lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20050729202004.GA19749@linux.unixwiz.net>
Date: Fri Jul 29 21:20:13 2005
From: steve at unixwiz.net (Steve Friedl)
Subject: Cisco IOS Shellcode Presentation

On Fri, Jul 29, 2005 at 04:06:58PM -0400, Tim wrote:
> However, let me ask you this (as I truly don't know):  Did Intel
> advertize to OS makers that they should never allow two processes of
> different access rights to use the two virtual CPUs at the same time?
> If it wasn't documented, then it surely was their fault.  If it was
> documented, then it really does cut down on the benefit of the feature.

If this is the hyperthreading cache timing thing:

	http://www.daemonology.net/hyperthreading-considered-harmful/

it's not nearly so simple as one thread stealing from the cache of
another: there is no data sharing going on. Instead, one thread can get
some vague hints about what's in the other guy's cache by watching the
timing of his *own* cache.

It's a bit of *outstanding* technical work, but I think it has really
limited impact in the real world. Even in carefully controlled conditions
it's going to be difficult to make this work, and I think that on a busy
server it's going to be nearly impossible to even know at the instruction
level which other process is running on the other thread.  (by the time
you figure out that openssh has been scheduled, it's too late).

Unless I hear a lot more about this than I've seen so far, I would not
give this matter a thought.

Steve

-- 
Stephen J Friedl | Security Consultant |  UNIX Wizard  |   +1 714 544-6561
www.unixwiz.net  | Tustin, Calif. USA  | Microsoft MVP | steve@...xwiz.net

Powered by blists - more mailing lists