Intel Warned Chinese Companies of Chip Flaw before US Government
In initial disclosures about critical security flaws discovered in its processors, Intel Corp. notified a small group of customers, including Chinese technology companies, but left out the U.S. government, according to people familiar with the matter and some of the companies involved.
The decision raises concerns, security researchers said, as it potentially could have allowed information about the chip flaws, dubbed Spectre and Meltdown, to fall into the hands of the Chinese government before being publicly divulged. There is no evidence any information was misused, the researchers said.
Weeks after word of the flaws first surfaced, Intel's choices about whom would receive advance warning continue to ripple through the security and tech industries. The flaws were first identified in June by a member of Google's Project Zero security team. Intel had planned to make the discovery public on Jan. 9 -- people working to protect systems from hacks often hold off on announcements while fixes are devised -- but sped up its timetable when the news became widely known on Jan. 3, a day after U.K. website the Register wrote about the flaws.