Intel Told Chinese Firms of Meltdown Flaws Before the US Government (engadget.com) 110
According to The Wall Street Journal, Intel initially told a handful of customers about the Meltdown and Spectre vulnerabilities, including Chinese tech companies like Alibaba and Lenovo, before the U.S. government. As a result, the Chinese government could have theoretically exploited the holes to intercept data before patches were available. Engadget reports: An Intel spokesman wouldn't detail who the company had informed, but said that the company couldn't notify everyone (including U.S. officials) in time because Meltdown and Spectre had been revealed early. Lenovo said the information was protected by a non-disclosure agreement. Alibaba has suggested that any accusations of sharing info with the Chinese government was "speculative and baseless," but this doesn't rule out officials intercepting details without Alibaba's knowledge. There's no immediate evidence to suggest that China has taken advantage of the flaws, but that's not the point -- it's that the U.S. government could have helped coordinate disclosures to ensure that enough companies had fixes in place.
Intel needs there cheap labor to crush AMD by volume
Intel needs there cheap labor to crush AMD by volume
Nice theory but it lacks any basis in reality. Intel is literally over 10X the size of AMD by revenue (~$60B versus ~$5B) and AMD is in no danger of catching up to Intel any time soon. Furthermore most of Intel's manufacturing sites [wikipedia.org] are in the US. They have precisely ONE chip fab in China versus NINE in the US. Approximately 75% of Intel's chip fabrication occurs in the US.
People tend to think of AMD as a close competitor but they aren't. Intel spends over double AMD's total revenue on R&D alone
Time and time again we've heard this argument that some incumbent has an "insurmountable advantage". Then what happens? Some competitor comes along and crushes the incumbent!
Web browsers are a good example of this. Netscape had huge market share for a few years. Then IE came along and rather quickly the tables had turned. IE became the dominant browser for a number of years. Then all of a sudden Phoenix/Firebird/Firefox comes along, and it takes a huge chunk out of IE. Of course, Mozilla didn't listen to its users and started making unwanted changes to Firefox, so Chrome came along and utterly destroyed both Firefox and IE. Now Chrome is the dominant browser by a huge margin.
Linux is another example of this effect in progress. Linux managed to see a lot of server and embedded use, and even a small amount of desktop use. But we've seen things like systemd ruin Linux's reliability in server environments, causing users to move to more reliable OSes like FreeBSD and OpenBSD. Linux has failed to provide a good desktop environment, so we see users using macOS or Windows instead. Linux is even failing in the embedded arena, with many users now choosing the better-licensed NetBSD, or the more reliable QNX, or even creating their own embedded OSes, like Google appears to be doing with Fuchsia [wikipedia.org]. It's looking more and more likely that Linux, despite seeing significant use, will become a dead/irrelevant OS much like Windows XP now is.
An "insurmountable advantage" is often not insurmountable at all.
Web browsers are a good example of this. Netscape had huge market share for a few years. Then IE came along and rather quickly the tables had turned.
That's a foolishly incommensurate example.
Changing market share in browsers doesn't cost multiple times billions of dollars in physical fabrication. The marginal cost to replicate either
Intel is literally over 10X the size of AMD by revenue
That's slightly misleading, because it assumes that all of Intel is competing with all of AMD. They have some competing business units, but they are not entirely direct competitors. For example, Intel has a huge network business unit (NICs, ICs for switches) and a large storage division, one of the two largest FPGA manufacturers, and it owns its own fabs. AMD no longer owns its own fabs, so doesn't require the same economise of scale to get the cost per wafer down (the fabs that make AMD chips also make chips for a load of other companies, so can benefit from large economies of scale).
Just because Intel is ten times the size doesn't mean that Intel's x86 chips are getting ten times (or even double) the investment that AMDs are.
People tend to think of AMD as a close competitor but they aren't. Intel spends over double AMD's total revenue on R&D alone
The vast majority of that is on process technology, which is no longer a business that AMD is in (and where the returns have been very low for the past 5 years).
That's slightly misleading, because it assumes that all of Intel is competing with all of AMD. They have some competing business units, but they are not entirely direct competitors.
