
Intel was aware of the chip vulnerability when its CEO sold off company stock - MollyR
http://www.businessinsider.com/intel-ceo-krzanich-sold-shares-after-company-was-informed-of-chip-flaw-2018-1
======
JumpCrisscross
Google discloses the vulnerability to Intel in June. On October 26th, Intel
files its quarterly numbers and makes no mention of Project Zero or the word
"vulnerability" and fails, in Item 1A, to disclose any new risk factors [1].
On October 30th, Krzanich puts in trading instructions [2]. On November 29th,
the trades occur; on December 1st, their confirmations are disclosed [2].

I'm not an expert on the sale of stock in public companies by insiders. But
implementing sale instructions after finding a material risk factor _and_ a
filing that fails to reveal it looks shady.

(I continue to default to the assumption of sloppiness over bad intent, though
even that is harshly punishable, albeit with fines versus jail time.)

[1]
[https://www.sec.gov/Archives/edgar/data/50863/00000508631700...](https://www.sec.gov/Archives/edgar/data/50863/000005086317000048/a2017q3-10qdocument.htm#sEC4B4E5BB2945CE9B97383143D9B5368)

[2]
[https://www.sec.gov/Archives/edgar/data/50863/00011276021703...](https://www.sec.gov/Archives/edgar/data/50863/000112760217033679/xslF345X03/form4.xml)
_Explanation 1_

~~~
thisisit
How is it different from other sells Krzanich has done earlier? It seems that
he has been selling/disposing off his shares on a regular basis after each
option execution:

[http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=in...](http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=insider&sorttype=0&page=11)

[http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=in...](http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=insider&sorttype=0&page=12)

[http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=in...](http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=insider&sorttype=0&page=13)

[http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=in...](http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=insider&sorttype=0&page=14)

The only difference in this case is the trade size. Huge grant was vested and
sold:

[http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=sh...](http://www.nasdaq.com/symbol/intc/insider-
trades?sortname=sharestraded&sorttype=1)

This might be related to his employment terms.

~~~
avs733
Because in addition to selling of his option shares he also told off all if
the other shares he has been holding down to the minimum (250k shares) that he
is required to hold as CEO based on the Intel governance documents.

In November he sold as much stock as he legally could in his position, not
just the amount he optioned.

~~~
Arainach
The holding requirements are contractual, not criminal - there's no law
requiring him to hold stock.

The minimum he's required to hold is still more than $10M tied up in a single
stock. Wanting to diversify one's assets past that level is understandable.

~~~
SolarNet
You missed the point, it _implies_ criminal if he sold down differently this
time. The contractual details are only important in so far as they dictate his
behavior.

------
jcranmer
One major counterpoint:

What would have happened if the AMD developer on the LKML hadn't said "AMD
chips aren't affected by [one of the bugs]" before the big public post? The
big headlines would have all been about "major class of speculative execution
bugs that cause data exfiltration on ARM, AMD, and Intel hardware." Only one
of the bugs is Intel-specific (admittedly, the worst one), but even the
Project Zero blogpost points out that it mostly focused on attacking Haswell
microarchitecture.

So while Intel does have some egg on its face, ARM and AMD aren't exactly out
of the woods yet. Side-channel attacks as a result of speculative execution
are sort of a well-known idea, but the main big news is that they are
practical to exploit and exfiltrate data. I would not be surprised to see more
exploits of this type affecting different hardware vendors come out over the
next year. The reason why there's so much focus on Intel is because people
trying to reverse-engineer the exploit found the message saying "AMD not
affected" and didn't realize that AMD _is_ affected by _some_ of the bugs.

Quite likely, whatever internal announcements that would have filtered up to
the CEO would have focussed on the fact that other vendors are seeing some
impact from these bugs (if nothing else, professional ass-covering). So it's
hard to see how the CEO would actually find this information out even
internally.

Edit: to put it more succinctly, Intel appears to have been preparing for an
announcement of "Major class of speculative execution vulnerabilities [with
particular impact to Intel]." However, the way the announcement came out was
"Apparent major bug... that's Intel-specific... oh, here's the details of this
bug [with related bugs affecting everybody]." That doesn't scream insider
trading to me.

~~~
theptip
For the question of insider trading, it's irrelevant whether other companies
were affected by this bug.

As long as the information was not public (in this case presumably it was an
embargoed secret under NDA), and that information is material (this
information clearly is as Intel's stock is down about 3% today) then it's
illegal to trade on that information.

~~~
jcranmer
Well, the question is whether one would expect that Intel would be
particularly affected. If the message is "everyone is boned," then there's no
reason to expect Intel's share price to fall. That the message ended up being
"Intel is boned" doesn't mean that insiders expected that to be the message.

To clarify: it smells bad enough to be investigated... but I wouldn't vote to
convict solely on the evidence presented.

~~~
sangnoir
You're muddying the waters.

> If the message is "everyone is boned," then there's no reason to expect
> Intel's share price to fall

That's a weak defense agains insider trading: the underlying (and incorrect)
assumption is that share prices are 0-sum. It is possible - likely even - for
the shares for _all_ 3 to drop if it affects their businesses. It would still
be insider trading regardless of who else on the market is affected.

------
sevenfive
Interesting to compare the reactions in this thread from 1 day ago:

"Intel's CEO Just Sold a Lot of Stock"

[https://news.ycombinator.com/item?id=16055851](https://news.ycombinator.com/item?id=16055851)

~~~
pas
New evidence (Google disclosed the vuln to Intel in 2017 June), means new
behavior.

