Hyperthreading Considered Harmful

cperciva writes "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately. I will be presenting this attack at BSDCan 2005 at 10:00 AM EDT on May 13th, and at the conclusion of my talk I will also releasing a paper describing the attack and possible mitigation strategies."

i can hardly contain my excitement

important though this issue is, no doubt ...

I will be presenting this attack at BSDCan 2005 at 10:00 AM EDT on May 13th, and at the conclusion of my talk I will also releasing a paper describing the attack and possible mitigation strategies

... i'm FAR more impressed by your PERSONAL achievement, and am sure that your PERSONAL, INDIVIDUAL presentation will reflect the glory of your .... (tails off into symantic rant). er, some humility in order? i don't give a toss about WHO spots an issue; i care about the merit of the issue itself.

Re:Where's the details?

[rpozz]

Apparently, he's also known about it for 6-7 months, which also make it smell of BS. 'Discoveries' worked on in secret for that amount of time almost always turn out to be a load of shit.

However, we will see.