"No problem here, move along, move along - you won't be able to modify/corrupt/delete that password, you can only read it in plain text. Nothing to see. Move on."
IIUC - you can transpose 'password' with seemingly anything stored in memory managed by the kernel, so Intel using this sort of deceptive language is poor behaviour.
> IIUC - you can transpose 'password' with seemingly anything stored in memory managed by the kernel, so Intel using this sort of deceptive language is poor behaviour.
Intel wasn't being deceptive. That is exactly what they said, "software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data." This is in the very first sentence of their response.
They also stated it does not have the potential to cause deletion, modification or corruption which directly contradicts the "malicious purposes" statement.
> They also stated it does not have the potential to cause deletion, modification or corruption which directly contradicts the "malicious purposes" statement.
You are mixing two different notions.
In security CIA = Confidentiality, Integrity, Availability.
Intel said that Confidentiality is broken by a security analysis applied maliciously (i.e. exploit), but Integrity is not. The general belief is that Availability is affected, due to a slowdown that depends on the workload.
That’s the most concerning thing then