[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] 'Rowhammer' - Software-triggered DRAM corruption
- To: fulldisclosure <fulldisclosure@xxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [FD] 'Rowhammer' - Software-triggered DRAM corruption
- From: Dirk-Willem van Gulik <dirkx@xxxxxxxxxxxxxx>
- Date: Mon, 16 Mar 2015 10:32:03 +0100
> On 13 Mar 2015, at 11:32, fulldisclosure
> <fulldisclosure@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> Am 12.03.2015 um 21:31 schrieb Aris Adamantiadis:
>> Le 12/03/15 17:00, Nick Boyce a écrit :
>>
>>> Also, this may only affect SODIMMs, not DIMMs, as Google was only able
>>> to make the attack work on laptops - desktop machines so far remaining
>>> unaffected.
>>>
>>> [I *knew* it was a good idea to hang on to that old Athlon XP desktop :-)]
>>>
>> There are countless reports of the attack working on desktops. It worked
>> on one of the two non-ecc desktops I've tried it on. It's an AMD FX 8150.
>>
> It's not dependend on the processor, it's the ram-design thats vulnerable.
>
> If you use ECC chips, you should be safe, thats why cheap hw hosters are
> now in trouble, and professionsal server hw hosters not.
Until we find solid evidence of two bit-flips introduced in the same board;
which is,
given the ease of 1 bit ‘squared’ certainly in the lab within reach.
Over time - attacks always get stronger, never less potent.
Dw.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/