0
14

[–] chakan2 [S] 0 points 14 points (+14|-0) ago 

The fun stuff all happens on the 2nd page...if you're too lazy to click through, this is the awesome sauce.

Rowhammer takes advantage of a design defect in dynamic random-access memory, or DRAM, chips, which provide the high-speed data storage for a computer’s CPU. The most common DRAM standard today is called DDR3, ubiquitous on laptops, workstations, servers, phones, and tablets. A single DRAM chip contains billions of electrical capacitors, each of which stores a single bit. The sheer density of capacitors on these memory chips, however, causes a problem. By “hammering” a row of bits repeatedly, constantly changing their values, an attacker can sometimes induce an electrical interference in which capacitors in a different, adjacent row are mistakenly flipped. If the attacker can sufficiently control what’s in that adjacent row, then the attacker can manipulate your computer without authorization. Researchers at Google’s Project Zero were able to gain kernel privileges via Rowhammer and thus full read-write access to a computer’s memory.

0
5

[–] praguepride 0 points 5 points (+5|-0) ago 

It's an interesting physical gimmick right now but you better believe "security" teams are testing the crap out of this to try and figure out remote control. I bet it'd be tailored towards a particular chip set/OS combination though for a remote hack because you would need to know how the data is physically being stored to know what to rowhammer.

HOWEVER as they speculate, if you could do this on a global level, you could raise huge numbers of bots without going through the effort of hacking. Insert your rowhammer into a website, give it a click-baiting title like "10 Celebrities Bare All" (You'll be surprised by #4) and then just sit back and if it works it works, if not no sweat.

Make some changes, give it a new click bait title and get more bots. Repeat over and over and over again and now you've got a smorgasboard of bots without ever really trying.

0
4

[–] tolstoshev 0 points 4 points (+4|-0) ago 

That's fascinating - the boundary between hardware and software is always interesting.

[–] [deleted] 4 points -3 points (+1|-4) ago 

[Deleted]

0
15

[–] chakan2 [S] 0 points 15 points (+15|-0) ago 

The language used isn't the interesting bit here...it's a physical exploit. That is bad ass...they're using the frequency of data writes to one sector to manipulate other unrelated sectors.

Think of it as running a magnet across the chip to wipe the bits...now...instead of a magnet I just start writing to one chip super fast to create that same field and manipulate stuff around it.

It's an awesome hack.

0
10

[–] Vespera 0 points 10 points (+10|-0) ago  (edited ago)

I'm not sure you understood the article. The vulnerability in question is hardware oriented: they only used JavaScript to demonstrate it.

Rowhammer could theoretically be exploited by almost any computer process. It doesn't matter what software/language/operating-system is used. It is a CPU security hole - which is something that can't be fixed without a major BIOs update. Assuming one is provided, and the user is savvy enough to install it.

For now, it has only been demonstrated locally.

0
5

[–] praguepride 0 points 5 points (+5|-0) ago 

Said someone who didn't read the article :P

6
-5