Intel Didn't Inform U.S. Security About Meltdown and Spectre Until it Went Public

Forum Moderators: open

Message Too Old, No Replies

Intel Didn't Inform U.S. Security About Meltdown and Spectre Until it Went Public

engine

11:17 am on Feb 23, 2018 (gmt 0)

According to Reuters, Intel did not inform U.S. security officials about Meltdown and Spectre until it went public, and the reason why, the report says, is because " it did not think the flaws needed to be shared with U.S. authorities as hackers had not exploited the vulnerabilities."

Intel did not tell the United States Computer Emergency Readiness Team, better known as US-CERT, about Meltdown and Spectre until Jan. 3, after reports on them in online technology site The Register had begun to circulate.

Intel Didn't Inform U.S. Security About Meltdown and Spectre Before it Went Public [reuters.com]

Earlier stories
Intel Says, Stop Deploying Current Spectre Patch [webmasterworld.com]
Linus Torvalds Criticises Intel's "Patches" for Meltdown and Spectre [webmasterworld.com]
CPU Vulnerabilities Named Meltdown and Spectre [webmasterworld.com]

TravisDGarrett

1:12 pm on Feb 23, 2018 (gmt 0)

it did not think the flaws needed to be shared with U.S. authorities as hackers had not exploited the vulnerabilities

The idea of reporting flaws and security issues, is to allow authorities (and others) to take appropriate measures (if possible) BEFORE hackers succeed to exploit it. Claiming that since it was not ye exploited sounds a bit odd.