Hyperthreading Considered Harmful

cperciva writes "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately. I will be presenting this attack at BSDCan 2005 at 10:00 AM EDT on May 13th, and at the conclusion of my talk I will also releasing a paper describing the attack and possible mitigation strategies."

Sysadmins have been advised...

to give their hyper-threading processors some Ritalin.

Whoosh!!!

[EmagGeek]

Shit, did anyone see that blur???

Yeah, I think that was Intel's server market going right out the window at Mach 10...

Quick fix

[Junior+J.+Junior+III]

I am counteracting the harmful effects of hyperthreading by eating a high-fiber diet. So far, I haven't had any problems.

Re:Where's the details?

[Anthony]

Maybe there are still unsold tickets for BSDCan05.

Extreme Edition...

[Sialagogue]

With Moore's Law still holding up, isn't it a little early to be using up names like "Extreme Edition?" So, I'd like to propose my own corollary to Moore's Law:

"The microprocessor industry will run out of hyperbole long before they run out of transistors."

Oh dear.

[Morky]

I guess I need to shut off hyperthreading on our app server before the users who can't sort an Excel spreadsheet have a chance to expliot the vulnerability.

In other news..

[peterprior]

...it appears Windows XP Starter Edition may be the most secure option after all...

SCO Unix variants...

[Per+Abrahamsen]

As we all know, this includes Linux :-)