172 comments

[ 609 ms ] story [ 367 ms ] thread
If I’m understanding this right, Intel looks at your web browsing to optimize their drivers? Why would you ever willfully share this information with Intel?
They could remove the "website categories" bit and it wouldn't sound as sketchy to be honest. At least it's voluntary.
didn't you know there's a new X-Website-Category header in http/3?

</jk>

It's not truly voluntary unless it's opt-in.
As I understand it, the CIP is opt-in, so it is truly voluntary.

EDIT: Well, it's supposed to be opt-in, but apparently Intel has been sneaking it on user computers without their approval, which suggests that the checkbox used to install it from the driver assistant might be checked by default... so not opt-in.

Well, they state it in the link:

> Intel uses information about your computer's performance to make product improvements that may benefit you in the future.

I'm sure you'll feel better knowing this. /s

i.e. even if they're being completely honest, it doesn't benefit you unless you go back and buy another Intel CPU five years down the line.
Sounds a lot like "register for a chance to win..."
Because I'm always going to buy Intel products?
Probably they want to group their buyers using that browsing information. E.g HN readers tend to have i7 CPUs etc.

While they state only "The categories of websites you visit, but not the URL itself" is transferred. I'm wondering how you do this? The most privacy friendly method would be to have an offline mapping with e.g. the 10000 most visited sites and their categories.

(comment deleted)
I get that data collection has become a contentious issue and I'm a vocal opponent of this trend, but this seems rather harmless, no?

It's an offer to purely voluntarily provide telemetry on non-personal data, no strings attached.

Why does Intel need this information at all?
Surely Intel’s engineers can browse the web themselves to find out what kinds of websites and JavaScript exists and use that knowledge to optimize their microcode or whatever.

Or buy a report from one of the hundreds of companies doing this kind of user tracking.

There’s no great reason why they would need to begin collecting data on each of their users.

> Surely Intel’s engineers can browse the web themselves to find out what kinds of websites and JavaScript exists

They wouldn't have access to the frequency of visits, an important factor.

> There’s no great reason why they would need to begin collecting data on each of their users.

I've given you one above.

Also, it's not "each of their users", it's those voluntarily agreeing to submit this information (as opposed to "you need to install X to unlock feature Y", and installing an executable.

If everything were to go according to plan, it would be harmless, yes. The problem is that data becomes a liability.

The same way having a few sparklers in your closet safe enough, having a few websites of your users is safe. But when you have a huge cache of personal data from large numbers of users, it becomes attractive to foreign governments, foreign gangs, feature creep from questionable law enforcement practices under a corporate surveillance state, unethical domestic lawyers, script kiddies, and so on. It's like having a whole fireworks store in your closet... It just keeps getting harder and harder to store safely the more information you collect!

And you're not totally wrong- at least they're doing the right thing and making this opt-in. However, this collection appears to be one done by a bunch of GPU nerds, which raises warnings that it won't be protected as well as, say, google doc data.

afaik it is a request for opt-in collecting metrics, while still trying to respect your privacy (as much as possible in this use-case).

I won't do that, but if someone agrees I don't see any ethical issue with it.

Is there anything I'm missing?

I'm sorry, but "opt-in" has almost always been a load of BS in my experience. Most examples I have seen look like: "Do you accept these terms? A.) Yes, and continue using our product B.) No, and revoke your access to our product."
Doesn't seem like the case here, you need to participate in the "Intel Computing Improvement Program".
And how long until the installer for some "partner" software enrolls me in this program without my knowledge? (Or only explained deep in some EULA nobody will read...)
Intel software development teams have to comply with internal legal process, meant to safeguard against that.
Well, you're saying metrics and they're saying web browsing data.

You're probably thinking metrics because that's how the program is presented: as a way to help ensure Intel products and drivers are performing well.

But what does browsing data have to do with that?

E.g. I notice the privacy policy covering this data specifically allows them to use the data they collect for advertising and allows them to let their partners use it for advertising as well.

Is that what you were expecting from the Intel CIP?

