On Fri, Mar 25, 2011 at 8:36 AM, Mark Kettenis <[email protected]> wrote: > On OpenBSD we disable access to %tick from userland. I think the idea > is to make it harder for people to perform timing attacks, and > therefore improve security. But I don't consider myself enough of a > security expert to be able to judge wethere that really helps. So I > CC'ed tech@ in the hope that a more knowledgable person will chime in.
I don't believe that for a minute. We allow rdtsc on i386. And due to the powers of statistics, you could still get reasonable results even if you had to send a packet to a remote machine to get your timing data.
