From SANS Internet Storm Center
"Hyper-Threading, as currently implemented on Intel Pentium Extreme Edition, Pentium 4, Mobile Pentium 4, and Xeon processors, suffers from a serious security flaw. This flaw permits local information disclosure, including allowing an unprivileged user to steal an RSA private key being used on the same machine. Administrators of multi-user systems are strongly advised to take action to disable Hyper-Threading immediately; single-user systems (i.e., desktop computers) are not affected."
Just SCO and various BSD vendors have provided statements, and it IS more of a server issue, but I found it interesting because I have an HT cpu.
MissM
[UPDATE]Intel downplays hyperthreading threat With a tip o' the keyboard to daWabbit for passing it on :)
No comments:
Post a Comment
All comments are moderated.
Note: Only a member of this blog may post a comment.