Communications of the ACM
Googlers' Epic Hack Exploits How Memory Leaks Electricity
A team of Google researchers has demonstrated a method of inducing electromagnetic leakage to corrupt portions of the dynamic random access memory of certain laptops and bypass security protections.
Credit: Douglas Whitaker
The increasing density of transistors in memory chips has raised concerns that electromagnetic leakage within the chips could cause unpredictable behavior. Now, a team of Google researchers has demonstrated a method of inducing such leakage to purposefully corrupt portions of the dynamic random access memory (DRAM) of certain laptops and bypass security protections.
In a post on Google's Project Zero blog, the researchers describe using what is known as the "Rowhammer" technique to create security exploits. Rowhammering involves running a program designed to target a certain row of transistors in a computer's memory with the goal of inducing electromagnetic leakage that will cause the bits in the next row of memory to be flipped. The researchers found they could use the Rowhammer technique to carry out privilege escalation attacks and that such attacks could be launched from a malicious website.
However, the researchers note they used only laptops running Linux, and of those only half were susceptible to the Rowhammer attacks. In addition, many computers already use DRAM that has error-correcting features that would render a Rowhammer attack useless.
Google has released a tool enabling users to test their computers to see if they are vulnerable to a Rowhammer attack, and is urging memory makers to address the problem.
From Wired News
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found