In a new article, Wired takes a look at how Intel is making its chips more secure. A year ago, the tech world was caught by surprise as academics and independent researchers disclosed Meltdown and Spectre, two vulnerabilities that affect Intel CPUs, and to a lesser degree chips from AMD and ARM. Pushing for maximum performance is how Spectre and Meltdown cropped up and it will likely take four to five years until fundamental speculative execution defenses have been added to Intel's processors.
The piece also highlights STORM, a strategic offensive research and mitigation group inside Intel. It consists of a group of hackers tasked with finding the next generation of security threats:
Intel's offensive security research team comprises about 60 people who focus on proactive security testing and in-depth investigations. STORM is a subset, about a dozen people who specifically work on prototyping exploits to show their practical impact. They help shed light on how far a vulnerability really extends, while also pointing to potential mitigations. The strategy helped them catch as many variants as possible of the speculative execution vulnerabilities that emerged in a slow trickle throughout 2018.