Intel expands bug bounty to catch more Spectre-like security flaws

From Engadget - February 14, 2018

The higher bounty stems in part from the complexity of demonstrating exploits.Unlike most purely software-driven attacks, the speculative execution tricks behind Meltdown and Spectre require extensive know-how.

The end date on the side channel bounty sets a firm limit on what the program will achieve, although Intel's promise of more secure chips in 2018 could reduce the need to single out these sorts of attacks.The bug bounty program will continue to "evolve," Intel added, so it's not set in stone.There's no question about what the chip giant wants, though: it's racing to identify as many processor-related flaws as it can while its CPUs are known to be vulnerable and interest in the subject is high.


Continue reading at Engadget »