Re: "HyperThreading considered harmful"

Forums » Up and Running » Security » Security » "HyperThreading considered harmful"


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Posting:	Post a:	Post a:

Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal

Email scam »
« I have an internet problem, what could be wrong??

Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA

Re: "HyperThreading considered harmful"

said by novaflare

:

Example run a java app on web site that stays active.

No way.

I think this is beyond the pale of what one can do. I think it's going to be impossible for a Java application to do this, because aside from the fact that it doesn't have access to the CPU instructions required to do this kind of hyper-highresolution timing, Java has so much overhead that it's going to confound any efforts at measuring these timing differences.

But getting a buffer over run is similar to a hardware security flaw realy.

Hmmm, did you actually read the paper?

There is no circumstance where thread #1 can read or write data cached by thread #2 - it can only make some guesses about which memory thread #2 is accessing. This revolves around subtle timing issues, not modifying memory.

Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site

permalink · 2005-05-13 13:32:00 · Print ·

novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH

Re: "HyperThreading considered harmful"

just used as a example. It how ever is probably possible to do so with spyware torjans or other apps you could trick the user in to downloading. And i only read part of it. Before posting reading more now. Ither way intel needs to take serious action to correct it.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com

permalink · 2005-05-13 13:36:35 ·

BeesTea Network Janitor Premium,VIP join:2003-03-08 00000	said by Steve : No way. I think this is beyond the pale of what one can do. I think it's going to be impossible for a Java application to do this, Ditto. -- $ /bin/whoami nobody
	permalink · 2005-05-13 13:37:02 ·

Marilla I Am My Own Arbiter Premium join:2002-12-06 Belpre, OH	said by Steve : There is no circumstance where thread #1 can read or write data cached by thread #2 - it can only make some guesses about which memory thread #2 is accessing. This revolves around subtle timing issues, not modifying memory. Hence, my interest, and my headache! -- Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics!
	permalink · 2005-05-13 23:42:42 · Print ·

your comment..

Forums » Up and Running » Security » Security	Email scam » « I have an internet problem, what could be wrong??


Friday, 27-Nov 00:16:10	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF