On January 2, 2018, The Register, a science and technology news site based in Britain, published an article revealing the existence of two major bugs leaving virtually all computers and smartphones at risk. The first and more dangerous of the bugs, Meltdown, affects all modern processors manufactured in the past decade by Intel. The other bug, Spectre, affects chips made by companies such as AMD, ARM, as well as Intel. Both bugs are a result of a flaw in the chip design. Both design flaws leave open exploitable security vulnerabilities.

The Meltdown design flaw can allow programs and malicious users to access the kernel memory–the kernel memory holds secret information such as logins, passwords, and any files cached on the disk. To remediate the Meltdown bug, tech companies such as Amazon, Apple, Google, and Microsoft have released patches that create a software separation to protect the kernel memory from unauthorized access.

While there are no known attacks using the Meltdown vulnerability, the patch will decrease performance on Intel chips from 5 percent to 30 percent. Chips by other companies such as AMD and ARM will not have their performance adversely affected because they do not contain the design flaw that allows the Meltdown bug and do not need the patch. Software developers do not have a fix for the Spectre bug yet and do not know what impact it would have. Based on what you learned about product liability, do you think end users have a case to make against Intel for the Meltdown exploit? What theory of product liability do you think would make the best case against Intel? What defense could Intel mount?