Intel Hyperthreading causes Spectre worries

By on
Intel Hyperthreading causes Spectre worries

OpenBSD disables it via update.

The Spectre processor design flaw continues to haunt Intel, with the Hyperthreading performance boosting feature in its hardware potentially being exploitable for information leak attacks.

Hyperthreading was introduced by Intel for its processors in 2002, and is enabled on computers by default.

The feature is also known as simultaneous multithreading or SMT and allows the operating system to use a virtual core for each physical one present in processors.

Multiple cores improve performance for parallelised workloads.

As SMT shares first level and translation lookaside buffer caches between computational threads, developers believe such processor implementations could be susceptible to Spectre-style timing attacks.

The security-oriented, open source OpenBSD operating system said it will switch off Hyperthreading on Intel processors by default, "since we suspect there are serious risks".

OpenBSD installations running on processors from other vendors that have SMT built in will also turn off the feature by default in the future.

The developers decided to implement the update via the OpenBSD operating system scheduler as they said modern computers no longer allow users to switch off SMT via the BIOS firmware.

A successfully executed Spectre cache timing attack could lead to information leakage and breakage of cryptography.

OpenBSD developers don't expect switching off SMT will have a negative effect on performance, saying leaving it on could actually slow down most compute workloads on processors with more than two physical cores.

An Intel spokesperson said that "protecting our customers and their data continues to be a critical priority for us."

"We are looking into this feedback and thank the community for their ongoing efforts.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © . All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?