Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hyperthreading Considered Harmful

Posted by CowboyNeal on from the not-just-for-performance dept.

cperciva writes "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately. I will be presenting this attack at BSDCan 2005 at 10:00 AM EDT on May 13th, and at the conclusion of my talk I will also releasing a paper describing the attack and possible mitigation strategies."

3 of 392 comments (clear)

  1. Quick fix by Junior+J.+Junior+III · · Score: 5, Funny

    I am counteracting the harmful effects of hyperthreading by eating a high-fiber diet. So far, I haven't had any problems.

    --
    You see? You see? Your stupid minds! Stupid! Stupid!
  2. Oh dear. by Morky · · Score: 5, Funny

    I guess I need to shut off hyperthreading on our app server before the users who can't sort an Excel spreadsheet have a chance to expliot the vulnerability.

  3. SCO Unix variants... by Per+Abrahamsen · · Score: 5, Funny

    As we all know, this includes Linux :-)