01-13-2018, 11:34 PM
Intel got drawn into a CPU speed battle years back. Security was not a priority.
This is very hard to fix because Intel CPUs are running an entire Minix OS inside the CPU, independent of whether you run Windows, Linux or MacOS. The only good news is it is incredibly hard to exploit at the moment. But really all the "fixes" are work arounds. In the end the real fix will be a new CPU.
BTW I've got no problem with Google in this. I think they've behaved responsibly... they uncovered the vulnerability, gave Intel and others an embargoed notice period - presumably hoping something would be done. It is quite common in the sector to give companies a few months to find a fix before going public.
This is very hard to fix because Intel CPUs are running an entire Minix OS inside the CPU, independent of whether you run Windows, Linux or MacOS. The only good news is it is incredibly hard to exploit at the moment. But really all the "fixes" are work arounds. In the end the real fix will be a new CPU.
BTW I've got no problem with Google in this. I think they've behaved responsibly... they uncovered the vulnerability, gave Intel and others an embargoed notice period - presumably hoping something would be done. It is quite common in the sector to give companies a few months to find a fix before going public.

