News

Intel Turns Alder Lake UEFI/BIOS Source Code Theft into a Hugely Positive Move!

Earlier this week, information appeared online suggesting that the source code for Intel’s Alder Lake desktop processors had been stolen and published online. – This was clearly quite an alarming piece of news as source code is an exceptionally sensitive piece of information which, in the wrong hands, could potentially lead to new security exploits being found.

At the time of the leak, however, it was unclear as to exactly what had been stolen with some sources suggesting that it may have contained the source code for BIOS/UEFI, while others went further suggesting that it also held the source code for the actual processor chipsets. – Following a report via TechPowerUp, however, Intel has formally confirmed the bad news that the former has indeed been stolen. On the plus side, however, it doesn’t appear that the latter is an issue, and more so, nothing currently in the wild should represent any kind of security risk to users!

Intel Confirms Source Code Theft – But It Isn’t (Overly) Bad News!

Intel has started by saying that while the source code for UEFI/BIOS has been stolen, they do not believe that it contains anything which should represent a security risk. In fact, they are so confident of this that with it now technically in the public hands, they’re openly encouraging people (as part of their bug bounty program) to actually attempt to find security flaws with it! – And if you do, you’ll get paid for it!

“Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.”

Overall, I actually have to applaud Intel for taking this approach. They can’t, after all, put the genie back in the bottle and it clearly achieves a lot more by asking the community to try and find bugs with it (for which they’ll get an actual monetary reward) rather than by attempting to downplay or hush the matter up.

So, for those white hat hackers among you, the gauntlet has been set down. – Oh, and in regards to the source, Intel hasn’t said anything one way or the other but Lenovo does still appear to be the prime ‘third-party’ culprit!

What do you think? – Let us know in the comments!

Mike Sanders

Disqus Comments Loading...

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

4 days ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

4 days ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

5 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

5 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

5 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

5 days ago