I don't think it is misleading at all. You are correct that it's not 100% apples to apples but let's not pretend that a vast amount of AMDs revenue isn't directly competitive with Intel.
AMD no longer owns its own fabs, so doesn't require the same economise of scale to get the cost per wafer down
Incorrect. AMD doesn't get to escape those costs by outsourcing. While it may be cheaper than they could accomplish on their own (AMD is likely too small to achieve minimum efficient scale) it doesn't mean they can achieve cost parity with Intel and in fact you can tell they haven't by reading their financial statements.
It was pretty clear to me. Are you always this troubled?
The poster was claiming a statement to be literally true (as opposed to being a figurative statement). The statement being that Intel is 10 times as large as AMD when measured by revenue.
AMD reported Q3 2017 revenue as $1.64 Bilion.
Intel reported Q3 2017 revenue as $16.1 Billion.
So 10X isn't far off. X is often used as shorthand for times. If this bothers you, then I can't help you. Sorry.
Usually, when people use X to mean times, they do it with a lowercase x.
In an ideal world, people would use the unicode multiplication symbol U+00D7
The factory in china is much larger than the plants in the US, while it's the only one in China, it has significant output, so yes, it makes up 25% of all chips produced by Intel. You don't really think you can build a town sized plant in the US like they allow you to in China, do you? They need bicycles just to get anywhere in a reasonable amount of time.
My father was an Intel engineer for over 30 years (now retired). My family still li
At least when I worked for them, they did not do much work in China, and what work was done required some pretty significant security. They were definitely not equal partners. Meanwhile the "labor" was on US soil or in Malaysia.
Telling Lenovo about a security hole isn't entirely surprising, they are a good high-volume consumer of Intel products. I would probably notify Lenovo, HP, Dell at the same time. Alibaba is a little more confusing, combined with the knowledge that telling a Chinese corporation anyth
What's wrong with cheap labor?
there != they're != their
Your right!
Intel needs there cheap labor to crush AMD by volume
Intel needs AMD to prevent it being hit by anti trust legislation. A minnow competitor is enough to keep that at bay.
How is China a US enemy?
Or "creditor".
You're an idiot. But that's been the russian/chinese/republican party play book for a long time. You don't have to be perfect in order to criticize others. I've driven 5mph over the speed limit, that doesn't mean I can't call someone a dangerous idiot for doing 120mph in a school zone.
What do you honestly think would have happened to Manning if they were in the Chinese army - out of prison in 7 years and trying to run for government office? I doubt it...
How is China a US enemy?
They are a "communist" dictatorship. The "communist" is very sketchy, but the dictatorship is real.
The fact that they are a good trade partner has helped us avoid a war, cold or otherwise. But they're definitely an enemy, and we should be very concerned about them. Their economy has gone through a rapid expansion but is cooling off, but their living conditions and government has not changed much. This is likely going to cause us problems down the road as they struggle to keep the p
but their living conditions and government has not changed much.
Uhm, what? If there is a country on Earth where people have experienced a DRASTIC improvement of their "living conditions" (I assume that by this you mostly mean the standard of living) over the past few decades, then it's China. Few places in the world have seen the improvement China has. This is the main reason why their government has not changed - people see their lives improving steadily, so they do not feel it is necessary to change.
I personally find that people who see a "grey" everywhere are mostly cowards who are afraid to stand up, say, do, what is right etc. The world IS a pretty black and white place.
It is however possible for nations to co-exist in a state that is neither ally nor hostile. It should be possible to have fairly neutral trade relations without being antagonistic or buddy buddy lets all share each others secrets, five eyes... All it takes is a basic set of rules both parties can agree to play by. This should espe
The world is a pretty black and white place only if you are a kid or mentally ill (borderline personality disorder for example).
How is China a US enemy?
How is it you're even fucking asking this question? I can't even remember a time when they were not considered an enemy by the US Government.
That doesn't really answer the question 'how'. The US government considers many wrong things to be right.
They aren't officially. They US government doesn't declare tham an ally or an enemy.
