Re: Hyper-Threading Vulnerability

From: Valdis . Kletnieks
Date: Mon May 16 2005 - 15:14:14 EST

Next message: Andrew Chew: "RE: Broken nForce2 IDE module loading via hotplug"
Previous message: christoph: "[PATCH] Factor in buddy allocator alignment requirements in nodememory alignment"
In reply to: Eric W. Biederman: "Re: Hyper-Threading Vulnerability"
Next in thread: Arjan van de Ven: "Re: Hyper-Threading Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 16 May 2005 13:14:23 MDT, Eric W. Biederman said:

> Interesting. I think that is a problem for the hypervisor maintainer.
> Although that is about enough to convince me to request a
> OS flag that says "please give me privacy" and later that can be passed
> down to the hypervisor. My gut feel is running under a hypervisor
> is when things will at their most vulnerable.

Not really, because....

> I think discovering a crypto process will simply be a matter
> finding a https sever. As for getting the timing how about
> initiating a https connection? Getting rid of the noise will certainly
> be a challenge but you will have multiple attempts.

And the hypervisor is, if anything, adding noise.

Attachment: pgp00000.pgp
Description: PGP signature

Next message: Andrew Chew: "RE: Broken nForce2 IDE module loading via hotplug"
Previous message: christoph: "[PATCH] Factor in buddy allocator alignment requirements in nodememory alignment"
In reply to: Eric W. Biederman: "Re: Hyper-Threading Vulnerability"
Next in thread: Arjan van de Ven: "Re: Hyper-Threading Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]