Intel Pledges Transparency, Bolsters Updates After Security Flaws
Intel has pledged to further transparency, whilst altering its guidance on performance issues around security fixes, after recent revelations of two major CPU security flaws.
Enclosed in an open letter from CEO, Brian Krzanich, the company has affirmed its desire to offer more “transparent and timely communications”.
“As we roll out software and firmware patches, we are learning a great deal”
“We know that impact on performance varies widely, based on the specific workload, platform configuration and mitigation technique”.
Intel has committed to provide updates for at least 90% of CPUs developed in the last five years, by January 15th. The rest is to be finished by January end.
Whether or not this flows down to end users, is in the hands of PC manufacturers, with the majority having their own update systems.
The company is now planning to offer “frequent progress reports of patch progress, performance data, and other information” at the dedicated Spectre and Meltdown website.
Intel has faced mounting criticism over the impact of security flaws, growing after Microsoft revealed the extent of performance changes:
- Windows 10 running on Skylake, Kaby Lake or newer CPU show benchmarks show “single-digit slowdowns”, but most users shouldn’t expect to see noticeable slowdowns
- Windows 10 running on Haswell or older CPUs “show more significant slowdowns” and “some users will notice a decrease in system performance”
- Windows 7 or Windows 8 running on Haswell or older CPUs means “most users will notice a decrease in system performance”
In addition to other promises, Intel is committing to publically identify future vulnerabilities and “share hardware innovations that will accelerate industry-level progress in dealing with side-channel attacks”.