A class-action lawsuit against Apple for allegedly misleading customers regarding the notoious Spectre and Meltdown vulnerabilities has been dismissed.
Reuters reported U.S. District Judge Edward Davila, in San Jose, California, ruled that the plaintiffs did not prove Apple knew about the vulnerabilities and kept quiet, selling their products at inflated prices, as a result. They also failed to prove Apple provided security patches that significantly slowed down the performance of the devices.
Apple, as well as other tech giants, first reported discovering the two flaws in early 2018. The customers, who filed the class-action lawsuit at the time, claimed Apple knew about the flaws as early as June 2017, but kept quiet about it until a New York Times report basically forced them to speak.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.
Vague claims and affirmative misrepresentation
But the judge says the plaintiffs failed to prove they relied on Apple’s marketing, when making their purchase choices. Apple’s claims that their devices were “secure” and “built with privacy in mind” were too vague to support their claims. The judge also said that Apple’s claims of newer processors being faster than the older ones weren’t false, just because patches may have slowed them down.
“Plaintiffs have failed to allege an affirmative misrepresentation, an actionable omission, and actual reliance” on misstatements by Apple, Davila wrote.
The plaintiffs now have until June 30 to appeal the decision.
Read more
> Apple says all Macs and iOS devices have been hit by Meltdown and Spectre
> Spectre returns – Intel and ARM-based CPUs hit by serious vulnerability
> Apple’s PC and mobile chips suffer from world-first data theft exploit
Spectre and Meltdown were two major vulnerabilities, discovered in early 2018, which allowed threat actors to read the contents of the memory in a vulnerable endpoint. Following up on the initial reports, researchers later discovered that practically all devices built in the last decade were vulnerable.
It turned out to be one of the greatest vulnerabilities of all time.
To make matters even worse, many OEMs scrambled to get a fix out as soon as possible, pushing incomplete solutions that only slowed the devices down, and in some cases, even bricking them entirely.
- These are the best cloud hosting services around
Via: Reuters