[nSLUG] Intel Pentium Hyperthreading security risk

George White aa056 at chebucto.ns.ca
Tue May 17 11:28:22 ADT 2005


>From a paper presented at BSDCan 2005 in Ottawa on May 13th, 2005:

"Hyper-Threading, as currently implemented on Intel Pentium Extreme
Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a
serious security flaw. This flaw permits local information disclosure,
including allowing an unprivileged user to steal an RSA private key being
used on the same machine. Administrators of multi-user systems are
strongly advised to take action to disable Hyper-Threading immediately;
single-user systems (i.e., desktop computers) are not affected. "

http://www.daemonology.net/hyperthreading-considered-harmful/

 
--
George White <aa056 at chebucto.ns.ca> <gnw3 at acm.org>
189 Parklea Dr., Head of St. Margarets Bay, Nova Scotia  B3Z 2G6


!DSPAM:4289ffaf212174787115173!




More information about the nSLUG mailing list