WingNews logo WingNews GitHub [2]
top | item 16394274

Intel hit with 32 lawsuits over security flaws

238 points| mozumder | 8 years ago |reuters.com | reply

81 comments

order
[+] digitalni|8 years ago|reply
Am I the only one who thinks that now would be a good time to buy intel shares, or even wait a bit more until these suits are won (intel will likely lose), so the stock price will go down even further. There is no way intel will lose its market position, so stock prices are likely to go back up after all this drama settles down...
[+] gnarbarian|8 years ago|reply
>There is no way intel will lose its market position

Famous last words if I ever heard them. Ryzen and threadripper are a significant threat especially knowing that AMD is not vulnerable to meltdown (only Spectre).

[+] mygo|8 years ago|reply
How long will it take Intel to fix the technology? A decade?
[+] chx|8 years ago|reply
The problem, I feel, is with the Coffee Lake and Kaby Lake R release after learning of Spectre and Meltdown.
[+] bonzini|8 years ago|reply
Spectre can be avoided (at small performance cost on new CPUs) with microcode updates and OS fixes. Meltdown can be fixed just at the OS level.

At this point, whether you're releasing a chip with or without the vulnerability is not an issue. Fixing them will make you look better in benchmarks if anything, because you don't need anymore the slow PTI mitigation.

[+] classics2|8 years ago|reply
If the behaviors (bus timing logic and such) that are being used to spill information across process and privilege boundaries actually were fully documented, wouldn’t the liability fall on the people who used these chips to write multi-user environments without knowing or understanding the implications of the technical details?
[+] sannee|8 years ago|reply
It's very well documented that writing outside array boundaries in C can cause undefined behavior (leading to arbitrary code execution no less!), yet Adobe isn't exactly sued for every buffer overflow in Flash.
[+] seanlinmt|8 years ago|reply
Does anyone know how one could take part in these class action suits? And are they limited to US citizens only?
[+] tehlike|8 years ago|reply
Am i the only one that thinks bugs are called bugs for a reason, and this was most likely not negligence.
[+] josaka|8 years ago|reply
Sympathetic to the notion given how difficult/useful it is to design a chip. But someone has to bear the cost of this. Chip designers are the party most capable of mitigating the harm. Seems reasonable to ask them to pay. See e.g., https://en.wikipedia.org/wiki/Coase_theorem
[+] bonzini|8 years ago|reply
Yes. Bugs are called bugs because you could actually find bugs among triodes and they could cause the computer to malfunction. Then the wording was extended to software bugs.
[+] kcmastrpc|8 years ago|reply
meanwhile, equifax stumbles in and yells, "nothing to see here, MOVE ALONG...."
[+] kjar|8 years ago|reply
riffing on 'the beatings will continue until morale improves': 'the insanity will continue until awareness improves.'
[+] snissn|8 years ago|reply
I'm really relieved the number is a power of 2.
[+] arjo129|8 years ago|reply
There needs to be a law that protects engineering corporations against security flaws that were previously unknown.
[+] tomc1985|8 years ago|reply
No. Security is already a non-concern amongst non-technical people, who unfortunately control most leadership positions. Protection from liability only means we get to see more, and worse, BS like this in the future.

We need to hold companies even more accountable than what they already are. 32 lawsuits is not enough, more like 320!

[+] Retric|8 years ago|reply
That would simply promote intentional ignorance. Even then Meltdown is part of a known class of attacks namely race conditions, Intel simply messed up.