1. This forum section is a read-only archive which contains old newsgroup posts. If you wish to post a query, please do so in one of our main forum sections (here). This way you will get a faster, better response from the members on Motherboard Point.

security flaw in hyper threading

Discussion in 'Intel' started by Ed Zeppelin, May 13, 2005.

  1. Ed Zeppelin

    Ed Zeppelin Guest

    Ed Zeppelin, May 13, 2005
    #1
    1. Advertisements

  2. Ed Zeppelin

    Yousuf Khan Guest

    Yousuf Khan, May 13, 2005
    #2
    1. Advertisements

  3. Ed Zeppelin

    David Magda Guest

    The paper (entitled "Cache Missing for Fun and Profit") is now
    available in PDF form:

    http://www.daemonology.net/hyperthreading-considered-harmful/



    To give away the ending, it's a information disclosure issue.
     
    David Magda, May 14, 2005
    #3
  4. The effect is real, but presupposes that you can force a trusted
    application to use a key in one thread at the same time your hack runs
    in another on the same CPU. In practice this is not easy unless the
    machine is otherwise idle.
     
    Bill Davidsen, May 26, 2005
    #4
  5. Ed Zeppelin

    Neo Guest

    Hmmm.... Interesting. The "chicken little" approach taken by the author is
    a bit extreme. As with any security issue, the overall security is only as
    strong as the weakest link. I don't believe that for most systems, this
    level of effort is needed to break the security.

    This is a good paper however and the approach is very enlighting. This is
    not significantly different than other characteristic measurement approaches
    used in the past. Maybe the folks who write encrypting/decrypting code need
    to be aware of the potential for exploit and to add "noise" to those
    applications so as to bury the true details of the function. This won't
    help performance, but aren't we rapidly getting to a point where speed
    doesn't matter since we have plenty of it?

    anonymous ;-)

    well, not really - we can all be tracked. Have you changed your IP address
    today?
     
    Neo, May 27, 2005
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.