A very interesting attack was unveiled in Friday, 24 June by Daniel Gruss, Clémentine Maurice, Stefan Mangard. Maybe the Rowhammer is the next Hearthbleed, or worse?
As DRAM has been scaling to increase in density, the cells are less isolated from each other. Recent studies have found that repeated accesses to DRAM rows can cause random bit flips in an adjacent row, resulting in the so called Rowhammer bug. This bug has already been exploited to gain root privileges and to evade a sandbox, showing the severity of faulting single bits for security. However, these exploits are written in native code and use special instructions to flush data from the cache.
In this paper we present Rowhammer.js, a JavaScript-based implementation of the Rowhammer attack. Our attack uses an eviction strategy found by a generic algorithm that improves the eviction rate compared to existing eviction strategies from 95.2% to 99.99%. Rowhammer.js is the first remote software-induced hardware-fault attack. In contrast to other fault attacks it does not require physical access to the machine, or the execution of native code or access to special instructions. As JavaScript-based fault attacks can be performed on millions of users stealthily and simultaneously, we propose countermeasures that can be implemented immediately.
http://arxiv.org/abs/1507.06955
Full report can be found here (PDF)
(Score: 3, Insightful) by Anonymous Coward on Wednesday July 29 2015, @12:50AM
Well that's it. The Internet is finished. Marketing has taken control of everything and no further work will be done. Ever.
(Score: 3, Insightful) by Runaway1956 on Wednesday July 29 2015, @01:45AM
You think that's bad - I work with/for a guy who is all about appearances. "It doesn't look good." is one of his most common statements. When something works, you use it, and to hell with appearances.
(Score: 2, Insightful) by Anonymous Coward on Wednesday July 29 2015, @01:49AM
When something is made to persuade idiots to give you money, then it doesn't work if it doesn't look good.
(Score: 2) by Nerdfest on Wednesday July 29 2015, @01:56AM
A lot of the names of these flaws have been created my a Microsoft funded organization, although I don't think this one is. "Heartbleed", "ShellShock", and a couple of others (all Linux based) were allegedly their creations.
(Score: 0) by Anonymous Coward on Wednesday July 29 2015, @03:29PM
Please elaborate on your accusation instead of just accusing
(Score: 3, Funny) by VortexCortex on Wednesday July 29 2015, @03:30AM
The Internet is finished. Marketing has taken control of everything and no further work will be done. Ever.
I shall call this state of affairs: The Final Dissolution
(Score: 3, Informative) by Anonymous Coward on Wednesday July 29 2015, @04:10AM
This is not a cutsey name. This is the engineering name. DDR is organized into rows and columns. The attack litterally hammers on one row of memory to force bit flips in an adjacent row.
(Score: 2) by arslan on Thursday July 30 2015, @02:39AM
What's wrong with it? This is marketing working for good. The cutesy names makes propagation of the topic easy, and propagation of the topic means better awareness. I've had folks from non-technical background asking about the heartbleed buzzword because they heard it mentioned somehow, somewhere.
I say keep at it. The best thing for security is awareness.