Report: Intel Told Chinese Companies About Security Flaws Before U.S. Government

A new report claims that Intel told a number of its customers about the security flaws in its chips before it notified the U.S government, and some are concerned about the decision to notify Chinese companies.

The new article comes from the Wall Street Journal. Despite no evidence of misuse, security researchers contacted for the report expressed concerns that Chinese companies receiving the info could cause knowledge of the flaws “to fall into the hands of the Chinese government before being publicly divulged.”

Major Concerns

Jake Williams, a former NSA employee and president of the security company Rendition Infosec LLC, told the Journal that it was a “near certainty” the Chinese government was aware of conversations between Intel and its partners in China.

It’s obvious that intelligence agencies would have an interest in this information, as the Meltdown and Spectre flaws could allow access to sensitive data.

The flaws were first identified last June, but weren’t known to the public until this month. As a Department of Homeland Security official told the Journal, “We certainly would have liked to have been notified of this.”

There is some reasoning behind the decision to only notify a few companies — it cuts down on possible leaks and allows companies to develop their own fixes before the flaws become more widely known.

Still Dealing With Spectre

But these flaws — Spectre, in particular — haven’t been easy to deal with. A recent Intel patch for Spectre caused more problems than it solved, with the company still working on issuing an update that won’t cause users’ computers to reboot.

In fact, Microsoft has issued a new patch for its computers which specifically disables Intel’s own Spectre patch. This patch from Microsoft should cause computers to stop the rebooting process until Intel issues its own new update — let’s hope the new one works better that the last one. (H/T Engadget)

 

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews