
Nethammer: Inducing Rowhammer Faults Through Network Requests - razer6
https://arxiv.org/abs/1805.04956
======
corv
It’s about time Intel offers consumers ECC RAM support.

~~~
rasz
ECC wont help, you need row access counters(target row refresh/TRR) directly
in ram chips, or in memory controller. With switch to DDR4 JEDEC had a chance
of standardizing those mitigations, but that would cost additional cents per
chip, cant have that!

~~~
justin66
Do you have any links to more information on that? Googling "row access
counters" leads to a lot of comments you've made on the internet, and nothing
else.

I'm skeptical that "ECC won't help," that's not a commonly held opinion. It
might be true but it'd be interesting to read some actual analysis as to why.

~~~
jnwatson
From the original paper, "For example, SECDED (single error-correction, double
error detection) can correct only a single-bit error within a 64-bit word. If
a word contains two victims, however, SECDED cannot correct the resulting
double-bit error. And for three or more victims, SECDED cannot even detect the
multi-bit error,leading to silent data corruption. Therefore, we conclude that
SECDED is not failsafe against disturbance errors."

The challenge for the attacker is to produce a 3 or more bit failure before a
2-bit failure occurs, which would trigger some alarms. I haven't seen any
research on the feasibility of such an attack.

Additionally, there are stronger ECC schemes than SECDED, for example the one
in IBM's ChipKill. It is hard to imagine a RowHammer attack that could remain
undetected with such a scheme.

It is fair to say that ECC memory raises the bar for attackers.

~~~
nickpsecurity
Not to mention the schemes that treat RAM as untrusted with cryptographic,
integrity checks. Those architectures are making more sense than ever now.

------
ccnafr
How is this different exactly from Throwhammer?

~~~
rasz
Throwhammer: > 9.375 million packets per second

Nethammer: > 1 024 000 packets per second over a 500 Mbit/s connection
......Hence, we conclude that in theory...

Both currently at best lead to server crash, and are highly impractical.

~~~
nyolfen
it seems eminently plausible to me to carry out an attack from a device on the
same network, cohosted at the same facility, etc

