
Scaleway patches infrastructure to mitigate Intel bug - y0ghur7_xxx
https://blog.online.net/2018/01/03/important-note-about-the-security-flaw-impacting-arm-intel-hardware/
======
y0ghur7_xxx
> While trying to get a solution to address this vulnerability as fast as
> possible, we faced communication issues with Intel which was deliberately
> restricting & filtering the information about the bug.

and

> According to the latest update from Intel, a microcode is required to
> completely fix the bug. The microcode release date is, at this time,
> scheduled for an undisclosed confidential unacceptable late date

seems like intel is not much help.

~~~
nicolaslem
They also mention that they were made aware of the issue only a few days ago,
probably like us on HN.

Are smaller actors left behind?

~~~
PuffinBlue
Seems like it. And not just the smaller companies:

DigitalOCean appear out of the loop and they're fairly sizeable[

OVH appear to have received no advanced notice (if you read between the lines
of their post)

Cloudflare has been silent and they usually love being at the front of this
stuff. They'll also probably take a nasty hit from these mitigation's too with
their incredibly heavy network load, so they might all be out buying hardware.

That said, you've got to draw the line somewhere, AWS is truly huge and a key
Intel customer, Google is one of Intel's biggest buyers and their researcher
independently discovered it, Microsoft equally a massive Intel customer.

Overall I'd say Intel tried to keep it to an absolute minimum which is fair
enough really. Had the news not broken early it's probable that patch
notifications would have gone out once fully developed to all of these
'smaller' companies.

~~~
jgrahamc
Our plan is to talk about this when we have full data. Right now looks like we
aren't taking much of a hit at all.

~~~
PuffinBlue
Excellent. I enjoy reading your write ups/insight so it'll be very interesting
to see what you have to say.

------
edouardb
Post updated #6

------
lemoncucumber
I misread this as Safeway, and was really surprised for a minute.

