Reply to post: Re: Why the emphasis on software mitigations?

RAM, bam, awww ... man! Boffins defeat Rowhammer protections

bazza Silver badge

Re: Why the emphasis on software mitigations?

Unfortunately, it seems that the reason the hardware is "vulnerable" in the first place is because the operating margins of SDRAM are pared so far back to give us what we also want: high speed, low power memory. AFAIK there's no real hardware fix for this; high speed higher power memory doesn't work (the speed is achieved in part due to the lower operating voltage).

So yes, we can have memory resilient to rowhammer attacks, but it's like that this would also be slower; and that's a tough marketing proposition at the moment. ECC memory helps somewhat - it becomes harder to exploit the physical effect undetected - but it is still vulnerable to a denial-of-service style attack (the memory can still be changed, but now you have memory faults cropping up and a crashed computer).

There's other hardware deficiencies in our computing hardware. The behaviours of cache subsystems in almost all CPUs mean that Address Space Layout Randomisation can be defeated pretty easily - The Register has carried articles about this being achieved in <1minute in Javascript in a browser.

ASLR is important in defeating things like browser exploits, and it's defeat may eventually cause Javascript to become to be seen as dangerous as things like Flash, Java plugins. That would be a disastrous outcome. The vulnerability is also in the hardware - in how caches permit timing attacks against ASLR - but again the fix is unpalatable; it means a slower CPU.

Stop Executing Everyone Else's Code

To me the real fix is to stop allowing other people to execute any code they like on our computers. Browsers are a major vector for this - Javascript in web pages. It's asking for trouble. A better way is to not allow execution of someone else's code on our own computers.

Yes, that changes the web a lot - it means server side execution is all that is "safe" - but ultimately it's the only way to guarantee that exploitative software does not get run on our vulnerable hardware.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon