Monday , 16 July 2018
Home >> C >> Chips >> Intel boosts bug bounty program in wake of Meltdown and Spectre flaws

Intel boosts bug bounty program in wake of Meltdown and Spectre flaws

INTEL IS OPENING UP its bug bounty program to more researchers in the hope of in the wake of the Meltdown and Spectre chip vulnerabilities. 

Having been caught with its pants down over Meltdown and Spectre, it’s no surprise the chip maker is looking for a little more bug spotting help.

Launched back in March 2017, the Intel Bug Bounty Program was set up to incentivise security researchers to find potential security flaws in Intel chips and systems.

But the chaos around Meltdown and Spectre and the problems with patching them – the former caused systems to slow down, while the patch for the latter from Intel causes unexpected processor reboots – has unsurprisingly got the firm looking more closely at what it can do to squash bugs earlier and more effectively.

As such, the bounty has now been expanded to offer security researchers up to $100,000 for disclosing a general security flaw and a hefty $250,000 for side-channel vulnerabilities such as Spectre.

“Coordinated disclosure is widely regarded as the best way to responsibly protect customers from security exploits. It minimises the risk that exploitable information becomes publicly known before mitigations are available,” said Rick Echevarria, vice president and general manager of platform security at Intel.

“Working closely with our industry partners and our customers, we encourage responsible and coordinated disclosure to improve the likelihood that users will have solutions available when security issues are first published.

“Our Bug Bounty Program supports this objective by creating a process whereby the security research community can inform us, directly and in a timely fashion, about potential exploits that its members discover.”

Part of this will also involve changing the program from invite-only to open to all. This should encourage anyone who finds a flaw to come to Intel rather than post it on hacker channels or shout about it on Reddit.

You could argue that Intel should be responsible for making sure its chips and products are robust rather than look for outside help.

But, in the pursuit of innovation, tech mistakes and mishaps are common even with companies famed for near-flawless tech; Apple’s flashy new HomePod smart speakers is one such example of tech tripping up on itself. µ



  • <!–

  • Save this article

  • –>

==[ Click Here 1X ] [ Close ]==