Intel tried desperately to change the subject from Spectre and Meltdown at CES
It was so bad that the chip maker has to be thrilled to have CES, the massive consumer technology show going on this week in Las Vegas, as a way to change the subject and focus on the other work they are doing.
For starters, CEO Brian Krzanich had to deal with the elephant in the room at the company keynote on Monday. Spectre and Meltdown patches were coming to 90 percent of the company’s affected chips by next week. That was good news for a company under siege for what my colleague Ingrid Lunden described without exaggeration as “…perhaps its biggest security scare in its history.”
It didn’t help matters when Intel’s patch proved buggy and caused some systems to reboot.
In case you don’t know what that trouble was about, it began last week when The Register, a U.K. tech publication, published an article blowing the lid off an Intel kernel security problem in their CPU chips. This is not a small matter.
It has the potential to allow hackers unimpeded access to the chip’s kernel where information like your passwords and encryption keys are stored in a supposedly secure area of the chip architecture.
It later turned out there were actually two chip vulnerability problems, one that had an impact on mostly Intel chips called Meltdown (a single ARM chip is also affected) and one called Spectre that affected Intel and other chips, including AMD and ARM processors and even IBM’s Power chips. We also learned that another Intel rival, Nvidia, also announced several of its chips have been affected. (If you were running a Raspberry Pi computer, you were spared.)
Mitigation efforts have been coming fast and furious from every corner: from chip vendors, from the OS vendors like Microsoft and Apple and from very nearly everyone else. There is concern that the mitigation solutions could in fact slow down computers substantially. While it’s still not widely known just how much that will affect individual computers and servers, Microsoft published a blog post this week outlining their benchmarks showing various degrees of performance degradation after implementing the Spectre and Meltdown mitigation solutions on machines running Windows. So did Intel, which found some performance hits and Google, which claimed it didn’t have any.
While this wasn’t just an Intel problem, it is, as Lunden pointed out, “one of the world’s biggest chip makers,” and as such it bore the brunt of the bad reaction. It didn’t help that the company had been aware of the vulnerability for some time or that Krzanich had sold a substantial amount of stock in November, and had filed the intent to sell those shares after the company had learned about the bugs.
This week at CES, the company addressed the problem (at least to some extent), as Lunden reported, but a show like CES has the advantage of being a stage for a number of new technologies. The company began making a flurry of announcements, planned long before the chip flaws became public last week.
It started with the announcement of a 49 Qubit quantum computing chip. If you want to change the conversation, building one of the fastest quantum computing chips in the world is one way to do it (IBM announced in November that it had built a 50 qubit prototype).
All of this seems to me to be about using various degrees of showmanship and technological acumen to try to change the subject. It’s likely that Meltdown and Spectre will continue to haunt Intel and other chip makers for some time to come.
While it’s important to note that there haven’t been any documented breaches from this vulnerability, it has created a serious perception problem for Intel and its competitors, especially since they have chosen from an engineering perspective to optimize their chips for speed over security for many years, paving the way for these vulnerabilities.
Given all of this, Intel has little choice but to keep dancing as fast it can, just like the drones it showed off earlier this week at CES.