Rowhammer security exploit: Why a new security attack is truly terrifying.
www ccc stashed this in Security - Cyber
Stashed in: JavaScript, Software!, security
Rowhammer.js, a new security attackrevealed in a paper by security researchers Daniel Gruss, Clémentine Maurice, and Stefan Mangard, brings a truly new wrinkle to our understanding of computer vulnerabilities.
Why is Rowhammer so scary? Because it doesn’t afflict your software but finds a weakness in your hardware, a physical problem with how current memory chips are constructed. So it doesn’t matter whether you’re using Linux, Windows, or iOS: If an Intel chip (or an AMD one, or possibly others) is inside, so is Rowhammer. Incredibly, Gruss, Maurice, and Mangard’s paper reveals how to exploit it from a simple webpage.
As the security researchers explain, it is “the first remote software-induced hardware-fault attack.”
Rowhammer, as the authors write, can cause data to be executed as code: As they put it, “Bit flips caused by row hammering breach the CPU’s memory protection.” What’s new with Rowhammer is how that border is made porous. Rowhammer is not a code bug but a hardware bug, a weakness in a particular set of memory chips. Software, whether it’s Windows or Linux or Firefox or Chrome, can only try to work around the problem to prevent it from being exploited; it can’t fix it. But here, there can’t even be a software hotfix. Which makes Rowhammer an amazing and frightening phenomenon.
Geez, is this for real?! JavaScript attacking hardware??
I thought the Ping o' Death was the first remote software-induced hardware-fault attack?
I think that's right. Was there ever a JavaScript Ping o Death?
10:08 PM Sep 29 2015