Even the best processors on the market may have security holes. Intel has launched its Bug Bounty program to help identify CPU bugs. Under the program, hackers who identify and report vulnerabilities in Intel hardware and software products will be rewarded. Project Circuit Breaker, as its name implies, will operate as a set of stand-alone, limited-time events for new and specific platforms and technologies.
In this program, participants will have the opportunity to learn and experience working with hardware provided by Intel, and along with the company’s engineers, can participate in the detection of hardware and software defects. According to Tom Hardhard, Katie NobelThe director of Intel Product Response Response (PSIRT) of the company’s bug hunting program said:
The circuit breaker project has been made possible thanks to our advanced research community. This program is part of our effort to meet with security researchers so that we can interact more meaningfully with them. We invest in and host bug hunting programs; Because such actions capture new perspectives on how to deal with emerging security threats, the circuit breaker project, especially when it comes to hardware, is the next step in working with researchers to strengthen ways to ensure industry security. We look forward to seeing how this program evolves and hope to introduce new people to the meaningful work we do.
Intel’s efforts to increase real and perceived product security were forced to increase in 2018 following the Specter / Meltdown crisis. The company even designed Fort Knox by building a secret center in Costa Rica for legacy and real-world security research.
Given that Intel’s bug hunting program was responsible for 97 vulnerabilities out of 113 reported external vulnerabilities in 2021, the impact of community-based security research seems to be an important part of the company’s ethics. Foreign researchers who are not part of Intel’s culture and knowledge are likely to be better able to address security issues and exploit them.
This will allow Intel to harness the collective mindset of the cybersecurity community; Communities that do the work and hours to identify these vulnerabilities; But only in return for money are they willing to identify and discover bugs.
In a part of the description of the main site of the circuit-breaking project, it is written:
For the first time, security researchers can work directly with security and Intel product teams through live hacking and security events, and rewards can be quadrupled. Flag registration competitions and other tutorials help prepare researchers for challenges that may involve accessing beta software or hardware and other unique opportunities.
The circuit breaker project is currently underway, and its first event, Camping with Tigers, was launched in December with a team of 20 foreign security researchers. The opportunity will expire in May, and participants will receive three levels of rewards for the importance of the identified vulnerabilities. This news shows that Intel’s action in this field has been successful and has now been integrated with the security efforts of the company’s products.
Source link
