This isn't a defect in the traditional sense. The device is behaving to specifications, but a new method of attacking it has been found.

Rowhammer is arguably more aptly described as a defect; in that case the RAM is not behaving to spec.

Is there an End User License Agreement that users agree to before using these chips? If it is anything like software EULA's, then Intel is likely protected from lawsuits for defects.

Except unreasonable EULA terms are void in most (all?) of Europe.

>Is there an End User License Agreement that users agree to before using these chips?

I certainly didn't see one when booting up a new Intel computer.

I was under the impression EULAs are basically useless.

So? If I buy a car that is promised to have 200HP but it actually just has 150HP after a software update wouldn't I be able to sue the manufacturer at least for the lost resale value?

HP is to Mhz what vehicle performance is to server performance.

Intel's hardware still provides the the same MHz. So the analogy would be more like due to safety concerns, a software update to the car increases the braking used by traction control.

That feels charitable to Intel, but unless they knew about the exploit, they used the tools in their arsenal to maximize performance. Now they are reducing it for safety.

Maybe it's more like how auto manufacturers are now having to increase wind resistance by designing pedestrian friendly hoods. Obviously that's not "after purchase" but I can't think of a better analogy!

Because processors get faster, speed = age: fast = new, slow = old.

In that spirit, here is a different car analogy for you.

This is like buying a new car, and then having the odometer suddenly jump by 150,000 km: you paid for new, but are stuck with old.

Or, we could go by features. Cars get new features. Suppose you pay for a car with various bells and whistles: on-board Wi-Fi, navigation, semi-autonomous driving and whatevernot. But then most of it doesn't work, so your car is like something from 2005. Forget bluetooth; just 1/8" aux jack, or CD player.

Did Intel promise you a CPU that would be impervious to all potential security vulnerabilities, currently known and unknown in perpetuity?

I would say, yes, in their documentation.

If you follow the semantic descriptions given in their architecture manuals, can you infer these insecure behaviors?

Perhaps, but what performance did Intel actually promise that you'd be able to argue against?

Intel promises you better performance from a new processor than what you can get from one in the same class one that is several years old, also from Intel.

You're paying for a new one, but it performs like something that is several years old that you can obtain much more cheaply.

Another aspect of it is consumers who chose an Intel chip over a competitor's. Intel does promise competitive performance. Their pitch isn't "we are slower, but just buy us on the brand name alone".