I dunno why they need it and I personally won't share it, but if they ask honestly, without any manipulation tricks, and people decide to share it, I don't see an issue. Freedom goes both ways.
But there's manipulation tricks. And they ought to be making a fair offer that involves paying you a fair rate to be monitored. It should just come naturally. Otherwise they're using manipulation tricks.
From what I can tell, it's "opt in" in the sense that so long as you're paying really close attention when installing Intel's Driver & Support Assistant, it's technically possible to avoid accidentally turning it on. (However, it is apparently impossible to to avoid installing it regardless of which options you choose in that installer - hence the FAQ item "If I choose not to participate in the program now, can I join the program later?" that says people with that installed can just turn it on from CIP's control panel entry.)
Why on earth would the "category of web sites" be of possible use other than selling the data?

Telemetry is now an attack vector for privacy in general because no one can be trusted with the data.

Not trying to defend intel, just trying to offer a (somewhat justified) answer:

If people are using more streaming services, that means Intel should focus more on their Integrated Graphics platforms. If people are downloading significantly more data than ever before, they should probably make sure their networking drivers receive more support.

Knowing how people use their PC's, even by category, can help Intel manage its driver development.

Right, because if you are using your computer mostly to download stuff, you are OK if your GPU occasionally hangs.
It doesn't have to be that bad. Every organization has constraints - particularly people's time. If Netflix, Amazon, and Hulu come up with some new video codec and plan on releasing it in 12 months into their services, and I know 80% of my consumers use video streaming services, then I know that I should allocate most of my development resources / people towards enabling the new codec on GPU's my company sells.

Knowing how people use your products helps allocate new development features. This problem isn't unique to intel.

Is this codec scenario plausible, that something so significant would be broadly adopted and Intel would need user usage data to decide whether to support it?
Usage data could be very useful for decisions on what to dedicate die area to, and how to price products.

They might find that a market segment doesn't do a lot of playing 3D games, but does spend a lot of time watching Youtube on battery, and so make the decision to drop integrated GPU shader cores and dedicate more die area to video decoding, to make energy efficiency better when watching video.

But now we are not speculating about potential new additions, we want to know utilization of existing circuits to allocate resources & improve in the future. I'd hope this could be measured without collecting a ton of personal data.
These goals blur together. R&D effort, and usage of die area are all justified by market potential. Knowing how large the market for a technology or tradeoff actually is has value.

> I'd hope this could be measured without collecting a ton of personal data.

Intel's claim is that they don't: "we would like your permission to collect [...] The categories of websites you visit, but not the URL itself" also the privacy safeguarding statement at the top of the page.

The whole purpose of CIP is to gather data on actual users' computing needs. For many computer users, the web is most of their computing experience -- it seems appropriate therefore to include usage of the web in the program.

Much like any customer experience study, privacy is an issue. Intel do at least claim to be mitigating the impact to privacy.

Edit: so they need to know every URL I access because they what to improve GPU or their drivers?
Yes

And intel want it for free

That's not what Intel is collecting. From the article:

> what data is collected and how is it used?

> The categories of websites you visit, but not the URL itself

> If I participate in the program, is there any personal information in the data collected?

> Will not include the URL (web address) for specific sites visited

Unless they're shipping a fairly complete domain -> category map to your machine and doing all categorization offline, unlikely, then they absolutely have the ability to collect it, and will "accidentally" do so at some point. We've all seen this movie now, multiple times.

edit: also the knee-jerk reaction most people are going to have to this, is concern about certain categories of websites.

Third party services (e.g. https://www.webshrinker.com/apis/) exist to perform this kind of classification. They'll be doing the classification API calls from the client (CIP-enrolled) machine, then sending the results (and not the domains or URLs that generated them) back to their own endpoint.
Then webshrinker would know everything you visit right ?
> The information collected includes categorized web browsing history that shows how long and how often you visited specific categories of sites (i.e. social media, personal finance, or news). All site visits are classified into one of 30 categories. We do not collect URLs, web pages titles, or user-specific content without explicit permission from you.

