rone: (Default)
entombed in the shrine of zeroes and ones ([personal profile] rone) wrote2005-05-16 07:23 am
  • Add Memory
  • Share This Entry
  • Current Music: The Police - On Any Other Day
Entry tags:

not just threading... HYPER-threading!

Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine.
It goes on to claim that "This issue affects FreeBSD/i386 and FreeBSD/amd64," but if it only affects Intel CPUs, why would it affect FreeBSD/amd64?

Flat | Top-Level Comments Only
ext_8103: (Default)

[identity profile] ewx.livejournal.com 2005-05-16 02:52 pm (UTC)(link)
"amd64" refers to the instruction set, not the people who actually put the silicon together (presumably - not a BSD expert, me).

[identity profile] sweh.livejournal.com 2005-05-16 03:03 pm (UTC)(link)
The page you linked to says:

4. The FreeBSD statement says that this affects FreeBSD/amd64, but you say this doesn't affect AMD processors.

AMD64 is the name given to the 64-bit version of the x86 architecture developed by AMD. Recent Intel processors with "EM64T" use this architecture.
ext_8707: Taken in front of Carnegie Hall (LISA `97)

[identity profile] ronebofh.livejournal.com 2005-05-16 06:09 pm (UTC)(link)
Reading comprehension... it's FAN-tastic.
ext_181967: (Default)

[identity profile] waider.livejournal.com 2005-05-16 03:03 pm (UTC)(link)
An interesting bug, but the guy's FAQ is triggering my loonware meter something terrible: he's spent three months digging this out because he feels it was more important than getting a job and earning money, and would like to get someone to pay him to continue to dig at this and write Yet Another Crypto Library to address the problem. Sometimes I think people misjudge their own importance on the grand scheme of things.

[identity profile] dr-memory.livejournal.com 2005-05-16 03:36 pm (UTC)(link)
Google for "Colin Percival". He is many things, but a loon is not one of them.
ext_181967: (Default)

[identity profile] waider.livejournal.com 2005-05-16 03:59 pm (UTC)(link)
Oh, aye, I'd figured as much, just that his FAQ isn't exactly the best character recommendation I've seen...

[identity profile] dr-memory.livejournal.com 2005-05-16 04:08 pm (UTC)(link)
Actually, I think the relevant bit is his age: he's a 19-year-old PhD student at Oxford. Of course he comes off as a bit odd and distracted. :)

[identity profile] sweh.livejournal.com 2005-05-16 08:42 pm (UTC)(link)
Well, he's 23 years old...

http://www.bsdcan.org/2005/speaker.php?id=98

[identity profile] sambushell.livejournal.com 2005-05-16 04:39 pm (UTC)(link)
It's a good observation and a nice paper. Timing attacks are spooky.
Flat | Top-Level Comments Only