[UPDATE] Intel gets multiple class action lawsuits over CPU vulnerability

[Morgan MLGman]

4 hours ago, RefresherMan said:

How is this fraud when it's a bug? Am I missing something here?

Well, Intel knew about all this since at least June - Not only they kept selling CPUs they knew were vulnerable and had a design flaw, but also deliberately released another generation of CPUs in that time without fixing the flaw in their design, two different chipsets actually (X299, Z370). They didn't announce it earlier and they didn't announce it now, they said they were "about to" do that, but what else could they say  

Do you think that's okay?

[mr moose]

5 minutes ago, Morgan MLGman said:

Well, Intel knew about all this since at least June - Not only they kept selling CPUs they knew were vulnerable and had a design flaw, but also deliberately released another generation of CPUs in that time without fixing the flaw in their design, two different chipsets actually (X299, Z370). They didn't announce it earlier and they didn't announce it now, they said they were "about to" do that, but what else could they say  

Do you think that's okay?

The alternative is they stop selling ALL their processors from the date they were informed (AMD and ARM would have to also).   Not going to happen, they had a fix on the way, the bug wasn't public.

 

Had they decided to stop selling all processors (apart from being a monumental fuck up with revenue) people would want to know why and that would have let the cat out of the bag potentially turning the bug into an open threat. 

 

A win here for the lawyers will set a precedent for every chip maker to be sued.  Remember AMD haven't said ryzen is secure, they have said the threat is a "near zero risk", which is PR for vulnerable but we want you to think it's not.   Which makes them just as much of a legal target.

[Jc0813]

I had a Call of Duty Black Ops 2 and i played it on Asus X450C the specifications is Intel Core I3 3217u 2 core 1.8Ghz and 4Gb of ram upgraded to 8gb OF RAM DDR3 and Intel HD 4000 and i launched COD black ops 2 at 9 AM and im getting 40 to 30FPS and around 7 or 8PM im getting 48 to 60FPS thats weird maybe caused by the Intel CPU issues/bug/glitch

[asus killer]

the CEO sold a lot of stocks recently. The Americans love to sue for everything, but I think in this case there is at least some smoke. If they know about this and kept a secret, that is potential a liability.  

[Anghammarad]

Just look at all the warnings on everything... all those are the sign, that someone was dumb enough to do what the warning sign now warn for.

 

It is a little sad to see this huge massive intelligence/common sense deficit all around... 

 

And for the topic here... within the USA it is only a matter of time before someone tries to get "rich" with such opportunities like the given. What they don't realize, the big part goes to the lawyers... And mostly many of the people starting the lawsuit look like greedy morons.

 

Yes sure if there is a fault and there were human casualties, that's another matter. But here it is just gimme some bucks and I stop screaming

[RefresherMan]

46 minutes ago, Morgan MLGman said:

Well, Intel knew about all this since at least June - Not only they kept selling CPUs they knew were vulnerable and had a design flaw, but also deliberately released another generation of CPUs in that time without fixing the flaw in their design, two different chipsets actually (X299, Z370). They didn't announce it earlier and they didn't announce it now, they said they were "about to" do that, but what else could they say  

Do you think that's okay?

Well, not in that context, no.

 

However, from what I understand is this was an exploit that had to be patched at the software level? I just don't find how fraud or how Intel meant foul play here, it would actually be Windows for NOT releasing the patch fast enough then woudn't it?

[Bit_Guardian]

1 hour ago, mr moose said:

Not that I've seen.  The earliest known mention is in June when google security discovered it and told AMD, ARM, VIA and Intel.

EDIT: I am guessing they probably also told Apple and MS seeing as they are both working on the fixes.

Probably also RedHat, Canonical, Amazon, and Joyent given who's been pushing the updates to the Linux kernel over the last week, in bulk.

[RefresherMan]

Here is a really god ELi5 / TLDR about it all. Read his chained tweets below

 

Seems like the bug Spectre affects all microprocessors, not just Intels 

 

[asus killer]

18 minutes ago, RefresherMan said:

Well, not in that context, no.

 

However, from what I understand is this was an exploit that had to be patched at the software level? I just don't find how fraud or how Intel meant foul play here, it would actually be Windows for NOT releasing the patch fast enough then woudn't it?

it's a hardware fault not a software fault. It can only be solve by software now but the problem is still the hardware.

[RefresherMan]

21 minutes ago, asus killer said:

it's a hardware fault not a software fault. It can only be solve by software now but the problem is still the hardware.

