News

Researchers Accuse Intel of Attempted Bribery over MDS Flaw

Intel Security Flaws

Earlier this week it was revealed that a whole new slew of security flaws existing with Intel processors was revealed. Now, to date, at least 4 names have cropped up for seeming the same or different flaws. We’ve seen ‘Zombieland’, ‘Fallout’ and even Microsoft’s preferred own branding to it, ‘MDS’ mentioned.

When cybersecurity research firm VU Amsterdam discovered RIDL, however, in a report via TechPowerUp, they are claiming that Intel attempted to ‘bribe’ them into keeping it quiet or, more accurately, not making their findings quite so public.

Was it a Bribe?

Ok, so that is rather a harsh word. It is, after all, well established that various companies will happily pay ‘bounties’ for people who discover security flaws in their hardware or software. We’ve seen in on multiple occasions where ‘white hat’ hackers get rewarded for finding faults and reporting them.

The security team, however, has chosen to disclose that they were essentially offered a $40,000 ” reward. This was on the proviso, however, that they would significantly downplay the importance of the flaw. This was backed up by a further promise of $80,000. The team did not disclose the terms of this 2nd payment. One can, however, presume that it would be upon successful ‘delivery’ of their initial deal.

VU Amsterdam did, however, decide to decline both offers and make the flaw known to the world. A factor that is clearly more than a little uncomfortable for Intel.

What is the Flaw?

After many attempts to try and understand the details, I have largely come to the conclusion that this is a very technical problem. Well beyond the understanding (or wish of) by the normal PC enthusiast. Put simply, however, RiDL (rouge in-flight data load) is an essential security back-door found deep in the processor design. This isn’t just an older-CPU issue either. It is believed to lie in most (even 9th-gen) designs.

Utilising a design flaw in the CPU buffer, it can effectively allow attackers to infiltrate your system. From there, certain commands can be executed to make your system vulnerable. In other words, putting your security, system and data at risk. This, in combination with the other flaws discovered, is a concern though. Particularly since many of them can effectively ‘work’ together for greater potential damage. This is, however, part of the reason why the details and specifics of the flaws are a little scarce at present. Intel wants to try and fix this before making it too well known.

The flaw is confirmed to have only affected Intel processors with AMD (once again) largely escaping exploit clutches. Intel is, however, working on fixing the issue. Albeit the issue of the fix potentially restricting performance is, again, on the agenda. Let’s see what Intel can do to fix this!

What do you think? Are you concerned about this security flaw? – Let us know in the comments!

Mike Sanders

Disqus Comments Loading...

Recent Posts

Cities Skylines 2 Modding Finally Coming March 25th

At long last modding for Cities Skylines 2 will be arriving on March 25th alongside…

2 hours ago

Specs For Upcoming PS5 Pro Have Been Leaked

It's no secret that Sony is planning on releasing a Pro model of the PlayStation…

2 hours ago

Elgato Premium 1080p HD Facecam

Studio quality f/2.4 24 mm* all-glass Elgato Prime Lens Sony® STARVIS™ Sensor optimized for indoor…

20 hours ago

Cryorig R5 Performance CPU Cooler with 140mm – Black / White

The large tower cooler relies on two 140 mm fans, six 6 mm heat pipes…

20 hours ago

Cryorig Crona S ARGB 120mm PWM Triple Fan Pack with Controller

An Alternative to Convention - With the Low-key black back frame, Crona S features the…

20 hours ago

Asetek SimSports Pagani Huayra R Sim Racing Pedals

Expand your setup with real Pagani genes - With the Asetek SimSports Pagani Huayra R…

20 hours ago