Skip to main content

Intel withheld chip flaw info from US govt until after public leak

by myvictoryb

Intel did not inform U.S. cybersecurity officials of the so-called Meltdown and Spectre chip security flaws until they leaked to the public, six months after Alphabet notified the chipmaker of the problems, according to letters sent by tech companies to lawmakers on Thursday.

Current and former U.S. government officials have raised concerns that the government was not informed of the flaws before they became public because the flaws potentially held national security implications. Intel said it did not think the flaws needed to be shared with U.S. authorities as hackers had not exploited the vulnerabilities.

Intel did not tell the United States Computer Emergency Readiness Team, better known as US-CERT, about Meltdown and Spectre until Jan. 3, after reports on them in online technology site The Register had begun to circulate.

US-CERT, which issues warnings about cybersecurity problems to the public and private sector, did not respond to a request for comment.

Details of when the chip flaws were disclosed were detailed in letters sent by Intel, Alphabet and Apple Inc on Thursday in response to questions from Representative Greg Walden, an Oregon Republican who chairs the House Energy and Commerce Committee. The letters were seen by Reuters.

Alphabet said that security researchers at its Google Project Zero informed chipmakers Intel, Advanced Micro Devices Inc and SoftBank Group Corp-owned ARM Holdings of the problems in June.



It gave the chipmakers 90 days to fix the issues before publicly disclosing them, standard practice in the cybersecurity industry intended to give the targets of bugs time to fix them before hackers can take advantage of the flaws.

Alphabet said it left the decision of whether to inform government officials of the security flaws up to the chipmakers, which is its standard practice.

Intel said it did not inform government officials because there was “no indication that any of these vulnerabilities had been exploited by malicious actors,” according to its letter.

Intel also said it did not perform an analysis of whether the flaws might harm critical infrastructure because it did not think it could affect industrial control systems. But Intel said that it did inform other technology companies that use its chips of the issue, according to its letter.

Intel, Alphabet and Apple could not immediately be reached for comment.

AMD, ARM, Microsoft, and Amazon.com also responded to questions from lawmakers.

Microsoft said that it did inform several antivirus software makers about the flaws “several weeks” ahead of their public disclosure to give them time to avoid compatibility issues. AMD said that Alphabet extended the disclosure deadline from the standard 90 days twice, first to Jan. 3, then to Jan. 9.

Labels:

Comments

Post a Comment

Popular posts from this blog

Jerry Eze Launches $300,000 Empowerment Grant to Support Young Business Owners

  Renowned pastor, author, and global prayer movement leader, Jerry Eze , has unveiled a $300,000 grant scheme aimed at empowering young entrepreneurs and supporting innovative business ideas across communities. The initiative is designed to provide financial relief, encouragement, and practical support to youths who are passionate about building sustainable businesses but face funding challenges. According to Jerry Eze, the grant scheme is part of his broader vision to promote economic empowerment, self-reliance, and hope among young people . He emphasized that many talented youths have viable ideas but lack the resources to bring them to life. Through this program, selected beneficiaries will receive funding to either start new ventures or expand existing ones. The grant is expected to be disbursed in phases, reaching multiple entrepreneurs from different sectors such as agriculture, technology, creative industries, fashion, and small-scale manufacturing. Beyond financial as...
Post a Comment
Read more

ECOWAS declared state of emergency in West Africa

Dr Omar Touray, President of the ECOWAS Commission declared a state of emergency on Tuesday amid escalating violent extremism and terror, military coups d’etat, banditry, and political instability in the sub-region. Touray declared this during the 55th Ordinary Session of the ECOWAS Mediation and Security Council (MSC) at the Ministerial level in Abuja. He said the events of the last few weeks had shown the imperative of serious introspection on the future of democracy and the urgent need to invest in the sub-region’s security. According to him, country-by-country analyses of member states shows different risk levels across the sub-region from high to medium, with a high risk average, which requires immediate and concerted action. “Faced with this situation, it is safe to declare that our community is in a state of emergency. We must confront these threats with the attention they deserve. “For that, the sessions of the mediation and security council should be organized more regularly b...
Post a Comment
Read more

Aide Reveals Reasons Plateau Governor Is Defecting to APC

  Caleb Muftwang of Plateau is set to join the ruling All Progressives Congress (APC), the News Agency of Nigeria (NAN) reports. Mr Istifanus Nwansat, the political adviser to the governor, made this known in an interview with newsmen on Monday in Abuja. Nwansat said that the governor’s decision to join the APC was because it’s the option with the least risk in the face of the chaos in the Peoples Democratic Party (PDP). Caleb Muftwang of Plateau is set to join the ruling All Progressives Congress (APC), the News Agency of Nigeria (NAN) report Mr Istifanus Nwansat, the political adviser to the governor, made this known in an interview with newsmen on Monday in Abuja. Nwansat said that the governor’s decision to join the APC was because it’s the option with the least risk in the face of the chaos in the Peoples Democratic Party (PDP). He explained that the impending defection of Muftwang to the APC would also align with President Bola Tinubu’s political and governance trajectory on ...
Post a Comment
Read more