Intel faces trio of class action lawsuits over Meltdown & Spectre security holes

Posted:
in Current Mac Hardware edited January 2018
Intel is staring down class action lawsuits in California, Indiana, and Oregon over the Meltdown and Spectre vulnerabilities exposed in modern processors, which can be used to access restricted memory in unpatched devices.




The suits, seen by AppleInsider, were filed in California, Indiana, and Oregon. One common thread through each is the delay between when researchers brought the issue to Intel's attention in June and its January disclosure. Another is the potential slowdown caused by available software fixes, though Intel has previously insisted that any performance hits are "workload-dependent" and "should not be significant" for the average person. The company is also promising to lessen the impact in future updates.

The California suit alleges that users have caused class members to "lose money and property by being overcharged for and paying for the defective CPUs. Similarly, the Oregon-based suit alleges that users "suffered an actual ascertainable loss of the purchase price they paid for their microchip" and purports that had the flaw been known earlier that a purchase from a competitive vendor would have been likely.

California's suit is case 5:18-CV-00046. Indiana's and Oregon's are 1:18-cv-00029 and 6:8-cv-00028 respectively.

The Indiana suit leans on degradation of CPU performance with any fixes to be applied. It alleges that class members suffer from a choice of buying a new computer with a processor that does not contain the flaw or must continue to use a computer "with massive security vulnerabilities or one with significant performance degradation."

Meltdown and Spectre exploit a feature in Intel and ARM processors called "speculative execution," which calculates multiple instruction branches simultaneously, predicting which one is most likely to be used. Meltdown mainly affects Intel chips, dating as far back as 1995.

On Thursday Apple acknowledged that while iOS 11.2, macOS 10.13.2, and tvOS 11.2 included fixes to protect against Meltdown, it still has more work to do, including patching watchOS and Safari to defend against Spectre. Further updates should be available in a matter of days.

Intel and ARM-based chip designs are ubiquitous in the technology industry, used in the majority of computers, phones, tablets, and wearables. Apple relies on Intel CPUs for Macs, and ARM technology for the A- and S-series chips found in iPhones, iPads, iPods, and Apple Watches.

Comments

  • Reply 1 of 9
    tzm41tzm41 Posts: 83member
    It's worth acknowledging that AMD processors are also vulnerable to the Spectre exploit.
  • Reply 2 of 9
    Rayz2016Rayz2016 Posts: 4,631member
    Not a hope in hell. 


  • Reply 3 of 9
    lkrupplkrupp Posts: 7,162member
    tzm41 said:
    It's worth acknowledging that AMD processors are also vulnerable to the Spectre exploit.
    The CEO of AMD was interviewed on CNBC this morning. She tiptoed around the Meltdown flaw without claiming that AMD was immune but made it clear AMD was better prepared to handle it. She admitted that AMD was vulnerable to Spectre and then spun it on the operating system vendors to fix.
  • Reply 4 of 9
    lkrupplkrupp Posts: 7,162member

    Rayz2016 said:
    Not a hope in hell. 


    Yep, let’s revisit both the Intel CPU and Apple battery management issues a year from now and see how things are going. Lawsuits make fantastic claims of damage and lost production, skullduggery and fraud, pain and suffering.
    anton zuykovwatto_cobra
  • Reply 5 of 9
    mknelsonmknelson Posts: 358member
    lkrupp said:
    The CEO of AMD was interviewed on CNBC this morning. She tiptoed around the Meltdown flaw without claiming that AMD was immune but made it clear AMD was better prepared to handle it. She admitted that AMD was vulnerable to Spectre and then spun it on the operating system vendors to fix.
    https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/

    Interesting read from last Friday - Ars take on the responses from Intel, AMD, and ARM.
  • Reply 6 of 9
    It's bizarre how fast these class action law suits have gotten started when it's literally impossible for anyone to know how much damage anyone will suffer as a result of this.  On the other hand, we have IP suits that show up years and years after the fact, involving no-longer-relevant models.

    I don't envy the lawyers for the plaintiffs the task of totaling up and justifying the costs of this.  They will have to create a methodology that will stand up in court.  The verbiage used in this story doesn't even come close to painting a compelling picture.  If (to make up some numbers) it turns out that the slow down is 3% but only happens 5% of the time, how much is that worth?
    edited January 2018 watto_cobra
  • Reply 7 of 9
    Desperately need tort reform... make the lawyers pay big time if they lose these useless suits..
    watto_cobra
  • Reply 8 of 9
    icoco3icoco3 Posts: 1,459member
    I would allow them to continue but they must all agree to an order to not use in any capacity any electronic device or computer themselves or by anyone they engage with in any form of commerce.  If they are damaged, by their assertion, ban them from engaging in any activity where they could be damaged further.
    watto_cobra
  • Reply 9 of 9
    dysamoriadysamoria Posts: 2,216member
    normang said:
    Desperately need tort reform... make the lawyers pay big time if they lose these useless suits..
    But we don't need our corporate overlords to be responsible or anything, so let's just kill all regulation and class action-type legal cases and let them just do whatever they want without any recompense to the people who have to use their badly designed products when serious issues actually make it into public discourse...
Sign In or Register to comment.