From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Hopwood Subject: Re: HT Vulnerability CAN-2005-0109 Date: Thu, 19 May 2005 00:09:21 +0100 Message-ID: <428BCB21.7020909@blueyonder.co.uk> References: <1116427424.4496.17.camel@crusher.takatukaland.de> <200505181548.48629.mark.williamson@cl.cam.ac.uk> Reply-To: david.nospam.hopwood@blueyonder.co.uk Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <200505181548.48629.mark.williamson@cl.cam.ac.uk> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org Mark Williamson wrote: >>Just stumbled on /. upon CAN-2005-0109 and wonder if xen is affected: >> >> >> > > This vulnerability could (in principle) affect isolation between Xen VMs. > It's not clear how exploitable it is, though. It's clear that it is very exploitable. > Covert channels will *always* be there. Yes. As you say, the problem is the side channel attack, not the covert channel. > Someone has yet to release code that'll actually exploit these theoretical > holes, so it's not clear how big a problem is in practice. Huh? That sounds like something I would expect to hear from a Microsoft marketroid. The paper includes code for the side channel attack (Figure 1 in ), and even if it didn't, it would be easy to replicate. -- David Hopwood