These stock sales need to be approved months in advance just for this purpose. It's schedule SO THAT they don't have the SEC breathing down their neck. But, the question really is, how long ago was this approved and schedule, and how long ago did Intel know about the issue? As mentioned by another, since Apple has already patched, it was known prior to it's public release.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Intel Claims Security Flaw Also Impacts Non-Intel Chips, Exploits Can't Corrupt, Modify or Delete Data [Updated]
- Thread starter MacRumors
- Start date
- Sort by reaction score
These stock sales need to be approved months in advance just for this purpose. It's schedule SO THAT they don't have the SEC breathing down their neck. But, the question really is, how long ago was this approved and schedule, and how long ago did Intel know about the issue? As mentioned by another, since Apple has already patched, it was known prior to it's public release.
I still got Star Trek 25th Anniversary. One of the best games ever made. Definitely the best Star Trek game.
Did all the remaining PowerPC Mac owners just hug their Macs this week?
Cache-based side channel attacks were known for some time. Earliest papers were around 2010 I think, maybe earlier? Nobody really made a big fuss out of this back then. This new attack is basically a variation of those methods. I don't think that the media has reported this accurately (and as always, its a bit overblown), but I guess its good that this problem finally gets wide coverage.
This entire thing is just a continuation of the common line of years of sloppiness and not-taking-things seriously, both on Intel's and OS developers side of things.
My only worry is performance, as I don’t store sensitive information in any machine connected to the Internet. I understand (although don’t support) the teams who had fought hard to get these minutes of glory in the media, but their pseudo-glory will vanish as soon as CPU vendors release new architectures.
As I said, my main worry is performance, so I’ll protect my machines not against these vulnerabilities, but against the patches. I’ll also look forward to buy new CPUs that address these flaws in hardware rather than in software.
The world is full of teams looking for glory these years. It seems the economy problems have hit everybody hard.
As I said, my main worry is performance, so I’ll protect my machines not against these vulnerabilities, but against the patches. I’ll also look forward to buy new CPUs that address these flaws in hardware rather than in software.
The world is full of teams looking for glory these years. It seems the economy problems have hit everybody hard.
But without people like these making vulnerabilities public, would companies bother to change their architectures to fix unreported problems?
I gather the CEO's sale of stock was pre-planned, but that the plan was made after Intel learned of the vulnerability.
For all those claiming there will be a massive class action suit, what grounds do you believe it'll be filed on?
I predict any such attempt will be a huge failure.
I predict any such attempt will be a huge failure.
You don’t need going back to pen and paper if your sensitive data is not connected to the internet and if you don’t use devices/apps that monitor your private life. Unfortunately, people love their private data to be connected to the internet, so, for the vast majority of people your pen and paper advice applies.
Why is it a cheap shot when it's entirely true? AMD is also vulnerable to Spectre.
I think a HUGE question now is how much are the Apple A7 and newer SoC's--which are still based quite a bit on ARM technology--are affected by the Spectre exploit. Will Apple need to roll out an iOS 11.2.2 update to address this?
No, they knew, more than likely. As to why they seem to have done nothing about it, never underestimate corporate greed and inability to see past the next quarters profits.
The problem is not in the chips. The problem is in using devices connected to the Internet that store and monitor your personal data. If people were using technology as they should, these “vulnerabilities” would be irrelevant. The minutes of glory of these teams owe a lot to the success of Facebook, Cloud stuff, etc...
Maybe, HOWEVER this issue stretches all the way back to several generations of Intel CPUs so Intel could have know about it for years. Then when they learnt of the flaw maybe being discovered because people(Google security team) were investigating then the CEO decided to plan the sale.
[doublepost=1515086432][/doublepost]
And it is possible that Intel knew about this for a long while because the issue is not new. It has stretched back more than a couple of years. It does not take as long to plan the sale of the shares. So the CEO might have know about this for a long time and just decided that now was the time to sell the shares while they could before the flaw was finally revealed.
I wish people would stop defending a bunch of fat cat bosses of big companies who earn more in one day than average people earn all year and seem to not give a **** about anyone but themselves.
Then when things go bad they never EVER admit what they knew and what they did wrong but pass the buck and dump all the consequences usually on the staff on the shop floor/factory floor etc
[doublepost=1515086513][/doublepost]
No idea because I am not a programmer but if it were impossible then this would be a non issue but it is not so thereof it is possible.
Do we know if any Macs have suffered a performance loss in High Sierra since the last patch that I believe deals with this CPU security issue?
I use my iMac as a DAW & while it's doing a great job for me on Sierra, I am concerned if I now upgrade to High Sierra & will suffer some loss in performance.
I use my iMac as a DAW & while it's doing a great job for me on Sierra, I am concerned if I now upgrade to High Sierra & will suffer some loss in performance.
It can be 100% perfect, if people are clever enough and determined enough to make it happen. Look at modern fighter jets etc. Such as the Euro-fighter. The code for that thing is serious hardcore and needs to be. I mean it would be dam useless if it had flaws/bugs that enabled it to just drop out of the sky because the pilot pushed the wrong button. I have an uncle who worked as an avionics engineer for the RAF so trust me code and hardware can be pretty dam robust if needed to be and if the costs are paid, something corporation hates doing.
Apple probably won't say a word about their own processors unless the media picks up on the story.
Based on the battery throttling incident, we know Apple doesn't communicate unless absolutely necessary.
To me, it is quite clearly a bug! The CPU will read a location it is not allowed to read. The Meltdown demonstration reads memory. But - this bug should allow a user process to read any memory mapped location, even hardware registers! A malicious process could thus watch a communication channel - and even interfere with it. It could grab serial input from a console before the OS gets to it. Some hardware locations "do things" when read. Like say, turning off a cooling fan.
Further, a non malicious but buggy program could affect the system when it crashes. It might do a random read of a location that affects something (like above.)
It is easy enough to "clear" the cache by reading a different range of memory. All that's required is that none of the sentinel locations are in the cache. The lack of cache clearing instructions would simply slow down the exploit.
[doublepost=1515088387][/doublepost]
Don't be relieved - it is affected by this bug.
In all likelihood, this flaw affects all EM64T processors including Conroe and Merom.
Not exactly. It can infer the contents of the memory location based on how long it takes to read information (thus detecting whether given bits are in the cache or are not, and knowing that if it is in the cache that means it corresponds to the hypothesized value). It's a side channel attack.