Re: Hyper-Threading Vulnerability
From: Valdis . Kletnieks
Date: Mon May 16 2005 - 15:14:14 EST
On Mon, 16 May 2005 13:14:23 MDT, Eric W. Biederman said:
> Interesting. I think that is a problem for the hypervisor maintainer.
> Although that is about enough to convince me to request a
> OS flag that says "please give me privacy" and later that can be passed
> down to the hypervisor. My gut feel is running under a hypervisor
> is when things will at their most vulnerable.
Not really, because....
> I think discovering a crypto process will simply be a matter
> finding a https sever. As for getting the timing how about
> initiating a https connection? Getting rid of the noise will certainly
> be a challenge but you will have multiple attempts.
And the hypervisor is, if anything, adding noise.
Attachment:
pgp00000.pgp
Description: PGP signature