Intel Faces Scrutiny as Questions Swirl Over Chip Security
Posted January 7, 2018 3:59 p.m. EST
SAN FRANCISCO — In 1994, Intel faced a public relations crisis over an elusive mathematics glitch that affected the accuracy of calculations made by its popular Pentium computer chips. After insisting that the problem would not affect many people, the company succumbed to public pressure and recalled the chips, costing it $475 million.
Now Intel faces an even bigger test: two serious security issues with its chips that could have implications for nearly everyone touched by computing. And so far — in something of a repeat of the 1994 incident — Intel has failed to quiet critics, putting it in an awkward position this week as its chief executive prepares to take the stage at one of the world’s biggest tech trade shows.
The cause of the new public relations crisis is the disclosure last week of two new ways to filch data from the microprocessors inside nearly all of the world’s computers. Called Meltdown and Spectre, they could allow hackers to steal the entire memory contents of computers and spur the discovery of new attacks.
“It is a very big deal, because it’s an area people haven’t looked at before,” said Bruce Schneier, a computer security expert and lecturer at the John F. Kennedy School of Government at Harvard. “Everybody is going to start now.”
Intel was privately informed of the issues by security researchers in June. The company, which has rejected doing a chip recall or other costly remedies, said it has quietly marshaled a coalition of software, hardware and cloud services to develop and deploy programming tweaks that are designed to close most of the security gaps. Intel and its partners said the fixes should be largely in place this week.
“We’ve gotten much more mature in our ability to respond,” said Steven L. Smith, an Intel vice president who was closely involved in the Pentium crisis and is now overseeing its handling of the new security issues.
But just how well the proposed fixes work remains a matter of debate, putting Brian Krzanich, Intel’s chief executive, in the hot seat. Krzanich is scheduled to help kick off the International CES trade show, one of the biggest tech conventions of the year, at a Las Vegas hotel on Monday night. Now he may need to address the chip security problems in addition to topics like artificial intelligence, virtual reality and self-driving cars.
Adding to Intel’s image challenges is that Krzanich sold about $39 million in Intel shares in late November, after the company learned of the chip security problems. A company spokesman said the sale had been unrelated to the security issues and followed a prearranged annual trading plan. Krzanich, who reduced his holdings by about 50 percent, “continues to hold shares in line with corporate guidelines,” Intel said.
Meltdown and Spectre were identified by a team at Google, with their work augmented by researchers from other organizations. Meltdown affects only Intel chips. Spectre also affects chip designs from companies such Advanced Micro Devices and ARM Holdings, whose technology is used in most smartphones.
Intel, largely by virtue of its success, has the most at stake. While the Pentium chip underpinned most PCs running Microsoft operating systems in 1994, Intel processors are now also used in all Apple Macintosh systems and more than 95 percent of the chips used by cloud services and data centers run by corporations. Its technological reach means that both Meltdown and Spectre could affect just about anyone who uses the internet.
“We created a microprocessor monoculture,” said Bryan Cantrill, chief technology officer at Joyent, a cloud service owned by Samsung. “There are dangers associated with that.”
Intel’s situation is complicated by history and semantics. The Pentium problem was caused by a design error. But Meltdown and Spectre attacks exploit a common speed-boosting technique in chips called speculative execution that Intel’s Smith insisted is working as it should. That approach to chip design emerged before researchers developed new ways to spy on such internal operations, using what they call “side-channel” analysis, Smith said.
As a result, the security issues that were discovered were not flaws or bugs, he said. The features that hackers could exploit are a bit like a door or window in a house, which burglars can exploit but that builders would not consider leaving out.
That hasn’t stopped an uproar from security researchers and tech industry executives. One widely distributed barb came from Linus Torvalds, the creator of the Linux operating system, who posted a testy message last week advising Intel to “take a long hard look” at its chips “and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed.”
Major users of Intel chips — including Apple and the cloud computing arms of Google and Amazon — have said they deployed security fixes recommended by Intel and so far they have not reported the sharp performance slowdowns of the sort some experts projected.
But the solutions are far from perfect. While Meltdown’s effects can be mitigated with updated operating systems, countering Spectre requires more complex steps like updating computer code stored in the chips themselves — or in some applications like web browsers, Intel recommends inserting special instructions in places that security professionals said may be hard to identify.
Smith said Intel and its partners had originally planned to disclose the security problems and their proposed solutions on Jan. 9, before the news was broken last week in The Register, a tech publication. Smith said the company did not disclose the issues when they were informed of them in June because Intel needed time to analyze the issues and then develop and test remedies.
Many security professionals said they accepted the argument. “This is not a simple ‘we found a bug, here’s a patch and we are done,'” Schneier said. Whether Intel’s actions to address Meltdown and Spectre will be enough for the company to sidestep a sizable financial hit is unclear. At least one lawsuit seeking class-action status has been filed against Intel, and some industry executives expect more litigation to come. At a minimum, Intel engineers working on future microprocessors now face the additional labor of trying to make them less susceptible to the new kinds of attacks.
Using the software fixes, “we already have the security improvement that we are seeking to get,” Smith said. But making internal changes to the chips could handle those changes more efficiently, he said.