Did n't know where to post ths at first ! L2 cache is a loophole for hacker's ?





http://news.zdnet.com/Pentium+4+loophole+could+let+in+hackers/2100-1009_22-5708868.html?part=netscape-zdnet&tag=mynetscape&subj=technews

could this possibly be the turning point when AMD comes in and takes out Pentium... :lol:

Almost thought that pentium was owned by microsoft for a minute there :01:

Ya funny read is n't it ? The security breach's are only starting, Amd included . No wonder Microsoft bought a security ,anti virus company. Might as well make some money on issues were all care about. But L2 cache ? Oh shit were in trouble .It will be something else next week tho right ? :lookaroun

I thought this only affects FreeBSD users?

Concievably, it could in time affect any OS that can make use of hyperthreading. I suppose it'd just be a matter of writing the proper trojan to take advantage of it.

Which, btw, means that Win98 and good old DOS, for instance, are in the clear. Maybe the same is true if you simply don't have HT enabled using any other OS as well.

Let's give them three big cheers for bringing it to everyone's attention so all the wee scriptkiddies can get going on it.

Incidentally, this:
It only works on a server that has already been compromised to allow a malicious hacker to install a spy process. If the hacker has already achieved this, there are many easier and quicker ways to steal data, Intel spokesman Howard High said.

...is probably a good point.

the original article also states that this is only a threat for servers running hyperthreading .

Q & A

1. Do I need to worry about my home computer?

Probably not. This security flaw is primarily a problem for servers.

http://it.slashdot.org/article.pl?sid=05/05/13/0520214&tid=172&tid=118

All P4's should have a loophole.




Then we can wear them round our necks like some sort of medallion. Best possible use for them. :shifty:

the original article also states that this is only a threat for servers running hyperthreading .


Right now it is, yes, but since not only servers use hyperthreading, and since hyperthreading is what is vulnerable, then, as I said, it could concievably work on any OS that uses Hyperthreading.

But, as the man said, if you've already managed to insert something in there, why use this when there are so many easier ways of stealing information once you're in?