverse engineering effort
I'm curious to see what if anything comes of this.
//Peter
On Tue, 18 Aug 2020 at 16:27, Peter Stuge peter@stuge.se wrote:
Either way, any leaked Intel code can obviously not be contributed to the coreboot project, except possibly by Intel.
correct, as it should be
Only Intel can publish their code under GPL, if anyone can.
Now that source code for some modern platforms seems to be publically available, actually by far the smartest thing that Intel could do is exactly that - to publish the their source code under GPL.
Anyone interested in the code can get it now, so Intel would be far better off working *with* that community, instead of working against it.
This would be the best outcome based on what is purportedly available. The barn door is open and the horse has bolted, it would make sense to provide pathways to community based projects at this point. Not doing so relies purely on the integrity of community projects that would come to benefit from the data. And not every project out there (or that may start up in future) may have such integrity. And nature abhors a vacuum.
Just want to clarify my position given the replies - my post was meant to be informative of the situation and not in any way encouraging this project to view, distribute and/or include anything from the leak. I was just passing on the news of the situation given the closeness. I probably should have stipulated that, but I figured that as there were no links to actually get the leaked data through the article I sent, that it would take someone going out of their way to actually find the raw leak.
-
Matt B -
Peter Stuge -
Simon Newton