The CEO of Intel has bad news: a patch for a chip vulnerability will slow down computer operations. In an interview with Bloomberg, a technology analyst explains the typical process when finding security issues: companies find a bug and solve it before going public. However, this time, an issue known for perhaps a year went unsolved and was kept quiet—until now.
Bloomberg says chip makers had downplayed the effects of the patch, but CEO Brian Krzanich has finally described the issue:
“We believe the performance impact of these updates is highly workload-dependent. As a result, we expect some workloads may have a larger impact than others. As of now we have not received any information that these exploits have been used to retrieve customer data.”
In other words, the patch works but will slow down operations.
A technology analyst says this is the first time chip makers like Intel have gotten caught needing to admit a potential vulnerability, and it's unclear why it hasn't been fixed before this point.
Bloomberg reports on the secrecy and implications:
“Our first priority has been to have a complete mitigation in place,” said Intel’s Parker. “We’ve delivered a solution.”
Some in the cybersecurity community aren’t so sure. Kocher, who helped discover Spectre [a bug], thinks this is just the beginning of the industry’s woes. Now that new ways to exploit chips have been exposed, there’ll be more variations and more flaws that will require more patches and mitigation.
"This is just like peeling the lid off the can of worms," he said.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.