From a technical perspective, how does this work? I can only think of two ways:

(1) Intel downloads a big "map" file containing a huge list of pre-defined domains and categories. This means either the categories are pretty slim or you have a GB's big file

(2) Each URL is sent to Intel (aka "collected"). Maybe they don't "store" it ("We promise") but as soon as it leaves your system you have no control on this

They could use a technique like Google Safe Browsing where you send a partial hash of the url, and they send back the subset of the map containing only urls which could match that hash
They can strip the request down to the domain name, hash that with a OTP to do a fuzzy lookup on their end which would be difficult (not impossible) to reverse per reference, but would require APT to do en masse.

There is probably some flaw with this method... curious if others think there's a "safe enough" way to do something like this...

Every organization has constraints and in Intel's case they are constrained to only $70 billion in revenue.
That sounds like a finite number to me.
In 2018, Intel spent $15B on share repurchases and dividend issuances... if more cash could improve their offerings, they aren’t acting like it.
Over 20%. Is there a P/E ratio-analogue, but for this kind of dead weight financialization?
I'm of the opinion they should add FPGAs to everything. Every chip now has an insane amount of die area dedicated to the northbridge or the L3 cache. Anything else turns the junk we buy into garbage the moment everyone switches to a new standard.
Aren’t FPGAs slower than ASICs though?
That depends a bit on whether you count the fabrication time for a new ASIC towards the application startup time when switching applications or not.
Certainly propagation delay is higher. But for many applications it is cheaper to implement them in software than ASICs.

And besides, FPGAs are used for web scale applications, many of them applicable to small computers.

If you have 80% of the desktop market, you can just aggregate web traffic statistics - your customers will be a representative sample
And I should include my private data in this collection because why? I'm not getting paid for it.
You should turn it off; others won't, and their sacrifice will help Intel design products for real world usage.
Yes but they might be people you love and care about
It's funny because you really believe that.
Ask to the providers, not the customers.
No server-supplied metadata is trustworthy enough to base your business decisions on. If 80% of the internet traffic was illegal server-based video streaming, those providers would simply be changing the metadata every time they got “profiled”. Some probly even do it proactively. Intel would be much better off to focus on what the cpu is asked to do (decode 4:4:4 h265 and/or aggressively tune for low latency, for example).
Exactly. Why do they need to know categories of websites? They should be collecting the things your computer is doing from a technical standpoint. Then I could be convinced that they were trying to learn how to improve their products from an engineering perspective. As it stands CIP looks like a way to use the large installed base of their products to improve the marketing/partnership side of their business.
Thy could do that with histograms of GPU load and network load. And that would be far less worrying or abusable.
That’s a very poor excuse for mass collection of personal data. They can easily figure that out from commercial datasets, or even a small-scale research effort.
> a small-scale research effort.

Like the Computing Improvement Program, hosted on an obscure web page and systray menu?

Typically research is voluntary and involves getting informed consent from involved parties.
Is this not voluntary?

> Q: How do I participate in the Intel® Computing Improvement Program?

> A: When you download and install the Intel® Computing Improvement Program, click Accept on the invitation to join.

Ya, I think the key bit of spook that can be derived from the title is that they're using the CPUs to do this, maybe like they're baking it into Intel ME. That's what I first thought until I read the article. It's just intel saying, hey come install our spyware. However it's worth nothing that I bet this will come preinstalled on a ton of devices which is in fact spooky.
Yeah; why not just buy that data from Microsoft? :3
I don't think this is even "somewhat" justified.

The legitimate way to acquire this information would be to purchase it from partners who have a legitimate reason to collect it. If you want to know how popular 4K streaming is, for instance, Netflix, Twitch (etc) can provide that information.

My uninformed guess is that the information would be far less costly and of far better quality than using some large-scale spyware deployment instead. Unless there's something more that can make it worth Intel's while.

Why is Netflix selling my data better than Intel collecting it directly?
Because collecting data about streaming service usage makes sense when you operate a streaming service. I don't see anything inherently wrong with it so long as the information is anonymous.
That is a very, very broad piece of data that could just as easily be found with a simple survey or by buying the flat statistics from ISPs.
Then they can pay to do focus groups, case studies, research and surveys instead of violating the privacy of their users.
Maybe it could have to do with different kinds of CPU workloads imparted by different mixes of HTML, CSS, and Javascript functionality. After all web browser performance is a common complaint.

