Article 6FPSG There’s a new way to flip bits in DRAM, and it works against the latest defenses

There’s a new way to flip bits in DRAM, and it works against the latest defenses

by
Dan Goodin
from Ars Technica - All content on (#6FPSG)
data-corruption-800x600.jpg

Enlarge

In 2015, researchers reported a surprising discovery that stoked industry-wide security concerns-an attack called RowHammer that could corrupt, modify, or steal sensitive data when a simple user-level application repeatedly accessed certain regions of DDR memory chips. In the coming years, memory chipmakers scrambled to develop defenses that prevented the attack, mainly by limiting the number of times programs could open and close the targeted chip regions in a given time.

Recently, researchers devised a new method for creating the same types of RowHammer-induced bitflips even on a newer generation of chips, known as DDR4, that have the RowHammer mitigations built into them. Known as RowPress, the new attack works not by hammering" carefully selected regions repeatedly, but instead by leaving them open for longer periods than normal. Bitflips refer to the phenomenon of bits represented as ones change to zeros and vice versa.

Further amplifying the vulnerability of DDR4 chips to read-disturbance attacks-the generic term for inducing bitflips through abnormal accesses to memory chips-RowPress bitflips can be enhanced by combining them with RowHammer accesses. Curiously, raising the temperature of the chip also intensifies the effect.

Read 24 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments