Intel faces scrutiny as security flaw exposed
Computer chip manufacturer learned last year of glitch that could aid in hacking
SAN FRANCISCO— In 1994, Intel faced a public relations crisis over an elusive mathematics glitch that affected the accuracy of calculations made by its popular Pentium computer chips. After insisting that the problem would not affect many people, the company succumbed to public pressure and recalled the chips, costing it $475 million (U.S.).
Now Intel faces an even bigger test: two serious security issues with its chips that could have implications for nearly everyone touched by computing.
And, in something of a repeat of the 1994 incident, Intel has failed to quiet critics, putting it in an awkward position this week as its chief executive prepares to take the stage at one of the world’s biggest tech trade shows.
The cause of the new public relations crisis is the disclosure last week of two new ways to filch data from the microprocessors inside nearly all the world’s computers.
Called Meltdown and Spectre, they could allow hackers to steal the en- tire memory contents of computers and spur the discovery of new attacks. “It is a very big deal, because it’s an area people haven’t looked at before,” said Bruce Schneier, a comput- er security expert and lecturer at the John F. Kennedy School of Government at Harvard. “Everybody is going to start now.”
Intel was privately informed of the issues by security researchers in June.
The company, which has rejected a chip recall or other costly remedies, said it has quietly marshaled a coalition of software, hardware and cloud services to develop and deploy programming tweaks designed to close most of the security gaps.
Intel and its partners said the fixes should be largely in place this week.
“We’ve gotten much more mature in our ability to respond,” said Steven L. Smith, an Intel vice-president who was closely involved in the Pentium crisis and is overseeing its handling of the new security issues.
But just how well the proposed fixes work remains a matter of debate, putting Brian Krzanich, Intel’s chief executive, in the hot seat.
Krzanich is scheduled to help kick off the International CES trade show, one of the biggest tech conventions of the year, Monday night in Las Vegas.
He may need to address the security problems in addition to topics such as artificial intelligence, virtual reality and self-driving cars.