Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Microsoft and Apple Asked by Congress Why They Kept Meltdown & Spectre Secret
#1
http://news.softpedia.com/news/microsoft...9550.shtml        Microsoft and Apple Asked by Congress Why They Kept Meltdown & Spectre Secret

US Congress sends letter to tech companies over the disclosure of hardware vulnerabilities discovered in 2017
Jan 25, 2018 09:08 GMT  ·  By Bogdan Popa ·  Share:      
The United States House Energy and Commerce Committee has sent a letter to a number of tech companies, including Microsoft and Apple, to ask for more information on why they decided to keep secret the details of the Meltdown and Spectre security flaws.

The letter reveals that several companies, namely Apple, Amazon, AMD, ARM, Google, Intel, and Microsoft, learned about the two vulnerabilities in June 2017, but they all agreed to a so-called information embargo set to expire on January 9, 2018.

The tech giants remained tight-lipped on the flaw in order to buy more time to develop patches, though it’s not known why it took so long to distribute software mitigations since they were informed in mid-2017.

The Meltdown and Spectre vulnerabilities in chipsets manufactured by Intel, AMD, and ARM were patched by the largest tech companies earlier this month after a sudden disclosure on January 2.

Tech leaders to meet the House committee on February 7
The US Congress says that by keeping details secret, the tech companies named above might have affected the other firms who weren’t included in the embargo and had to develop their own patches for Meltdown and Spectre, thus leaving their customers exposed longer.

“Why was an information embargo imposed?” the companies are being asked in the letter. “What company or combination of companies proposed the embargo?” a second question reads.

“Some observers have raised questions about the effect of the embargo on the ability of companies not included in the original June 2017 disclosure to protect their own products and users, compared to those companies that were included,” the letter states before adding that “it is reasonable to assume that additional companies have been negatively impacted by the embargo.”

Microsoft and Apple have remained tight-lipped until now on this information request, but Intel did offer a statement to explain that it’s now working with US representatives on answering the questions.

“We appreciate the questions from the Energy and Commerce Committee and welcome the opportunity to continue our dialogue with Congress on these important issues,” an Intel spokeswoman was quoted as saying. “In addition to our recent meetings with legislative staff members, we have been discussing with the Committee an in-person briefing, and we look forward to that meeting.”
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Massive Nitro data breach impacts Microsoft, Google, Apple, more mrtrout 0 1,121 10-26-2020 , 07:01 PM
Last Post: mrtrout
  Windows Spectre Patches Are Here, But You Might Want to Wait mrtrout 0 1,715 03-20-2018 , 10:25 PM
Last Post: mrtrout
  Microsoft Willing to Pay Up to $250,000 for Meltdown and Spectre Exploits mrtrout 0 1,675 03-15-2018 , 09:39 PM
Last Post: mrtrout
  The Meltdown and Spectre Effect: Intel Facing 32 Lawsuits Over CPU Flaws mrtrout 0 1,814 02-19-2018 , 10:36 PM
Last Post: mrtrout
  Microsoft Releases More Meltdown and Spectre Updates for Windows 10 mrtrout 0 1,478 02-14-2018 , 09:09 PM
Last Post: mrtrout



Users browsing this thread: 2 Guest(s)