[AnIdiotOnTheNet]

A more generous interpretation: Intel made decisions that favored actual measurable performance today at the expensive of theoretically known vulnerabilities that might be exploited in some hypothetical future. They gave the market what the market demanded at a cost they tolerated.

And even now, after said theoretical vulnerabilities have been reified, there is very little cause to be concerned about the vulnerabilities under discussion unless you host code for other people as a business model (or use such a service). Otherwise your biggest concern is a web browser that already has a whole host of actual and theoretical vulnerabilities of its own.

[okcando]

> They gave the market what the market demanded at a cost they tolerated.

This suggests a level of informed consent that I don't think existed. It implies that "the market" (who?) knew of, understood, and agreed to the risks.

And anyway, "the market" does a poor job of representing some of its stakeholders, notably the disorganized group known as users, and immediate competitive advantage may be the only metric driving decision-making.

[marcosdumay]

Intel made decisions that favored the actual indicators people were looking at with a hidden cost on things people weren't aware of. They got the market exactly what the market demanded while deceiving that market by applying known bad practices. There is a huge difference in impact from saving money by using lead-based paint, but it's the same kind of decision.

> unless you host code for other people as a business model

Or is a victim of one of those javascript based exploits when visiting a random site.

[yardie]

Any security researcher or engineer worth their salary is already planning for those theoretical vulnerabilities. Ideas like these are hashed out at the development meeting. Not fixed after the cart has left the barn.

[AnIdiotOnTheNet]

And yet people use Linux instead of OpenBSD, because it turns out security isn't always the most important consideration.