WASHINGTON DC – The US government wishes it had gotten the memo on Spectre and Meltdown sooner. On Wednesday, the Senate Committee on Commerce, Science and Transportation held a hearing on cybersecurity issues related to the Spectre and Meltdown vulnerabilities, which left hundreds of millions of computer chips open to attacks.
The Spectre and Meltdown flaws were first announced in January, after Google’s Project Zero, as well as independent researchers, discovered problems with processors that created the vulnerabilities and dated back 20 years. Project Zero is a team of Google security analysts that looks for vulnerabilities in software.
Researchers notified chip companies of Spectre and Meltdown in 2017, but the US government wasn’t informed of the vulnerabilities until they were publicly disclosed. That’s an issue for lawmakers, who argue the government should have known about the vulnerabilities immediately so that it could protect itself from foreign cyberattacks.
To read the rest of the story, click on https://www.cnet.com/news/congress-please-tell-us-about-security-vulnerabilities-sooner/?ftag=CAD2e9d5b9&bhid=20102274281679224800074149012732