Intel CEO Posts Open Letter And Says They’ll Do Better When It Comes To Security….. Right…..

Intel CEO Brian Krzanich has posted an open letterto Intel customers following the Meltdown and Spectre vulnerabilities that impact its processors. In it he says among other things, these three points:

1. Customer-First Urgency: By Jan. 15, we will have issued updates for at least 90 percent of Intel CPUs introduced in the past five years, with updates for the remainder of these CPUs available by the end of January. We will then focus on issuing updates for older products as prioritized by our customers.

2. Transparent and Timely Communications: As we roll out software and firmware patches, we are learning a great deal. We know that impact on performance varies widely, based on the specific workload, platform configuration and mitigation technique. We commit to provide frequent progress reports of patch progress, performance data and other information. These can be found at the website.

3. Ongoing Security Assurance: Our customers’ security is an ongoing priority, not a one-time event. To accelerate the security of the entire industry, we commit to publicly identify significant security vulnerabilities following rules of responsible disclosure and, further, we commit to working with the industry to share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks. We also commit to adding incremental funding for academic and independent research into potential security threats.

The cynic in me is saying that this is an attempt to mitigate the public relations nightmare that is in progress. But basically saying “Trust us, we’ll do better next time” doesn’t cut it. Here’s what Intel customers really want to hear:

  1. How did this slip through the cracks and went undetected for so long?
  2. What is Intel doing to make sure that this scenario never happens again.

If they did that, then this statement would have meant something. They didn’t thus it’s PR fluff that means nothing.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: