The source code for Alder Lake, Intel’s latest generation of desktop processors, is available on the Internet. Intel wants to be reassuring and says that the security of your computers will probably not be compromised.
Disaster in Santa Clara! The BIOS source code of Intel Core Alder Lake, their latest generation of desktop PC processors, is said to have leaked on the internet. Worse still, there wouldn’t even be a need to go to the Dark Web to get it. A copy is indeed available on Github or 4chan. What implications for the security of our computers? None, according to the Californian founder who told our colleagues: “We don’t think this exposes new security flaws because we haven’t obfuscated the code as a security measure. This one is covered by Project Circuit Breaker, our bug squashing program“.
To read : Intel Announces 13th Gen Raptor Lake Processors, Launching October 20
Project Circuit Breaker is an initiative bringing together hackers, security researchers and engineers around Intel products, whether graphics cards or processors. Theoretically, this very lucrative program, whose premiums can amount to $100,000 depending on the severity of the fault, makes it possible to quickly escalate vulnerabilities towards the engineers and to prevent any attack. Intel does not seem more worried than that about a possible fraudulent use of the BIOS code of Alder Lake, their 12th generation of processors.
Intel did not receive a ransom note, officially
UEFI, or formerly BIOS, is the program responsible for initializing computer components and booting the operating system by putting device drivers in memory. It is also responsible for testing the hardware components of the computer, such as the hard drive or the graphics card. The copy of the6GB UEFI available online contains all the utilities to modify it.
Several clues suggest that the employee of a Lenovo subcontractor in China would have organized this leak. There was certainly no mention of a ransom demand, but hacker groups such as Lapsus$ blackmailed Nvidia, AMD and other big names in computing like Microsoft, following the same modus operandi : go through subcontractors who are a little “light” on cybersecurity to steal information from the big company. The leak of the source code of Intel’s Alder Lake may therefore only announce other problems for the company.