Re: New, fundamental Intel Pentium flaw?

Rohit Khare (
Mon, 10 Nov 1997 14:04:36 -0800

> Of course, all this does is denial of service; a bug of this ilk which
> put the chip into supervisor code would be much, much more dangerous, and
> might still be floating out there.

You are correct. I hereby amend my earlier remarks: this kind of bug is a
serious, serious barrier to secure system implementation but does NOT
belongi n the next higher rung of security bug, active attack. This is
probably most useful with detailed boot-time attacks in hand; freeze it,
which forces someone to reboot, then synchronize an attack.

But the denial of service can be pretty bad, too. Right up there with pulling
down site electrical power.

Wonder who'll have the first journal paper out dissecting the layout error?