 

How can Intel be at blame, when the SOFTWARE you use on top of THEIR hardware is what creates this exploit? It's a "hardware" issue yes, however, where does negligence come into play on Intel's part? A CPU at the physical level doesn't care about what software you use. Intel isn't forcing you to use any kind of operating system/kernal. 

 

You would have to prove that in court, for their to be fraud/negligence. Last time I checked, we willingly install the operating systems.

 

 

 

[asus killer]

5 minutes ago, RefresherMan said:

 

How can Intel be at blame, when the SOFTWARE you use on top of THEIR hardware is what creates this exploit? It's a "hardware" issue yes, however, where does negligence come into play on Intel's part? A CPU at the physical level doesn't care about what software you use. Intel isn't forcing you to use any kind of operating system/kernal. 

 

You would have to prove that in court, for their to be fraud/negligence. Last time I checked, we willingly install the operating systems.

 

 

 

I'm not an expert but the problem is the prediction for tasks on the CPU, how it leaves information that should not be accessed by low level applications. It's not the software that creates the opportunity for exploit, it's the hardware. Someone more knowledge can explain better i'm sure.

[RefresherMan]

15 minutes ago, asus killer said:

I'm not an expert but the problem is the prediction for tasks on the CPU, how it leaves information that should not be accessed by low level applications. It's not the software that creates the opportunity for exploit, it's the hardware. Someone more knowledge can explain better i'm sure.

Isn't that backwards though? The hardware is just doing what it's doing at the physical level, the software is the gateway to the exploits.

 

However, that hardware (Intel), isn't forcing anyone to use said operating system/kernal. So I can't find any negligence/fraud abuse.

 

However, if for let's say, Intel releases CPUs that magically come pre-installed with Windows/Linux, and while KNOWING about the bug for 6 months, and continuing to sell those specially designed CPUs, then yes. Could be grounds for fraud/negligence.

 

However, since the end user is manually installing the software   that acts as a gateway to the exploit, how does that mean the hardware is at fault?

 

Maybe I am missing something or don't fully understand this but that's my viewpoint on it

[Bit_Guardian]

19 minutes ago, RefresherMan said:

Isn't that backwards though? The hardware is just doing what it's doing at the physical level, the software is the gateway to the exploits.

 

However, that hardware (Intel), isn't forcing anyone to use said operating system/kernal. So I can't find any negligence/fraud abuse.

 

However, if for let's say, Intel releases CPUs that magically come pre-installed with Windows/Linux, and while KNOWING about the bug for 6 months, and continuing to sell those specially designed CPUs, then yes. Could be grounds for fraud/negligence.

 

However, since the end user is manually installing the software   that acts as a gateway to the exploit, how does that mean the hardware is at fault?

 

Maybe I am missing something or don't fully understand this but that's my viewpoint on it

Out of curiosity, when did Intel discontinue the PCIe accelerator version of the Xeon Phi?

[RefresherMan]

1 minute ago, Bit_Guardian said:

Out of curiosity, when did Intel discontinue the PCIe accelerator version of the Xeon Phi?

Why be snarky? Just my opinion about the matter

[Jito463]

8 hours ago, Derangel said:

If they can prove that Intel knew about this for the past decade (since it effects CPU that far back) then there might be a case to be made, however Intel was only informed in June.

4 hours ago, IntMD said:

(Tinfoil hat time) I can imagine some people wondering if at least a small part of why coffeelake ended up being brought forward by a few months was to get it released before this became public knowledge.

That's exactly what I was thinking, though IntMD and MLGman beat me to it.

2 hours ago, Morgan MLGman said:

Well, Intel knew about all this since at least June - Not only they kept selling CPUs they knew were vulnerable and had a design flaw, but also deliberately released another generation of CPUs in that time without fixing the flaw in their design, two different chipsets actually (X299, Z370). They didn't announce it earlier and they didn't announce it now, they said they were "about to" do that, but what else could they say  

Do you think that's okay?

They may have a case given the way Intel rushed Coffee Lake to market, even after knowing about the bug (or possibly because of it).

 

2 hours ago, mr moose said:

1) The alternative is they stop selling ALL their processors from the date they were informed (AMD and ARM would have to also).   Not going to happen, they had a fix on the way, the bug wasn't public.

 

Had they decided to stop selling all processors (apart from being a monumental **** up with revenue) people would want to know why and that would have let the cat out of the bag potentially turning the bug into an open threat. 