------
colemannugent
This looks really bad from a PR perspective. Huge performance effecting
security vulnerability and their CEO might have traded on insider info,
doesn't look good.

I hope their lawyers have been productive these last few months before this
all went public.

~~~
rando444
The vulnerability aside, it looks bad in general when a CEO suddenly dumps all
of his stock other than the required minimum.

Throw in Google disclosing the vulnerability to Intel in June, and it looks
criminal.

------
rosser
Rather damning: "Krzanich's [Rule 10b5-1(c)] plan was created on October 30
and by Intel's own admission, the company learned of the chip vulnerability in
June."

------
downrightmike
They'll probably nail him, but not the Equifax C-suite.

~~~
QAPereo
The laws around PII breaches due to carelessness are largely nonexistent in
the US. Laws around insider trading have had more than a century to develop
their pointy end.

~~~
craftyguy
Well that's a problem. PII breaches should have pointed ends as pointed, if
not more, than insider trading.

~~~
ars
That's really hard to do. PII breaches are virtually always by mistake
(irrelevant if that mistake is negligence).

Insider trading is intentional.

You can't really legislate serious penalties for mistakes, and negligence is
really really hard to prove.

~~~
theptip
The EU already has legislated serious penalties for data breaches, and AFAIK
whether it was a "mistake" or negligence is irrelevant:

[https://en.wikipedia.org/wiki/General_Data_Protection_Regula...](https://en.wikipedia.org/wiki/General_Data_Protection_Regulation#Data_breaches)

The US doesn't seem to have much appetite for this kind of regulation though.

~~~
DoofusOfDeath
It's worth distinguishing the US congress and executive branch from the US
citizenry, in cases like this.

~~~
theptip
Very true. I'd be interested to know how this issue polls in the US, I haven't
seen any data on that.

------
notacoward
Material + non public = insider trading. Anything else is an excuse, not a
defense. This should be an open-and-shut case.

~~~
fwdpropaganda
> Material + non public = insider trading. Anything else is an excuse, not a
> defense

Except you're wrong. Material and non-public are not sufficient conditions for
a trade to be considered insider. I know the name and common lore seems to
imply it, but legally there's many other details attached.

~~~
notacoward
There are details of how "material" and "non public" are defined, but those
_are_ the two criteria. Don't call people wrong when you have zero facts on
your side.

~~~
fwdpropaganda
A counter-example is enough to prove me right.

I could give you at least one counter-example, ie a real court case from 2017
where two specific entities secretly coordinated a trade for stock in one of
them on material and non-public information and was determined legal.
(Obviously it went to court because people like you abound, who believe that a
complex matters like inside trading come down to "material" and "non-public".)

I'm not going to give you that example though, because I take issue with your
arrogance, ie authoritatively claiming that someone has zero facts on their
side when you have no idea what you're talking about :-)

------
Decabytes
One day CEO's will be held accountable for their companies actions.

~~~
tonmoy
What specific actions by intel are you proposing we should hold the CEO
accountable for?

~~~
dannyw
Failure to disclose material change in their past quarterly reports, failure
to file a 8-k.

------
omarforgotpwd
The stock seems to be doing fine. Overvalued even perhaps. A P/E of 42 when
you have Nvidia hitting them on the high end, Apple and ARM hitting them on
the low end, and AMD continuing to commoditize their offerings? I personally
would not buy or hold at that price. I don't think there's anything illegal
about selling the shares as soon as he executed on them, as he'll need to at
least sell some to cover the tax liability, I think.

~~~
mythz
INTC only has a P/E Ratio of 15.86
[https://www.google.com/search?q=NASDAQ:INTC&tbm=fin](https://www.google.com/search?q=NASDAQ:INTC&tbm=fin)

~~~
omarforgotpwd
Ah my mistake I must have misread.

------
QAPereo
Well, then I guess the CEO is going to prison, and someone at the SEC is going
to make their career on this.

~~~
dna_polymerase
Don't know why you are being downvoted so much. That's actually what _should_
happen. He probably will stay out of prison but there is no way they can keep
him as CEO. This is a textbook example of insider trading from an CEO.

------
jenscow
It looks like there will be a surge of purchases of new CPUs. He should have
kept hold.

------
stevemk14ebr
Serious question unrelated to the article. Why are half of these comments
being flagged?

~~~
grzm
Nit: I don't see any that are flagged. There are some that are downvoted.

My mind-reading skills aren't what they used to be. Some of those downvoted
are arguably off-topic or unsubstantive, both of which are frowned upon by HN
members. Others, who knows. But then again, this is all speculation.

------
mrmondo
If nothing else, it sends a clear message of “I wouldn’t trust our product”.

------
randyrand
looks like he made about 4% more than he should have. Pretty insignificant in
the grand scheme of things.

------
erikb
Do we already have hints who's doing a power play here? I mean even the leak
was a surprise to companies like Google as I see it. Is there someone who
wants to become CEO at Intel or a bigger company that wants to become a
majority stake holder?

------
jumbopapa
Isn't this a case that describes the benefits of insider trading? Him being
able to sell his stock in the company alerted everyone that something may be
up.

~~~
JdeBP
What alerted people that something may be up were discussions on LWN and the
patch commentaries in Linux kernel code commits.

* [http://pythonsweetness.tumblr.com/post/169166980422/the-myst...](http://pythonsweetness.tumblr.com/post/169166980422/the-mysterious-case-of-the-linux-page-table)

* [https://news.ycombinator.com/item?id=16046636](https://news.ycombinator.com/item?id=16046636)

------
yuhong
I wonder if that many people actually care. It is a timing attack only AFAIK.

