[plug] "Hyper-Threading, suffers from a serious security flaw,"

Bernard Blackham bernard at blackham.com.au
Sat May 14 21:23:24 WST 2005

On Sat, May 14, 2005 at 02:01:28AM +0800, Open Source.Lives wrote:
> Colin Percival, a FreeBSD committer and security team member, has
> The formentioned paper can be downloaded here in pdf format.

http://www.daemonology.net/papers/htt.pdf for anybody interested.

The attack itself is pretty mad - very academically interesting, but
far from trivial to carry out in real world situations. It involves
looking for time-based patterns during an RSA signing operation, to
narrow the possibilities of what the encryption key is (the example
given uses a 1024-bit key and narrows it to searching through 2^202

Yes it does affect every OS running on Intel HT machines (including
Linux) that is utilising HT. But I wouldn't go racing out turning
off HT on all your machines tonight.

Instead I'd be more concerned about this exploit recently released -


 Bernard Blackham <bernard at blackham dot com dot au>

More information about the plug mailing list