D
Duke
Guest
"Intel Corp.'s hyperthreading technology could allow a hacker to steal security keys from a compromised server using a sophisticated timing attack, a researcher said Friday in a paper presented at the BSDCan 2005 conference.
Hyperthreading allows software to take advantage of unused execution units in a processor. It essentially allows two separate processes, or software threads, to execute on a single processor at the same time, improving performance on software written to take advantage of the technology. By taking advantage of the fact that the processes share access to a chip's cache memory, a malicious user can determine the security keys to a particular computer by monitoring the cache for those keys, said Colin Percival, an independent researcher, in a paper posted to his Web site. "
Source: Computerworld.com
You gotta know that if this vulnerability is being exposed on servers then it's likely not too long before you see it on a PC near you, say 2 feet away and to your lower right (or left I guess).
Hyperthreading allows software to take advantage of unused execution units in a processor. It essentially allows two separate processes, or software threads, to execute on a single processor at the same time, improving performance on software written to take advantage of the technology. By taking advantage of the fact that the processes share access to a chip's cache memory, a malicious user can determine the security keys to a particular computer by monitoring the cache for those keys, said Colin Percival, an independent researcher, in a paper posted to his Web site. "
Source: Computerworld.com
You gotta know that if this vulnerability is being exposed on servers then it's likely not too long before you see it on a PC near you, say 2 feet away and to your lower right (or left I guess).
