The DRAM memory is said to be defenseless against hackers. There is still a serious security problem despite countermeasures taken by the manufacturers.
Due to their hardware nature, DRAM data storage devices used in modern computers, tablets and smartphones offer hackers access to shielded areas of the computer system - without the need for any software vulnerability. According to researchers at ETHZ and colleagues at Vrije Universiteit Amsterdam and Qualcomm, the manufacturers' countermeasures are only partially effective.
DRAM weakness
According to ETHZ research director Kaveh Razavi, the security problem called “Rowhammer” is an attack that exploits a fundamental weakness in modern DRAMs. The data stored on them is volatile and has to be refreshed often - more than ten times per second. This is because DRAMs use a single capacitor-transistor pair to store and access a bit of data. The capacitor loses its electrical charge over time. If the loss of charge becomes too great, the computer no longer knows whether the value of the stored bit was “1” or “0”.
According to Razavi, every time a row of memory is activated for reading or writing - the bits are arranged in a checkerboard pattern of rows and columns - the currents that flow in the chip can cause the capacitors in the neighboring rows to charge more quickly lose. “This is an unavoidable consequence of the ever-increasing density of electronic components on DRAM chips,” says Razavi’s doctoral student Patrick Jattke. This high density means that an attacker can cause bit errors by repeatedly activating - or "hammering" - one memory row ("aggressor") in an adjacent row, also called the "victim row".
“Target Row Refresh” unsafe
“Unfortunately, the problem has still not been eliminated [despite the manufacturers’ built-in defensive measures],” states Razavi. The “Target Row Refresh” defense method discussed here consists of various circuits built directly into the data memories that detect unusually high activation frequencies of certain memory rows and can thus estimate where an attack is currently underway. As a countermeasure, a control circuit then refreshes the supposed victim row early and thus forestalls possible bit errors.
Razavi and his colleagues have now found that this hardware-based “immune system” only detects fairly simple attacks, such as double-sided attacks in which two memory rows adjacent to the victim row are targeted. However, it can still be outwitted by more sophisticated hammering. The researchers' computer program called "Blacksmith" systematically tries out complex hammering patterns in which different numbers of rows with different frequencies, phases and intensities are activated at different points in the hammering cycle.
The software then checks whether a particular pattern led to bit errors. Result: “Blacksmith was always able to find a pattern that caused Rowhammer bit errors for all of the 40 different DRAM memory modules we tested,” says Razavi. DRAMs currently in use are exposed to potential attacks without an effective line of defense - and this will apply for the next few years.
That could also be of interest
Animal testing with smoking dogs. Are animal experiments actually carried out in which dogs are forced to smoke? There is currently an outcry going viral on social networks! Continue reading …
via Pressetext.com
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )