HYPERTHREADING IN INTEL PROCESSORS has been deemed a big no-no for OpenBSD which reckons the tech opens the floodgates to more "Spectre-class bugs".
Hyperthreading is the name Intel has given its take on simultaneous multithreading, which in plain old English is a way to run parallel processes across the cores of a CPU rather than have an operation reliant on one of them.
But the folks at OpenBSD, who specialise in a free, open-source Unix-like operating system, have deemed Hyperthreading to be a security risk for the time being and as such have disabled it.
"SMT (Simultaneous Multi Threading) implementations typically share TLBs and L1 caches between threads," wrote OpenBSD's Mark Kettenis, providing a load of technical info for those so inclined.
"This can make cache timing attacks a lot easier and we strongly suspect that this will make several Spectre-class bugs exploitable."
At the moment, only Intel's chips are affected but Kettenis suggested other chips might see their SMT features get disabled in OpenBSD.
"For now this only works on Intel CPUs when running OpenBSD/amd64," Kettenis explained. "But we're planning to extend this feature to CPUs from other vendors and other hardware architectures."
Kettenis noted that by design hyperthreading opens the gate for timing-based cryptographic attacks as seen with the Spectre bugs that affected ARM, Intel and AMD chips. As such, he said "a new hw.smt sysctl" will give OpenBSD users the ability to shut-off Hyperthreading, given in modern systems it's difficult to switch-off.
He also said that disabling Hyperthreading won't have much of an impact on OpenBSD performance.
We approached Intel for its take on the situation but the chipmaker didn't reply at the time of writing.
One thing is for sure, it looks like the spectre of Spectre is still hovering around despite the best efforts of Microsoft, Intel, AMD and other to squash the brace of bugs and security concerns they brought with them. µ
The IoT has gone unsecured for too long, says DCMS and NCSC
Mobile-friendly app will offer a 'desktop-class' experience
Alexa, show me half-arsed implementation
Samsung reportedly orders in 6.66in OLED panels