Researchers Accuse Intel of Attempted Bribery over MDS Flaw




/ 3 days ago
Intel CPU Shortages Expected to Continue Through Q2 2019

Intel Security Flaws

Earlier this week it was revealed that a whole new slew of security flaws existing with Intel processors was revealed. Now, to date, at least 4 names have cropped up for seeming the same or different flaws. We’ve seen ‘Zombieland’, ‘Fallout’ and even Microsoft’s preferred own branding to it, ‘MDS’ mentioned.

When cybersecurity research firm VU Amsterdam discovered RIDL, however, in a report via TechPowerUp, they are claiming that Intel attempted to ‘bribe’ them into keeping it quiet or, more accurately, not making their findings quite so public.

Was it a Bribe?

Ok, so that is rather a harsh word. It is, after all, well established that various companies will happily pay ‘bounties’ for people who discover security flaws in their hardware or software. We’ve seen in on multiple occasions where ‘white hat’ hackers get rewarded for finding faults and reporting them.

The security team, however, has chosen to disclose that they were essentially offered a $40,000 ” reward. This was on the proviso, however, that they would significantly downplay the importance of the flaw. This was backed up by a further promise of $80,000. The team did not disclose the terms of this 2nd payment. One can, however, presume that it would be upon successful ‘delivery’ of their initial deal.

VU Amsterdam did, however, decide to decline both offers and make the flaw known to the world. A factor that is clearly more than a little uncomfortable for Intel.

What is the Flaw?

After many attempts to try and understand the details, I have largely come to the conclusion that this is a very technical problem. Well beyond the understanding (or wish of) by the normal PC enthusiast. Put simply, however, RiDL (rouge in-flight data load) is an essential security back-door found deep in the processor design. This isn’t just an older-CPU issue either. It is believed to lie in most (even 9th-gen) designs.

Utilising a design flaw in the CPU buffer, it can effectively allow attackers to infiltrate your system. From there, certain commands can be executed to make your system vulnerable. In other words, putting your security, system and data at risk. This, in combination with the other flaws discovered, is a concern though. Particularly since many of them can effectively ‘work’ together for greater potential damage. This is, however, part of the reason why the details and specifics of the flaws are a little scarce at present. Intel wants to try and fix this before making it too well known.

The flaw is confirmed to have only affected Intel processors with AMD (once again) largely escaping exploit clutches. Intel is, however, working on fixing the issue. Albeit the issue of the fix potentially restricting performance is, again, on the agenda. Let’s see what Intel can do to fix this!

What do you think? Are you concerned about this security flaw? – Let us know in the comments!

F-Secure Reveals Another Intel Security Flaw
Topics: , , , , , ,


Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

eTeknix Facebook eTeknix Twitter eTeknix Instagram eTeknix Instagram

Check out our Latest Video

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!