To help put Intel’s allegations into context. Intel and other technology associations have been made informed of new security research reporting software analysis methods that, when used for malicious plans, have the potential to badly gather sensitive data from computing devices that are working as designed.
When malware steals your stuff, your Intel chip is operating as designed. Also, this is why our stock price fell. Please make different stock prices fall, thank you.
By the way, here’s what The Creator of Linux kernel Linus Torvalds had to say about this: “I think somebody inside of Intel needs to really take a longspun hard look at their CPUs, and actually acknowledge that they have issues preferably of writing PR blurbs that say that everything operates as designed.
“Is Intel essentially saying ‘we are dedicated to selling you shit forever and ever, and never fixing anything’?”
What Intel defined as “software analysis methods,” security researchers describe thus: “Meltdown reveals all security assumptions given by the CPU’s memory separation capabilities.”
“Meltdown” is the nickname given to a side-channel attack on memory separation that affects most Intel chips since 2010, as well as a few Arm cores. Intel’s chips may be “producing as designed” but it is this processor design that’s the issue; based on the analysis that has been published, the modern design is inadequate and insecure.
Meltdown on Intel CPUs and the Arm Cortex-A75 leaves normal applications to read defended kernel memory, allowing them to steal passwords and other secrets. It is easy to misuse, but easy to patch and workarounds to kill the vulnerability are possible for Windows and Linux, and are already in macOS High Sierra, for Intel parts. There are Linux kernel patches prepared for the Cortex-A75.
There’s also extra security flaw named Spectre that affects, to varying degrees, Intel, AMD, and Arm. Depending on your CPU, Spectre provides normal apps to potentially steal data from other apps, the kernel, or the underlying hypervisor. Spectre is hard to exploit, but also difficult to fully patch and is going to be the true stinger from all of this.