Faith Ekstrand

At the risk of sounding like one of those open-source crazies... Mesa drivers will NEVER do this to you.

We argue over whether or not having an app hacks system in a fully open driver is sufficiently transparent. Don't want that driver hacking around games behind your back!

The notion of scraping your web history in a GPU driver would never even occur to us. If someone ever proposed it, it'd get NAK'd so hard they'd be feeling it for a year.

https://www.extremetech.com/gaming/intels-gpu-drivers-now-collect-telemetry-including-how-you-use-your-computer

Intel's GPU Drivers Now Collect Telemetry, Including 'How You Use Your Computer'

The data collection feature is enabled by default, but you can disable it during installation.

ExtremeTech
Aug 9, 2023 at 5:00pmWeb
Show threadFaith EkstrandAug 9, 2023

Reading further down the article, it looks like AMD and NVIDIA do it, too. Y'all are making me really glad I don't work for any of you.

Closed-source drivers really need to become a thing of the past.

Show threadn3wjackAug 10, 2023
@gfxstrand where does it say that? I read something about not being able to opt out, but I don't see anywhere that they actually collect your browsing data.
Show threadaviAug 10, 2023
@gfxstrand At least AMDs version is opt-in as far as I know. This checkmark is unchecked by default when I install the drivers.
Show threadaevaAug 9, 2023
@gfxstrand I can't say I'm surprised that an IHV would put telemetry into drivers, but I can't imagine what they get out of aggregating my browsing habits.
Show threadFaith EkstrandAug 9, 2023
@aeva I know, right? Like, knowing how many of which GPU generations seems reasonable. Maybe some auto-reporting of GPU hangs and that sort of thing. Even knowing what games are popular, maybe? But browsing?!? That's really invasive and I highly doubt they're getting anything useful out of it.
Show threadJosh SimmonsAug 9, 2023
@aeva @gfxstrand I kinda can't imagine they actually scrape your browser history though. Because that's just really weird even for bigcorp standards. Perhaps they worried about collecting info about websites indirectly via video decode metrics?
Show threadaevaAug 9, 2023
@dotstdy @gfxstrand maybe they're trying to solve the "does anyone besides itch and shadertoy actually use WebGL for anything other than fingerprinting" mystery once and for all
Show threadJosh SimmonsAug 9, 2023
@aeva @gfxstrand Just collecting whether webgl gets fired up *is* absolutely leaking your browser usage history in broad categories. And then if you add hang metrics you can find all the shadertoy users. Graphics programmers look out intel are going to find you out!
Show threadNatalie VockAug 9, 2023
@dotstdy @aeva @gfxstrand What use does sorting websites into e.g. social media/news etc have, though? That's the example they give on the website, after all. For debugging anything, you shouldn't need to know whether the bug occurred on a news site or a social media page, and I don't see how such a thing could indirectly happen by collecting other data.
Show threadJosh SimmonsAug 9, 2023
@pixelcluster @aeva @gfxstrand ah I didn't see the bit where they say "into one of 30 categories" which is very strange. Like how would they even collect that? I can understand why, because telemetry people tend to come from completely the wrong direction and want to collect everything so they can worry about what to do with it later. Maybe somebody will RE the binary and see what it actually does.
Show threadaevaAug 9, 2023

@dotstdy @pixelcluster @gfxstrand maybe they're categories like "this website runs like dog poop because it was written in react", and "this website runs like dog poop because of ads" and "this website runs like dog poop because of cryptominers" and then a few hw revisions later we'll see features like "WebTensor, the AI accelerator for ads and crypto miners".

I'm basing this joke loosely on the existence of stuff like this https://developer.arm.com/documentation/dui0801/h/A64-Floating-point-Instructions/FJCVTZS

Documentation – Arm Developer

Show threadaevaAug 9, 2023
@gfxstrand idk maybe we'll see "AI powered" porn surfing hw accelerators hit the market in a few years
Show threadNatalie VockAug 9, 2023

@gfxstrand They will also literally infiltrate your local network and send things like model numbers of smart home stuff you might have installed, apparently:

"Includes universal plug and play devices and devices that broadcast information to your computer on a local area network: for example, smart TV model and vendor information, and video streaming devices"

Might as well just bundle wireshark with the driver at this point.

Show threadSolar Bear 🔆🐻Aug 9, 2023
@pixelcluster @gfxstrand
This is why I avoid Wi-Fi smart devices and the few IOT devices I do have live on another VLAN, but I expected the network scanning to be coming from IOT garbage, not graphics drivers. But seeing my overall suspicions confirmed, I think I need to start getting even more draconian going forward.
Show threadRicardo N FelicianoAug 9, 2023

@gfxstrand Strange, yes. But I don't know about you but my browser always has hardware rendering enabled. If data can help them see where they need to spend the most time for improvements, I see that as a good thing.

My only concern would be that they say they aren't collecting URLs, but since we can't see the code, we can't confirm that.

Show threadDark Sage Torunka Aug 9, 2023

@gfxstrand I generally tend to be a telemetry apologist but... in what world is anonymized and bucketed web history going to help GPU driver development?

I'd be less suspicious of this if they were asking for MORE information - like, full URLs could actually help if you were debugging a crash in a web game. No URLs would be actually privacy respecting. Anonymized and bucketed URLs still provide more information than many will be comfortable with but not enough to actually repro a bug.

Show thread「 Fristi 」Aug 9, 2023
@gfxstrand does this also affect the intel-media-driver package? Might uninstall it if it does.
Show threadFaith EkstrandAug 9, 2023
@fristi It's probably just the Windows drivers. In particular, it's probably the driver installer/manager thingy. I don't think any of the Linux drivers do that.
Show thread「 Fristi 」Aug 9, 2023
@gfxstrand alright cool 
Show threadSolar Aug 9, 2023
@gfxstrand We might be crazy, but we're right 😜
Show threadCraig McgeeAug 10, 2023
@gfxstrand its crazy. i mean what link is there between a gpu and scraping web history. it's not like its a browser saying we analyse the websites you use for security, or anti virus, its just a way to sell your data which is completely unrelated to the actual product you baught! disgusting.