alt for @[email protected]

The recent Intel debacles compel me to narcissistically share this interview I did with Colin Percival on hyperthreading problems back in 2005.

Folks told Intel this was a bad idea more than a decade ago. They did not fix their shit.

I've disabled HT on every machine ever since. They called me mad, but now I'm all "u mad?"

Theo's right. Disable HT all around.

https://web.archive.org/web/20050726005949/www.onlamp.com/pub/a/bsd/2005/07/21/Big_Scary_Daemons.html

#sysadmin

ONLamp.com: Information Security with Colin Percival

Michael W. Lucas interviews Colin Percival about side-channel attacks on cryptographic algorithms running on hyperthread-enabled machines.

Aug 23, 2018 at 7:46pmWeb
Show threaded(1) conferenceAug 24, 2018
@mwlucas The "2005" really puts the frosting on that cake.
Show threadCombat UnicornAug 24, 2018
@ed1conf @mwlucas
"Who could have foreseen this?"
*points at security paper from 2005*
*points at accessible interview from 2005*
Who could have ignored this? Intel and everyone else.
Show threadpeter hessler @openbsdAug 24, 2018

@kurtm @ed1conf @mwlucas Intel knew. Infosec knew. Syadmins knew.

Intel put out a press release, the original PoC no longer worked, and everyone stopped caring.

Show threadpeter hessler @openbsdAug 24, 2018
@kurtm @ed1conf @mwlucas the computing industry is full of very smart skeptics that believe everything the vendor tells them. Lies that would make carnies blush.
Show threadalt for @[email protected]Aug 24, 2018

@phessler @kurtm @ed1conf I keep hearing people say that they don't have any choice but to trust the hardware.

Which is... well, I understand where it comes from. Hacking the CPU takes another skillset. But hopefully folks will start to see that the skillset can be acquired, and consider mitigations.

Show threadpeter hessler @openbsdAug 24, 2018

@mwlucas @kurtm @ed1conf it's basically true. at a certain point you have to trust the hardware.

but you can certainly change what hardware you are trusting.