Intel Hyperthreading has dangerous flaw, claim

Updated Paper now available

By INQUIRER staff

Fri May 13 2005, 09:21

* UPDATE 19:03 UK time. The report is now available in PDF format, and there's additional comment here here, together with comments on how the flaw affects various software.

There is no statement as yet from Intel and from several other vendors likely to be affected. The security problem is one likely to affect servers rather than desktops.

The author of the report is recommending that admins take action to disable Hyperthreading immediately.

A FREEBSD man has claimed that hyperthreading, implemented in many Intel processors, has a serious security flaw.

Colin Percival, a member of FreeBSD's security team, claimed the flaw allows local information disclosure, meaning that unprivileged users can steal RSA private keys being used on the same machine.

Percival will present details of the claimed flaw at BSDCan2005 later today. He will release a paper describing the attack and possible ways to guard against it.

More information will be presented at this web page later.

Top 10 'piracy' web site takedowns From Ninja Video to Napster Friday, 3 February 2012, 15:49 PM Read more	Motorola Xoom 2 review Remote file sharing in, microSD support out Monday, 12 December 2011, 17:04 PM Read more
Newly patched Safari flaws pose serious risks A proof-of-concept remote code execution exploit is available Thursday, 13 October 2011, 11:26 AM Read more	Mozilla thinks of blocking Java to mitigate BEAST attack Needs to stop same origin policy bypass Thursday, 29 September 2011, 11:45 AM Read more
Researchers plan to demo Android root exploits Antivirus vendors rush to get on top of the mobile malware problem Wednesday, 21 September 2011, 15:51 PM Read more	Hilary Clinton says our web regs good, your web regs bad What is good for the goose is not good for any ganders, warns US Secretary of State Wednesday, 16 February 2011, 14:35 PM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Implementation Analysts

ScheduALL, the global leade...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Intel Hyperthreading has dangerous flaw, claim

Share this:

HP Envy 14 Spectre video demo

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Databases

Network management

Security

Service oriented architecture

Storage

Implementation Analysts

ScheduALL, the global leade...

Read more