But realistically it's just for advertising.

Intel has cared a lot about things like JS performance so may want to directly observe what js is being run.

I recall that being a big challenge when I worked on browsers - it’s very difficult to see what users actually encounter beyond “top X website” lists, which are of questionable value.

It seems like you could buy this data anonymously from ISP or the Cloudflares of the world without infringing on privacy.
How is your isp spying on you not infringing on privacy?
They know what servers are accessed from their network by design. They don't need to spy and to give data on an individual level.
Yeah the word "spy" might be debatable but it's certainly something like "snooping".

Just because they process the data doesn't mean they need to record it. I feel like a good analogy here is the ISP is your secretary. Sure they must have access to your documents to do their job, but if they're reading through your stuff for "gossip" or snapping photos of your documents, that'd still be an invasion of privacy.

Yes but ISPs are huge and can limit logging to outbound connections. No individual recording would be done. Privacy is kept -- with a big caveat that deanonymisation of aggregated data is possible in a number of cases, of course, granted.
Because it would be totally anonymous! Trust them!
Sorry, my response was a little short. I should have said that people like your ISP and cloud hosting are/can already spying on us. If Intel wanted this data solely for the purposes of improving drivers, they could buy it from internet connectivity companies. We don't also need them tracking everything we do.
Cloudflare doesn't sell, barter, exchange, etc. data about web browsing. No clue where you get that idea from.
GP says "Cloudflares of the world", i.e. companies providing similar services. We can take your word when it comes to Cloudflare itself, but that doesn't mean your competitors don't sell, barter or exchange data - and frankly, at this point, just possessing this data is grounds for reasonable suspicion. At least it seems to me that whatever value or code of behavior can be broken for profit will get broken by someone eventually.

(And even as we trust Cloudflare of 2019 doesn't do it, who's to say Cloudflare of 2021 will still live by this code? Can you guarantee that? I often find myself wishing for an established way for a company to make legally enforceable vows about its behavior. Maybe there is something like this already?)

Suprisingly recently, I learned that cloudflare does hand over data about browsing and also inspects the data that is being exchanged by the user and the web site - and pro-actively hands the data to various gov agencies.

I do not think most webmasters or web surfers know this.

see "Among other things, that resulted in us cooperating around monitoring potential hate sites on our network and notifying law enforcement when there was content" - and more, via: https://blog.cloudflare.com/terminating-service-for-8chan/

Intel has thousands of employees. They could spy on them and not on external users.
> Data collected from your system is temporarily stored locally on your system before being uploaded to a secure cloud environment, which may be physically located in accordance with Intel’s Privacy Notice.

> Intel keeps the data for a maximum of seven years. Intel takes reasonable steps to reduce the risk that any data kept for over three years can be traced to a particular computer.

Tied to user for 3 years. From a law enforcement perspective I’m more interested in the ‘other devices in your computing environment’. They state they are generating a random UID tied to your system, so I assume if I know the UID from the suspect computer then a warrant could be issued to Intel for this information.

If it's kept over three years, you have to believe that there are backups of the data made, and that the backups are retained forever. So ANY persistent mapping from the data to a specific computer is effectively permanent the moment it hits their backend (maybe someone has to load a tape, so it's not instantaneous, but still available to a warrant or subpoena or shenanigans).

If there is any "risk that any data ... can be traced to a particular computer" on day 1 that the stuff is stored, then that risk never goes away.

They also keep it after you eventually opt out.
Make JavaScript run as fast as possible on your chips.

There, now you don't need to collect any data.

Yes, but presumably they want to know what type of JS is being run.

The characteristics (memory access, numeric operations, etc) are complex and simply saying “make all of it fast” isn’t helpful - presumably intel is trying to make their chips faster at everything in general, but if they find that there are a few particular bottlenecks maybe they could allocate more resources/surface area to those particular instructions, etc

ARM added a few opcodes for JS. Seems like this is a solved problem.
The particular opcode was a very low cost one - most of the win came from memory savings (it’s basically float->int conversion with overridden round mode)
Maybe then they can buy a PC and seat an employee that will spend all the day browsing the web. Instead of spying on everyone.
I'm sure that they already do, but how the entire world uses the internet isn't easily testable by any sane number of testers.

