Reply to post: Re: Note that they didn't bother with open source operating systems

Intel didn't tell CERTS, govs, about Meltdown and Spectre because they couldn't help fix it

Orv

Re: Note that they didn't bother with open source operating systems

OpenBSD has been included in embargoed fixes before, and slipped the changes into the codebase so users were protected on day one of the public notice.

Pretty sure their history of doing that is why they WEREN'T included. If you slip something into the code repository, people can diff it and figure out what you're up to. They don't need a commit message that says SECURITY HOLE HERE to catch on.

Kinda by definition open-source projects can't keep secrets.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021