Meltdown and Specter: Why is Intel so secretive?

The privacy imposed by Intel still surrounds many details of the Meltdown and Specter vulnerabilities that have caused and continue to cause problems globally.

It is known that για τις ευπάθειες ασφαλείας που ανακαλύπτονται διατηρούνται υπό άκρα μυστικότητα, μέχρις ότου κυκλοφορήσει κάποια νέα ενημέρωση κώδικα. Είναι μια ώριμη και καλά κατανοητή διαδικασία.

But in the case of Meltdown and Specter, things did not go as expected.Intel

"Normally, we have timelines and we fully disclose what happened," said Jonathan Corbet, who maintains the documentation for the Linux kernel and is a member of the Technical Advisory Board of .

"In this case, there is still a lot of secrecy about Meltdown and Specter and how they can be managed."

Jess Frazelle, who works on open source software and containers for Linux at Microsoft told linux.conf.au -source software conference held in Sydney on Wednesday:

"There are people who have publicly stated at this conference that they are not even allowed to name these vulnerabilities," Corbett said, referring to Intel's Casey Schaufler.

Schaufler presented a discussion on the future of security in the Linux kernel, but he was forbidden to mention even the most important στα προϊόντα της εταιρείας του από το bug Pentium FDIV which was a generation ago.

They could be vulnerable like Meltdown and Specter be caught faster if developers move to more open architectures, projects that could be patched more readily by software communities?

The hardware Andrew “bunnie” Huang thinks so:

"Unfortunately, I think in the case of this particular error, all the components that were necessary for it to happen were published," but he is generally convinced that open hardware can help find other errors.

But the problem is purely profit:

Huang said it would be interesting to see what is happening with Intel, as the Pentium FDIV error cost them 475 million dollars 1994.

On the other hand, Huang wondered if this secrecy eventually helped.

“What are you trying to protect the entrance from? You try to make sure that random young scripters don't use it ; Or are you looking to keep government hackers at bay? .. If you're really trying to protect against, say, government hackers, those guys might already be listening in on your communications and would know about the vulnerability the same time you did.”

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).