
Throwhammer: Rowhammer Attacks Over the Network and Defenses [pdf] - ingve
https://www.cs.vu.nl/~herbertb/download/papers/throwhammer_atc18.pdf
======
philipkglass
"It is unclear whether existing hardware mitigations can protect against these
dangerous network attacks. For instance, while clouds and data centers may
(and sometimes do) use ECC memory to guard against bit flips, researchers
have, from the first paper on Rowhammer [33], warned that _ECC may not be
sufficient_ to protect against such attacks."

First, I'd be interested to see stats on data centers and public clouds _not_
running machines with ECC memory. I'd estimate that ECC prevalence in servers
in data centers is closer to "ubiquitously" than "sometimes."

I see this sort of ambiguous language about ECC and rowhammer frequently when
discussion of rowhammer comes up. Has there been any proof-of-concept
demonstration that rowhammer privilege escalation works on a system with ECC
memory? If there has been, that's interesting and worrisome. If there hasn't
been, that's not very interesting or worrisome; it's the equivalent of writing
"hardware may not protect against yet-to-be-demonstrated attacks" (which is
trivially and always true.)

------
dice
Aside from how cool the implementation is, this is a fantastic name.

------
flossball
Human sacrifice, dogs and cats living together... mass hysteria!

