Intel failed to inform U.S. cyber security officials about the Meltdown and Spectre chip flaws ahead of when they leaked to the public even though Intel had advanced knowledge of the vulnerabilities, several tech companies said in letters sent out to lawmakers on Thursday.
According to Reuters, Apple and Google parent company Alphabet sent letters to Representative Greg Walden, who chairs the House Energy and Commerce Committee. Walden had previously questioned the tech companies about when the chip flaws were disclosed to Intel.
Alphabet said its Google Project Zero team informed Intel, AMD, and ARM about the chip vulnerabilities in in June and provided the three companies with 90 days to fix the problems before disclosing them.
Intel did not tell the U.S. Computer Emergency Readiness Team, aka US-CERT about the Meltdown and Spectre flaws until January 3, however, well after media reports went live. According to Intel, it did not disclose the vulnerabilities ahead of time because hackers had not exploited them.
News of Meltdown and Spectre, two chip flaws that impact all modern processors, first began circulating in early January. Meltdown and Spectre take advantage of the speculative execution mechanism of a CPU, and because they are hardware-based flaws, operating system manufacturers have been forced to implement software workarounds.
Apple first addressed Meltdown and Spectre in iOS 11.2, macOS 10.13.2, and tvOS 11.2 and has since mitigated both vulnerabilities with little to no impact on device performance.
In addition to questioning by the U.S. government over its failure to share information on the security flaws, Intel is also facing at least 32 Meltdown and Spectre lawsuits
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
According to Reuters, Apple and Google parent company Alphabet sent letters to Representative Greg Walden, who chairs the House Energy and Commerce Committee. Walden had previously questioned the tech companies about when the chip flaws were disclosed to Intel.
Alphabet said its Google Project Zero team informed Intel, AMD, and ARM about the chip vulnerabilities in in June and provided the three companies with 90 days to fix the problems before disclosing them.
Intel did not tell the U.S. Computer Emergency Readiness Team, aka US-CERT about the Meltdown and Spectre flaws until January 3, however, well after media reports went live. According to Intel, it did not disclose the vulnerabilities ahead of time because hackers had not exploited them.
Intel said it did not inform government officials because there was "no indication that any of these vulnerabilities had been exploited by malicious actors," according to its letter.At the time the flaws were discovered, Intel also did not do an analysis on whether the flaws could impact critical infrastructure because it did not believe industrial control systems could be impacted, but it did inform the technology companies that use its products.
News of Meltdown and Spectre, two chip flaws that impact all modern processors, first began circulating in early January. Meltdown and Spectre take advantage of the speculative execution mechanism of a CPU, and because they are hardware-based flaws, operating system manufacturers have been forced to implement software workarounds.
Apple first addressed Meltdown and Spectre in iOS 11.2, macOS 10.13.2, and tvOS 11.2 and has since mitigated both vulnerabilities with little to no impact on device performance.
In addition to questioning by the U.S. government over its failure to share information on the security flaws, Intel is also facing at least 32 Meltdown and Spectre lawsuits
Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
43 comments
Apple appears to be in the process of decoupling the iPhone from the watchOS update process on the Apple Watch.
In the first beta of watchOS 6, the Apple Watch gained its own over-the-air...
Nintendo's newest mobile game, Dr. Mario World, is set to launch on iOS and Android devices on Wednesday, July 10, Nintendo announced on Twitter this evening.
First announced in January, Dr....
Apple-owned Beddit recently launched a new beta testing program that's designed to allow those who own the new Beddit 3.5 device released in December to test new and upcoming features.
In a...
Apple this morning released the second iOS 13 beta for developers, addressing bugs, introducing new bugs, and adding and refining iOS 13 features.
There are no super exciting new changes in the...
Apple today seeded the second betas of iOS 13 and iPadOS to developers for testing purposes, two weeks after first unveiling the new updates at the Worldwide Developers Conference.
Registered...
Apple today seeded the second beta of macOS 10.15 Catalina for testing purposes, two weeks after the new Mac operating system update was first unveiled at the Worldwide Developers Conference.
...
Walmart today announced that its customers can now complete postpaid cell phone upgrades on the Walmart website for the first time, allowing Walmart to better compete with both carriers and retailers...
Apple plans to release three new iPhones in the second half of 2020, including high-end 5.4-inch and 6.7-inch models with OLED displays and a lower-end 6.1-inch model with an OLED display, according...
