Intel is a household brand that has helped pave the way for a digital future and enabled technological progress to the point of ubiquity worldwide. The company is legendary for its hand in the development of microprocessing chips, the very foundation upon which modern computing is based on. Without Intel, smartphones and super-computers and high-powered laptops would be a matter of science fiction.
And with great power comes great responsibility. Today, Intel is in the headlines not because of groundbreaking innovation, but because of a security catastrophe that affected millions of users.
Intel processor chips are a staple in computers that are designed with user functionality in mind. The chips are high-powered, affordable, and virtually everywhere. But two days ago a security flaw in the processors was revealed that allowed a user to access memory that would usually be restricted. This is an extremely dangerous exploit that leaves anyone using a huge number of machines vulnerable to data theft.
The bug is caused by a development factor that was designed to increase the speed of the processors; like the legendary Heartbleed Bug, the exploit allows a user to take a peek at the information they are not supposed to be able to see. This particular exploit comes in the form of memory manipulation; the hardware is designed to take previous information fed to the hard drive and create a speculative notion about what it is going to do next. The problem here is that programs are able to access that previous information, even when it is supposed to be protected memory. That means that passwords, credit card information, and any other types of user input that would usually be encrypted on its way out could be at the mercy of someone with access to the speculative execution frame.
Because of the huge range of devices that use Intel hardware, a vast number of customers are affected by the bug, many of whom don't know that their device has an issue or even what a processing chip is or does. Anybody who was gifted an iPad or a similar device for Christmas is at risk of having sensitive data stolen without even knowing that their device could be at risk.
There is no standard procedure for issues of this magnitude for a vendor the size of Intel. A similar issue was reported in the early 1990s in which a security breach was discovered in their Pentium processors, and the company responded by making their product design and bug-testing more robust. Today, there are two simple and basic solutions available to the company: correct the issue with a required patch to all devices affected by the exploit, or a mass recall of all devices containing the chipset.
A mass recall would be a catastrophe. Not only would it be extremely expensive and time-consuming, the fact of the matter is Intel processors are in so many devices that it would be next to impossible to collect them without having to inform the entire world exactly how badly they had messed up.
So, fortunately for Intel and its stockholders, a statement by the CEO Brian Krzanich said that recall is not necessary because 90% of all vulnerable machines will have a patch available in the next couple of days. The software patches will come as normal device updates for all affected devices including home computers, phones, laptops, tablets, and other mobile devices.
The solution requires a full redesign of the way the chipset functions, effectively eliminating 30% of the processor's power. Reducing the power and effectiveness of the product is obviously an emergency reaction since it will have direct and immediate effects on the company's brand and value. But the company has made an official statement saying that normal user behavior would hardly be affected; that is, you won't notice a huge change in speed in your internet browsing or video streaming. Unless you are doing something high-end such as gaming or video editing, the processor updates shouldn't affect your usage at all except for the amount of time it will take to update.
Because of the ubiquity of Intel chipsets, platforms other than personal computing could be affected. Resources that rely on cloud software could also take a performance hit, which includes Amazon and any service that uses peer-to-peer downloading. These processes require significantly more power than your home computer's music streaming service and provide services to millions of customers; even extremely small changes to the platform's software could cause sluggish or even halted service to all of those customers.
Intel released an announcement saying that software patches and firmware updates will soon be available to protect all users from security vulnerabilities that were opened by the exploits. This press release comes on the tail end of a minor stock crisis in which the companies value fell 5% in one day.
Intel's prominence in the tech community means that it is under extreme scrutiny when it comes to security breaks and disasters of this caliber. CEO Krzanich is under scrutiny right now due to a huge stock sell-off that brought him down to the minimum amount he is allowed to own given his position.
CEOs sell stock for a variety of reasons, and Intel's official position is that the sale had absolutely nothing to do with the security breach. However, the timing has left a few experts suspicious; the company was made aware of the exploits several months ago, and Krzanich's huge stock sell-off happened in November. However, Krzanich's behavior has absolutely nothing to do with a speedy solution to this issue for Intel.
Intel has encouraged computer and device users worldwide to utilize the automatic update feature on their devices in order to fully protect themselves from security breaches and exploits. They claim that 90% of affected systems will have software updates that make them immune to the negative effects by the end of this week.
Apple has also been severely hit, with security vulnerabilities known as Meltdown and Spectre revealed on Wednesday. Apple said they have released updates for iOS, their phone, tablet and macOS software. In the same blog post, Apple added: “These issues apply to all modern processors and affect nearly all computing devices and operating systems. All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time." The tech giant also added it plans to release a Safari update to defend against Spectre.