Hacker News new | past | comments | ask | show | jobs | submit login
Throwhammer: Rowhammer Attacks Over the Network and Defenses [pdf] (vu.nl)
39 points by ingve 10 months ago | hide | past | web | favorite | 3 comments

"It is unclear whether existing hardware mitigations can protect against these dangerous network attacks. For instance, while clouds and data centers may (and sometimes do) use ECC memory to guard against bit flips, researchers have, from the first paper on Rowhammer [33], warned that ECC may not be sufficient to protect against such attacks."

First, I'd be interested to see stats on data centers and public clouds not running machines with ECC memory. I'd estimate that ECC prevalence in servers in data centers is closer to "ubiquitously" than "sometimes."

I see this sort of ambiguous language about ECC and rowhammer frequently when discussion of rowhammer comes up. Has there been any proof-of-concept demonstration that rowhammer privilege escalation works on a system with ECC memory? If there has been, that's interesting and worrisome. If there hasn't been, that's not very interesting or worrisome; it's the equivalent of writing "hardware may not protect against yet-to-be-demonstrated attacks" (which is trivially and always true.)

Aside from how cool the implementation is, this is a fantastic name.

Human sacrifice, dogs and cats living together... mass hysteria!

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact