Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hyperthreading Considered Harmful

Posted by CowboyNeal on from the not-just-for-performance dept.

cperciva writes "Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately. I will be presenting this attack at BSDCan 2005 at 10:00 AM EDT on May 13th, and at the conclusion of my talk I will also releasing a paper describing the attack and possible mitigation strategies."

8 of 392 comments (clear)

  1. Re:Whoosh!!! by paulhar · · Score: 4, Insightful

    Somehow I doubt it. If every time a securty issue was found with a product people binned it then we wouldn't be running Linux, Windows, Firefox, IE, WiFI, etc...

  2. Where's the details? by tulimulta · · Score: 4, Insightful

    Not much to read yet. Seems more like a publicity stunt by the author. This could have been posted *after* the details have been published.

  3. Simple Solution by JerkyBoy · · Score: 4, Insightful

    Recompile your kernel with hyper-threading disabled. Simple question: Why do I have to wait until this guy does his conference presentation to find out what the exploit is, how it is implemented? I have to admit that this is one time when RTFA didn't work. Anyone have any more information?

    --


    Always do right. This will gratify some people and astonish the rest. -- Mark Twain
  4. opportunity to get paid for his volunteer work by dpilot · · Score: 5, Insightful

    I'd sooner guess that by presenting a paper at a conference, he's hoping to turn this into a job offer. There are any number of stories about black-hats mending their ways, and getting security jobs. Here's someone trying to start out as a white-hat, doing things the right way to begin with. Seems to me that if he's on the mark, he's a better risk for a job offer than a reformed black-hat.

    --
    The living have better things to do than to continue hating the dead.
  5. Re:It is just an 'give me a job' attention grab by Intrigued · · Score: 5, Insightful
    I don't see that.

    If he can produce even a moderately effective proof-of-concept exploit (which apparently he has), someone with a little malicious creativity will find out a way to abuse it.

    Also as a security professional, any gap, niche or irregularity in core security processes needs to be taken seriously even if nothing ever pans out in a real exploit.

    As far as the attention grab, I don't begrudge the guy at all. If the exploit is bogus, he will have advertised to the world "I'm an idiot - don't hire me!". If it is valid, he has shown his worth and deserves some support.

  6. Re:No details given... by Ed+Avis · · Score: 4, Insightful

    I think he is giving the world some warning that the security hole exists and that after the conference exploits for it may appear in the wild (if they don't exist already). Vulnerabilities are sometimes announced this way: for example the OpenSSH team issued a mysterious warning saying that everyone running sshd should turn on privilege separation. A little while later they disclosed an exploit in the current sshd and made a new release with a fix. It happened that if you had privsep turned on you weren't affected by the exploit. The warning gave most admins a chance to secure their systems, but didn't give any details of the exploit.

    Now, you might not think this guy is credible and so wait for him to 'show you the code' before applying the suggested fix. That's up to you.

    --
    -- Ed Avis ed@membled.com
  7. You can't win for losing by FreeUser · · Score: 4, Insightful

    the reason comes tomorrow. Oh, and you should also give me all your cash today because it is obsolete, more details to come tomorrow.

    Yes. While I am a "full-disclosure is better than not" guy, you (or others like you) would be screaming even louder about how "irresponsible" this guy would be if he had released the "reason" today (said "reason," BTW is a proof-of-concept exploit, one that malicious jerks will probably adapt to their desires after it's released).

    Oh yes sysadmins, disable hyperthreading because some poster on slashdot said so. This is just too gay.

    Not as asinine as clueless AC posts like yours, modded up as "insightful" by equally clueless people who happen to have moderation points today. The guy is awaiting his doctorate at one of the world's most prestigious universities, has an excellent track record, and has chosen a conservative but less-controviersial approach in disclosing this issue.

    All of which you would have known, if you'd bother to read TFA rather than spouting off nonsense here.

    --
    The Future of Human Evolution: Autonomy
  8. Re: On the gripping hand by Lodragandraoidh · · Score: 4, Insightful

    Alan Turing went to Cambridge and earned a fellowship there. That is also where he conceived the idea of the Turing machine - the basis of all programmable computers.

    Where you get your education is immaterial. More important is what you do with it.

    --

    Lodragan Draoidh
    The more you explain it, the more I don't understand it. - Mark Twain