Earlier this week, information appeared online suggesting that the source code for Intel’s Alder Lake desktop processors had been stolen and published online. – This was clearly quite an alarming piece of news as source code is an exceptionally sensitive piece of information which, in the wrong hands, could potentially lead to new security exploits being found.
At the time of the leak, however, it was unclear as to exactly what had been stolen with some sources suggesting that it may have contained the source code for BIOS/UEFI, while others went further suggesting that it also held the source code for the actual processor chipsets. – Following a report via TechPowerUp, however, Intel has formally confirmed the bad news that the former has indeed been stolen. On the plus side, however, it doesn’t appear that the latter is an issue, and more so, nothing currently in the wild should represent any kind of security risk to users!
Intel has started by saying that while the source code for UEFI/BIOS has been stolen, they do not believe that it contains anything which should represent a security risk. In fact, they are so confident of this that with it now technically in the public hands, they’re openly encouraging people (as part of their bug bounty program) to actually attempt to find security flaws with it! – And if you do, you’ll get paid for it!
“Our proprietary UEFI code appears to have been leaked by a third party. We do not believe this exposes any new security vulnerabilities as we do not rely on obfuscation of information as a security measure. This code is covered under our bug bounty program within the Project Circuit Breaker campaign, and we encourage any researchers who may identify potential vulnerabilities to bring them our attention through this program. We are reaching out to both customers and the security research community to keep them informed of this situation.”
Overall, I actually have to applaud Intel for taking this approach. They can’t, after all, put the genie back in the bottle and it clearly achieves a lot more by asking the community to try and find bugs with it (for which they’ll get an actual monetary reward) rather than by attempting to downplay or hush the matter up.
So, for those white hat hackers among you, the gauntlet has been set down. – Oh, and in regards to the source, Intel hasn’t said anything one way or the other but Lenovo does still appear to be the prime ‘third-party’ culprit!
What do you think? – Let us know in the comments!
Plaion, a leading video game publisher, and Retro Games Ltd., a specialist in reimagined classic…
During the latest earnings call, NVIDIA CFO Colette Kress warned of a potential GPU supply…
Chinese sources say the GeForce RTX 5090, RTX 5080, RTX 5070 Ti, and RTX 5070…
GTA 6 doesn’t have an official release date yet, but it has already earned a…
Stay on Point with ActiveTrack 6.0 - With upgraded tracking tech, OM 6 sticks to…
Pack includes three Wiser Radiator Thermostats. These smart radiator thermostats are only designed to work…