Intel Pledges To Put Security First After Meltdown, Spectre

Intel CEO Brian Krzanich published an open letter pledging an increased commitment to security, transparency, and collaboration.

Whether or not your view of Intel has been changed by the Meltdown/Spectre issue, we can probably all agree that Intel’s best option is come clean on the blunder. To that effect, Krzanich’s letter might be signaling at least some change to the way Intel does things.

Krzanich highlights Google’s involvement in discovering Meltdown/Spectre and also commits Intel to increased industry collaboration, at least on security matters.

To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks. We also commit to adding incremental funding for academic and independent research into potential security threats.

Intel is also committing to greater transparency on the performance impact of the Meltdown/Spectre patches. It recently chose to publish its own benchmarks and said that more would be coming. Towards its patching efforts, Intel says all affected CPUs will have fixes by the end of January, but it didn’t commit to changing its strategy here.

This is already the second major security issue requiring large-scale patch deployment by Intel within three months, the first being the Intel ME issue. Doubtlessly, many systems still and forever will remain vulnerable to both these issues because they’re too old to patch or are simply forgotten about. Intel should more actively push its partners to release patches and release more comprehensive vulnerability detection tools which also tell customers where to get updates.

Krzanich’s letter is undoubtedly standard PR. With ongoing lawsuits and allegations of insider trading, Intel will probably have to do a lot more to regain consumers’ trust.

Create a new thread in the News comments forum about this subject
This thread is closed for comments
26 comments
Comment from the forums
    Your comment
  • dextermat
    Oh wow another excuse like BP ceo spills after spills after spills....
  • derekullo
    Anonymous said:
    Oh wow another excuse like BP ceo spills after spills after spills....


    Were you expecting them to issue refunds for every cpu they have made since 1995?

    At least he isn't asking for his life back.
  • nitrium
    If a car company tried to pull the crap Intel has, i.e. selling a car with defective air bags and the fix is to make it drive slower, they'd be out of business. I think everyone who has bought an Intel CPU in the last 5 years should be fully refunded even if it bankrupts them. If the rule of law still existed and Intel wasn't deemed "too big to fail" they'd be forced to do just that.