Strog
May 17th, 2005, 21:04
http://www.geekinformed.com/content/view/194/2/
"A major security flaw in Intel Corp.'s hyperthreading technology was disclosed at the BSDCan 2005 conference last Friday.
The exploit could allow an attacker to steal security keys from a compromised server.
Hyperthreading is Intel's new technology to allow software to utilize unused execution units in a processor and increase throughput. Basically, it allows two software threads - or processes - to execute on a single processor at the same time to improve performance.
The security hole exists because the processes share access to a chip's cache memory. An attacker can take advantage of that by monitoring the cache for security keys to a particular computer.
With single-threaded processors, the L1 cache usually clears all instructions before moving on to the next process. With hyperthreading processors, one process will remain in cache while a new one is started. A malicious user could monitor the cache for bits of a security key. Over time, the attacker could gain enough of the key to determine the entire key through probability analysis.
An Intel spokesman stated that they are in the process of patching the hole, but do not consider it a critical issue.
Colin Percival, a 23-year-old PH.D. student, presented the security flaw at the BSDCan, a Canadian conference for BSD developers.
"
"A major security flaw in Intel Corp.'s hyperthreading technology was disclosed at the BSDCan 2005 conference last Friday.
The exploit could allow an attacker to steal security keys from a compromised server.
Hyperthreading is Intel's new technology to allow software to utilize unused execution units in a processor and increase throughput. Basically, it allows two software threads - or processes - to execute on a single processor at the same time to improve performance.
The security hole exists because the processes share access to a chip's cache memory. An attacker can take advantage of that by monitoring the cache for security keys to a particular computer.
With single-threaded processors, the L1 cache usually clears all instructions before moving on to the next process. With hyperthreading processors, one process will remain in cache while a new one is started. A malicious user could monitor the cache for bits of a security key. Over time, the attacker could gain enough of the key to determine the entire key through probability analysis.
An Intel spokesman stated that they are in the process of patching the hole, but do not consider it a critical issue.
Colin Percival, a 23-year-old PH.D. student, presented the security flaw at the BSDCan, a Canadian conference for BSD developers.
"