Intel CEO Brian Krzanich at CES 2016. (GeekWire file photo)
That didn’t take long: the leaders of the Energy and Commerce Committee within the U.S. House of Representatives sent letters to the CEOs of six companies involved in the effort to deal with the Meltdown and Spectre chip design flaws on Wednesday, asking how the process was coordinated and whether more companies should have been informed about the problems.
“While we acknowledge that critical vulnerabilities such as these create challenging trade-offs between disclosure and secrecy, as premature disclosure may give malicious actors time to exploit the vulnerabilities before mitigations are developed and deployed, we believe that this situation has shown the need for additional scrutiny regarding multi-party coordinated vulnerability disclosures,” the committee wrote in identical letters sent to Amazon, AMD, ARM, Apple, Google, Intel, and Microsoft. After Google informed Intel in June 2017 that it had discovered a glaring security hole in chips used by nearly all the computers in the world, the six companies collaborated in secret for six months to understand the flaws and find ways to get around them.
What are Meltdown and Spectre? GeekWire’s guide to the problems with the world’s computer chips
This practice is not …read more