In what ways can an end user of intel processor expect to benefit from this? I'm guessing none, since ever consumer interface is already a standard ... Can anybody chime in?
While it doesn't mean it will happen, depending on what is leaked now and in the future, possibilities include:
1. Verify that debug features that are remotely exploitable are actually disabled in consumer releases of their hardware.
2. Re-implement proprietary parts of the boot sequence, such as activating memory controllers, in an open and public manner that can be more easily looked over for flaws, security and otherwise.
3. Modify parameters and tweak hardware for additional stability or performance enhancements, especially undocumented or disabled(on lower graded chips of the same architecture) aspects of the hardware that may be present.
On the other hand barriers include legal issues depending on what country people working on these originate from, ethical issues, and even industry barring, and this is not exhaustive. Consumers, especially consumers in countries not concerned about the legal aspects will likely gain the most advantages, if any are present.
> but some of that code might help Coreboot development
Unlikely.
Most projects won't come anywhere near this sort of thing. There may be a possibility of doing clean room implementation, but writing the spec based on stolen IP is the problematic step.
Then again, there is a high chance that none of this will be useful.
It will be more or less impossible to prove or disprove that anyone obtained some crucial information from there. The info will always somehow make it's way into the places it's needed eventually.
It doesn’t matter if it’s provable or not, most developers won’t risk it especially if they want to keep their jobs or be hireable.
If you review the content and publish say a blog post, even without legal repercussions it can impact your ability to be hired in the future since everything you do from that point can be tainted.
So if you do look you should keep it quite or publish it under a pen name that you can’t ever take credit for.
My point was that even without anyone taking that risk, the information will spread.
Someone reads the code, mentions it to a friend, who adds it to a blog post, which gets cited in a wiki, which gets read by a developer unaware of the source. If the information is useful, it will end up getting spread.
Say we use the Microsoft Windows code that got leaked, was anyone black listed for that?
Also, I would assume other processor companies hire people from other processor companies and everyone all wants the best, most of the basic knowledge would have already made it's way to AMD and other companies.
But that isn’t basic knowledge, if you work in firmware development, embedded, SOC design etc. and your employer or future employers might be competing against Intel in some market segment (which given the sheer amount of products Intel has isn’t an unlikely scenario) I would be very careful about admitting not to mention publishing content based on this leak.
If you work in a completely unrelated field then you don’t need to care as much.
1. Verify that debug features that are remotely exploitable are actually disabled in consumer releases of their hardware.
2. Re-implement proprietary parts of the boot sequence, such as activating memory controllers, in an open and public manner that can be more easily looked over for flaws, security and otherwise.
3. Modify parameters and tweak hardware for additional stability or performance enhancements, especially undocumented or disabled(on lower graded chips of the same architecture) aspects of the hardware that may be present.
On the other hand barriers include legal issues depending on what country people working on these originate from, ethical issues, and even industry barring, and this is not exhaustive. Consumers, especially consumers in countries not concerned about the legal aspects will likely gain the most advantages, if any are present.