 

2) A win here for the lawyers will set a precedent for every chip maker to be sued.  Remember AMD haven't said ryzen is secure, they have said the threat is a "near zero risk", which is PR for vulnerable but we want you to think it's not.   Which makes them just as much of a legal target.

1) It's not that they should have stopped selling all processors, it's more that they rushed their new generation to market after learning about this bug from Google.

 

2) You keep conflating Spectre with Meltdown (and I suspect you're doing it on purpose).  The biggest issue by far is Meltdown, which does not affect AMD.

 

1 hour ago, RefresherMan said:

Seems like the bug Spectre affects all microprocessors, not just Intels 

See my respond to Moose above.  Spectre (one variant, anyway) affects AMD, but is difficult to implement.  Meltdown does not.

 

8 hours ago, Bit_Guardian said:

Can we please have a do-over and get Clinton? Slimy or not at least she's not the quintessence of all of the worst American qualities in one singular mass of skin.

I'm no fan of Trump (he's the reason I switched from Republican to independent in 2016, after more than 21 years), but a lot of the stories in the media are just crap designed to make him look bad.  Ironically, if he'd run as a Dem, the media would have probably loved him.  Most of our "media" in this country, are just propaganda arms of the DNC.  Any President with an (R) after his name is an automatic target for them even if they're not conservative, and Trump is definitely not a conservative (then again, neither were either Bush).

 

Also, while it's a bit of a toss-up, I still say Clinton was the worst choice of the two.  While I'm not glad Trump won, I am most definitely glad Hillary lost.

[asus killer]

1 hour ago, RefresherMan said:

Isn't that backwards though? The hardware is just doing what it's doing at the physical level, the software is the gateway to the exploits.

 

However, that hardware (Intel), isn't forcing anyone to use said operating system/kernal. So I can't find any negligence/fraud abuse.

 

However, if for let's say, Intel releases CPUs that magically come pre-installed with Windows/Linux, and while KNOWING about the bug for 6 months, and continuing to sell those specially designed CPUs, then yes. Could be grounds for fraud/negligence.

 

However, since the end user is manually installing the software   that acts as a gateway to the exploit, how does that mean the hardware is at fault?

 

Maybe I am missing something or don't fully understand this but that's my viewpoint on it

the kernel is intel's "software" and no one chooses to use the prediction feature on the CPU, it's there, the CPU uses it. I don't get your point at all.

[Morgan MLGman]

3 hours ago, mr moose said:

The alternative is they stop selling ALL their processors from the date they were informed (AMD and ARM would have to also).   Not going to happen, they had a fix on the way, the bug wasn't public.

 

Had they decided to stop selling all processors (apart from being a monumental fuck up with revenue) people would want to know why and that would have let the cat out of the bag potentially turning the bug into an open threat. 

 

A win here for the lawyers will set a precedent for every chip maker to be sued.  Remember AMD haven't said ryzen is secure, they have said the threat is a "near zero risk", which is PR for vulnerable but we want you to think it's not.   Which makes them just as much of a legal target.

Yeah, though nothing can justify rolling out another generation of CPUs (two actually, if you count Skylake-X as well) when they were aware of the design flaw in them...

And this IMO should be the basis for a court case against Intel. It's like some car company had a flaw in their cars meaning that if someone unscrews one of the screws under your car then the entire wheel would fall off despite having a few other screws keeping it in place. It wasn't known so they could keep selling them this way, that's understandable. But if they found out about it, and still released a new model with the same flaw while keeping that information to themselves, then it would probably be illegal.

2 hours ago, RefresherMan said:

Well, not in that context, no.

 

However, from what I understand is this was an exploit that had to be patched at the software level? I just don't find how fraud or how Intel meant foul play here, it would actually be Windows for NOT releasing the patch fast enough then woudn't it?

The exploit had to be patched at the software level because of the design flaw in Intel CPUs, software was designed correctly, it was the CPUs that were working incorrectly under certain circumstances and patching the software is just way easier to do than replacing all shipped processors under warranty.

[ItsMitch]

Alright, I've finally dragged my fat ass out of bed, going to look into the court papers properly and do some level of breakdown of the major points, because why not?

[JohnMiller92]

20 minutes ago, asus killer said:

the kernel is intel's "software" and no one chooses to use the prediction feature on the CPU, it's there, the CPU uses it. I don't get your point at all.

Oh wait, the kernel is part of Intel's CPU, or part of the Linux Kernel? I'm confused, what's the difference?