Not saying this is a remotely sane way to do the study, just that's probably the rationale

There's a middle ground. They could require all of their employees to opt their households in. They have a lot of employees.

If that's not enough, they could also require all their contractors to opt their households in.

Incredible. Intel offers a voluntary program that you want to turn into a mandatory program for employees' families.
No, I don't want that. I'm just suggesting a way for them to not have to ask the world for this data by eating their own dog food, in the context of this thread, in a consciously unfriendly way.
(comment deleted)
>Make JavaScript run as fast as possible on your chips.

Instructions unclear, got speculative execution attacks. Slapped a fix, now everything runs slow.

Just get ad tech to perform well. That's the biggest source of slowness on the web I imagine, for most people.
(comment deleted)
(comment deleted)
I don't know if I am getting this right, but this seems to be a program that you can install and they at least ask. So I have not as much a problem with it.

I wouldn't want them to be able to read my CPU SN though and connect it to any browsing data. But there sure are people that wouldn't mind.

If I compare this behavior to MS and their telemetry crap, this is a gigantic improvement. Not saying that collecting usage information should even be further normalized.

There's no incentive to give away your data. A large financial incentive would be nice!
But according to the press release you will be empowered by giving them access to this information :D
Completely off-topic, but I discovered the existence of the <details> HTML tag [1] with this page.

I was surprised that I could unfold these questions at all with Javascript disabled. Usually, I am stuck with this kind of pages.

Please webmasters, use <details> for your FAQs if you want foldable questions.

[1] https://developer.mozilla.org/en-US/docs/Web/HTML/Element/de...

Unsupported by the usual suspects, that's why.
They are disappearing and it gracefully degrades, I think we should not care in most cases now :-)

edit: and I guess a JS shim can be used if it really matters.

Edge never really gained popularity so that disappearing (with Chrome-Edge) is neither here nor there. IE11 is here to stay until at least 2025.

In no small part due to Microsoft's decision to make IE11's rendering engine the only browser that could support: Java Applets, Flash, ActiveX, that almost all major companies and large governments use. If they had incorporated those into Edge and hidden them behind ten layers of security warnings, we wouldn't be in this mess.

Try to service large corporations and governments. Our IE11 user share is over 70% for the product (but under 30% for the marketing/public pages). This won't change until every last Java Applet/Flash/ActiveX control dies, and that isn't happening fast -- companies literally in 2019 still sell products using the tech' (Oracle!).

> Try to service large corporations and governments. Our IE11 user share is over 70% for the product

I was excluding this from the "most cases", but thanks for the wake up call anyway. Outch.

You beat me to it :)

Yes this is too bad. Great feature.

The issue is that the compatibility and styling (animations etc.) are not fully supported or available. This should have been standardised much earlier, alas here we are with a half-assed solution to a very common pattern.
I guess you can always hack something in Javascript if you wish to have animations, which is always better than to go with an implementation in full Javascript.
The one thing that does not stop boggling my mind on a daily basis is the lack of a consistent feature detection and the subsequent fallback mechanism for the web. I need to look at all these weird angles and use polyfills just to check if the feature is there in the first place. Even then, I cannot accomplish this without JS, and cannot react to it without JS.

It's not a choice I have, so fuck it: I'll make it viewable without JS, and usable with JS.

You can always detect whether tag <foo> is supported in JavaScript by testing whether HTLMFooElement is defined (but I understand you are speaking more generally).

I understand your feeling, and by making it usable without JavaScript you are already going a long way, but using those tags also makes your pages accessible.

Making your pages beautiful with animations is only extra. Things already work out of the box in any case without <details> without effort, only better if it is supported.

HTML is mostly designed to gracefully degrade, detection is not always necessary.

How would you like things to be handled? Handling retro compatibility is hard and I find HTML does a good job at it.

Out of a stance that is now more political than anything, the applications I've been building are entirely operating with server-side HTML templates with absolutely minimum to no JS (only for the occasional page load event or whatnot). When you respond to requests in under 100ms (plus network latency), you don't need an SPA layer to fool people into thinking that they're not in a web page.

