Skip to main content

Chinese firms knew about Spectre and Meltdown before the US government

(Image credit: Image source: Shutterstock/lolloj)

Intel alerted Chinese companies to the Spectre / Meltdown vulnerabilities before notifying the US government, reports have claimed.

According to The Wall Street Journal (opens in new tab), Intel notified both Alibaba and Lenovo group about the flaws before it told government watchdogs, heightening fears around possible Chinese spying on the US.

Alibaba said nothing about Intel’s notification, but did say that claims of the Chinese government obtaining the information were “speculative and baseless.”

Speaking with the Journal, experts are saying there’s no evidence the information was misused in any way.

A former NSA employee, and the head of Rendition Infosec security company told the site it was almost certain the Chinese government knew about the threat due to keeping tabs on communications between the companies.

“The Google Project Zero team and impacted vendors, including Intel, followed best practices of responsible and coordinated disclosure," Intel said in a statement.

"Standard and well-established practice on initial disclosure is to work with industry participants to develop solutions and deploy fixes ahead of publication. In this case, news of the exploit was reported ahead of the industry coalition’s intended public disclosure date at which point Intel immediately engaged the US government and others,” an Intel spokesperson told The Hill.

First revealed earlier in January, Spectre and Meltdown are flaws in processors, found in virtually all machines we have today (computers, tablets, smartphones). They allow attackers to access a vulnerable machine and extract valuable data.  

Image source: Shutterstock/lolloj 

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.