[JohnMiller92]

23 minutes ago, Morgan MLGman said:

Yeah, though nothing can justify rolling out another generation of CPUs (two actually, if you count Skylake-X as well) when they were aware of the design flaw in them...

And this IMO should be the basis for a court case against Intel. It's like some car company had a flaw in their cars meaning that if someone unscrews one of the screws under your car then the entire wheel would fall off despite having a few other screws keeping it in place. It wasn't known so they could keep selling them this way, that's understandable. But if they found out about it, and still released a new model with the same flaw while keeping that information to themselves, then it would probably be illegal.

The exploit had to be patched at the software level because of the design flaw in Intel CPUs, software was designed correctly, it was the CPUs that were working incorrectly under certain circumstances and patching the software is just way easier to do than replacing all shipped processors under warranty.

My bad. I am getting the linux kernel mixed up with the Intel kernel then.

 

So wait, the bug is a kernel  (Intel level), not operating system bug (Linux Kernel), and Intel knew about it and continued to sell processors with it?

 

If true, then yeah, that's definitely negligence / fraud at play

[cj09beira]

30 minutes ago, JohnMiller92 said:

My bad. I am getting the linux kernel mixed up with the Intel kernel then.

 

So wait, the bug is a kernel  (Intel level), not operating system bug (Linux Kernel), and Intel knew about it and continued to sell processors with it?

 

If true, then yeah, that's definitely negligence / fraud at play

if i am not mistaken google informed them of it months ago, so probably around coffee lake launch, which in my eyes is f***ed up

[Morgan MLGman]

37 minutes ago, JohnMiller92 said:

My bad. I am getting the linux kernel mixed up with the Intel kernel then.

 

So wait, the bug is a kernel  (Intel level), not operating system bug (Linux Kernel), and Intel knew about it and continued to sell processors with it?

 

If true, then yeah, that's definitely negligence / fraud at play

From my understanding, the bug is within the CPU kernel and only by heavily modifying the kernel of an OS this issue can be fixed. Intel not only continued to sell processors with it, they also released new generations of CPUs that had that exact same flaw inside because of their design, just didn't bother telling anyone about it.
Months later, when someone else leaked info about this issue, Intel stated they were "just about" to release information about it - yeah, right It's just plain shady stuff right there and I really do not like it.

5 minutes ago, cj09beira said:

if i am not mistaken google informed them of it months ago, so probably around coffee lake launch, which in my eyes is f***ed up

Google informed them about it in June according to reports, which was well before Coffee Lake released...

[JohnMiller92]

3 minutes ago, Morgan MLGman said:

From my understanding, the bug is within the CPU kernel and only by heavily modifying the kernel of an OS this issue can be fixed. Intel not only continued to sell processors with it, they also released new generations of CPUs that had the exact same flaw inside because of their design, just didn't bother telling anyone about it.

Google informed them about it in June according to reports, which was well before Coffee Lake released...

Oh wow, CPU kernel? Intel is fucked then, as it was reported to them long ago.  This will be a lot bigger than I thought ^-^ 

 

Will be a long year

[ItsMitch]

It appears that 2 more lawsuits have been filed, one in the District of Oregon Case 6:18-cv-00028-MC and the other in the Southern District Court of Indiana Case 1:18-cv-00029-TWP-MPB

District of Oregon is aiming for the following:

COUNT I - VIOLATION OF ORS 646.608

 

COUNT II - UNJUST ENRICHMENT

Before anyone asks, I'll leave the exact definitions to ORS and Unjust Enrichment

ORS 646.608 is Additional unlawful business, trade practices.

And Unjust Enrichment is "In law, unjust enrichment occurs when one person is enriched at the expense of another in circumstances that the law sees as unjust. ... The law of restitution is the law of gain-based recovery."

 

The Southern District of Indiana is aiming for: 

 

COUNT I – INDIANA DECEPTIVE CONSUMER SALES ACT, §24-5-0.5-3

 

COUNT II – BREACH OF IMPLIED WARRANTY

 

COUNT III – NEGLIGENCE

 

COUNT IV – UNJUST ENRICHMENT/MONEY HAD AND RECEIVED

 

You get the picture, People are truly gunning for Intel right now, don't wanna be in their legal team's shoes right now, I bet it's a right shit fest.

[JohnMiller92]

8 minutes ago, SC2Mitch said:

It appears that 2 more lawsuits have been filed, one in the District of Oregon Case 6:18-cv-00028-MC and the other in the Southern District Court of Indiana Case 1:18-cv-00029-TWP-MPB