Bosses are particularly impressed with the speed.

And I guess they are also simpler code wise? :-)

I've built a website like that, for someone drawing comics. Fully works in simple HTML, looks better with CSS, and faster and slightly more enjoyable with JS. The JS avoids jumps and flashes (especially annoying since the website has a black background) when opening a page by only reloading relevant parts so the browser does not need to fully redraw the website, with great care to handle history correctly and consistently with what would happen with JS disabled.

As an user, animations are not my issue at all.
Indeed. Or rather: as an user, the animations only an issue when they're broken (or performance-intensive). Which immediately suggests a way for correctly doing such expandable paragraphs: just don't animate them if you can't make it work perfectly everywhere.
Don’t style it, let the user agent use the appropriate style.

Don’t animate it, let the user agent use the appropriate animation.

Woah, I was using the checkbox CSS hack to do exactly this, I had no idea there was an actual element for this.
<details> are quite handy for github comments. (Yes, they work!)
If they care so much about javascript performance why wouldn't they just add opcodes for js specific behavior like how ARM did?
They can't do that wo your data man

Don't you understand?

Don't they already have access to all my infos already, thanks to the Intel Management Engine? /S
Why not collect even more

If it is free

Let’s assume Intel has the best motivations here, and really wants to ensure that Intel devices perform better than competitors. There’s a far better way to accomplish this without invading the privacy of end users and becoming yet another attack vector (has anyone coined YAAV yet?):

- Create a program that allows developers and other companies to upload their code to be stored and executed by Intel to test and store performance improvements and regressions

- For those who don’t trust Intel with their code, allow them to register their site as part of a testing program. Intel can then rank the importance of these sites internally by popularity or whatever kind of metrics they want.

If developers and companies care, they’ll participate and work with Intel directly. If they don’t, they won’t. Stop pushing this crap onto users’ machines, building profiles, storing data, and invading everyone’s privacy.

We really need an anti-telemetry law in the US.

There's an even better way of doing this and they never have to leave the lab. They have all of the CPUs and enough of the hardware configurations themselves to actually run a test. Just go by some of the "most popular websites" list that's out there.
Intel's CIP is a wannabe NSA spook. The websites I visit should be nobody's business but my own.
This seems to be genuinely opt-in: You have to explicitly sign up for this program, download and run their software. It's not like they're spying on unsuspecting chip-buyers.

I wish other companies had a real opt-in process.

What other cpu/driver makers spying on us?
That's how active opt-out starts.
At some point we're going to have to start using our personal firewalls for outgoing traffic too which is going to be a massive pain. It seems that every company is jumping on the telemetry band wagon.
What do you mean by 'at some point? that point was when W10 started sending telemetry, and yes, you can block it with windows own buildin firewall.
For the time being this appears to be an Opt-in program where one has to choose to participate by downloading and running the CIP program.
How do they extract the site category data from browsers? What side effects on browser behavior, if any, does the methodology have?
Data is the new oil, they say. Did someone convinced Intel to prepare for pivot as a data company? Well, they are in a good position for it actually.
Wouldn't it be better for them just to categorize the javascript that is available in the top million webpages?
They might just want to live up to their name.
Is this tied to installing other Intel software or drivers? The page reads like you specifically decide to download this solely for the purpose of helping Intel. Not sure they will get many takers that way.
This seem to be optin and not on by default like other popular software.
No surprise more and more entities want that delicious browsing history data, it's extremely valuable and profitable.

These days you need to really understand your threat model when it comes to using the internet and who might be able to record every keystroke and website you visit.

We used to call them "keyloggers" but now GBoard and Windows 10 have "clipboard sync" features.

I think there's going to be some genuine business in having scripts make random web searches, copy/paste random things with the cloud sync feature enabled etc to trick algorithms and what data can be harvested from what they collect.

If you poison the data they have on you then what use is it collecting it? Maybe I just am a raging furry, and adore Adolf Hitler and buy Nazi related materials.

I tend to agree with you. Though when Intel starts selling your data to the government you might want to limit those Nazi searches, could impact your ability to cross the border without a hassle.