However, the US has nuclear missiles targetted at China ready to be launched in minutes. China has nuclear missiles targetted at the US ready to be launched in minutes. For practical purposes that surely makes them more enemies than friends
:)
No, just think that enemy is a pretty harsh word for a country we have normal diplomatic relations, no war (or even proxy war), and a lot of trade with.
Enemy? Was there a declaration of war from the Congress that everybody but you missed?
I think the word you are looking for is "rival". And countries having rivals can sometimes be a good thing - it keeps everybody honest.
They're more like a "frenemy", as much as I dislike the word.
They're more like a "frenemy", as much as I dislike the word.
A frenemy with benefits?
Your point about the lack of declarations of war is well taken (and is, iMHO, a problem that needs to be fixed, but that's another rant). So if a delcaration of war doesn't define a foreign country as an enemy, what does? What, specifically is the line we can draw that allows us to say, "This country is an enemy"?
Actually, on re-reading the Constitution, we can even possibly charge them with treason--while one clause on treason defineds it as adhering to our enemies, giving them aid and comfort, it's also defined as levying war against the United States, which launching a preemptive strike would definitely fall under, whether it involved a country we had declared war on or not.
it keeps everybody honest.
Could you tell that to the current administration? I would have gone with "it keeps everybody on their toes".
Fine them for what? For not handing the info to the NSA so they could spy on the world instead? Could I be present for that trial? And that reason for the judgement? Because that's the ONLY thing you could sensibly cite as a reason. Care to explain that to the rest of the world?
There is exactly nothing the US can (officially) do now without looking ridiculous and provoke some kettle and pot comparisons.
Don't forget, the US Government needs to be considered an adversary in all security analyses. You don't tell a well-funded adversary about security exploits before you tell the public.
China is an economic competitor to the US. Being roughly the same geographic size, but a population 10x the amount of the United States. The fact that China hasn't killed us economically isn't due to anything the U.S. has done, but a failure in China to fully use its resources.
Now China is the supplier using Intels chips. When Intel told them first, it allows them to do something about it. Telling the US Government will just cause yelling, screaming and hearing, but not actual work towards solving the pro
Of which 8x are liabilities, rather than assets.
You can't even send China's bottom billion into battle without somehow having to feed them. If China declared war on Russia, the general M.O. would be to launch an invasion of Moscow in the early spring, while providing the troops with no warm clothing should the invasion fail to conclude promptly. That would be the Chinese a
And you prefer that the country we know attack internal and external targets using exploits should have the ability to exploit others?
Fuck you.
Why? Perhaps this was not in their contract. Please stop confusing the address of the company with the nationality of the company.
They are a company in many countries.
And perhaps they have more to lose if they would not inform the Chinese first.
And just to inform you: EVERYBODY is an enemy of the US government, including other Americans and/or their companies.
Enemy is perhaps too strong a term, though adversary is definitely appropriate.
I think a more appropriate punishment would be preferring other suppliers over Intel in all government contracts, and perhaps canceling some contracts that have already been awarded.
And just what was the US government supposed to do (Score:5, Insightful)
Talk about a non-story. Vendors told of problems that only vendors can fix before non-vendors involved.
News at
... fuck it, this is not news. It belongs in the Daily Flail.
There's no immediate evidence to suggest that China has taken advantage of the flaws, but that's not the point -- it's that the U.S. government could have helped coordinate disclosures to ensure that enough companies had fixes in place.
Not to mention it would have been really handy for NSA to take advantage of the flaws for a while to spy on the Chinese government.
it's that the U.S. government could have helped coordinate disclosures to ensure that enough companies had fixes in place.
With all the NSA disclosures of the last years, the US government did not exactly proofed themselves as more reliable when it comes to fixing things as compared to keeping them private and using them to spy on others.
Please note that I'm NOT saying Chinese, Russian or any other government would be trustworthier, so skip those replies
He has to do it.
He has to NUKE EM NOW!
You're pissed that for a change a different secret service gets to spy on the world with a 0day?
calling the accusations "speculative and baseless" is not actually a denial.
How does one ensure proper punishment for a Corporation?