Reply to post: Re: Rowhammer/JackHammer

Rowhammer rides again as FPGA attack, RSA again reportedly up for sale, anti-theft kit to nuke laptops, etc

Anonymous Coward
Anonymous Coward

Re: Rowhammer/JackHammer

Having read through the post, I'm not sure I understand what they are proving.

My understanding is that Rowhammer allows you to flip bits by repeatedly cycling adjacent bits, potentially allowing you to effect the memory space of other processes. ECC allows you to detect 1/2/more (depending upon implementation - I would assume two-bit implementation would be suitable for general purpose cases)

With ECCploit, you appear to be able to effect sufficient bits that ECC is unable to correct them resulting in a hard error that can be detected but not corrected. In addition, it takes significantly more time to hammer the memory until it achieves the desired result (1 week versus less than 1 hour).

They also note that manufacturers ECC vary significantly - I believe HP Itanium/IBM Power systems are able to detect and recover from 1/2 bit errors in every 4-bit symbol by splitting bits across two RAM modules, so there are likely to still be solutions although they will come with an increased cost.

Anyway...I'm being greedy, I want the improved stability of ECC without the cost...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020