Hyper-Threading Considered Harmful
Source: Colin Percival - Posted by Pax Dickinson   
Host Security Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately; single-user systems (i.e., desktop computers) are not affected.

I presented details of how to exploit this security flaw at BSDCan 2005 in Ottawa on May 13th, 2005. For those who were unable to attend my talk, I have written a 12-page paper, Cache Missing for Fun and Profit, discussing this flaw and related problems, both realized and theoretical.

Read this full article at Colin Percival

Only registered users can write comments.
Please login or register.

Powered by AkoComment!