Today's security vulnerability: let's exploit hardware bugs!
-
“Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs). It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory.
http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.htmlThey anonymize the hardware they tested so you can't just look, but you can download a test program to see if you're vulnerable.
I wonder how many decades it will be until there is any chance of anything computery being even vaguely secure.
-
I wonder how many decades it will be until there is any chance of anything computery being even vaguely secure.
Infinite, probably. computers are really really really complicated, yo.
still it's nice to see a HW based exploit for a change.... SW by far dominates the vuln sectors
-
computers are really really really complicated
And yet all they ever really do is one of two things:- Copy a number from one place to another
- Add two numbers together
-
You could just not use Linux.
-
-
It says Linux right there. Right up there, says Linux.
-
It also says the issue is in the hardware
-
One of the exploits they built is for Linux. The other breaks out of Chrome's NaCl sandbox. It's quite likely that if someone put in the effort, they could carry out an exploit on Windows.
-
yes. so the demonstrator exploit uses linux. given what this exploit does i'd bet my next three paychecks that someone could find a way to make it exploitable on windows too
-
-
It also says the issue is in the hardware
Right. LINUX hardware.
to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process.
Look. Linux. It's dripping with Linux. What's wrong with you people?
-
-
Right. LINUX hardware.
not sure if flamebaiting or trolling.....
you are aware that both linux and windows run on identical x86_64 hardware, right? I mean that is a thing. and the hardware doesn't change when you change OS.
-
-
you are aware that both linux and windows run on identical x86_64 hardware, right?
Well duh, but this security hole is in Linux. It says so right in the first post.
-
And you think the stupid is strong with me…
-
Well duh, but this security hole is in Linux. It says so right in the first post.
Really? Really?“Rowhammer” is a problem **with some recent DRAM devices** in which repeatedly accessing a row of memory can cause bit flips in adjacent rows.
The bug is a hardware bug. They used it to exploit Linux, and to exploit NaCl. The same bug could almost certainly be used to exploit Windows. I don't see how this is difficult to understand.
-
They used it to exploit Linux, and to exploit NaCl.
Salt isn't even software. Goddamned these Linux users are stupid, if they think you can escalate privileges of salt.
-
I don't see how this is difficult to understand.
It's @blakeyrat; he always twists this sort of thing into Linux hate because he's secretly in love with Richard Stallman ;)
-
Guys. It's pretty damn obvious trolling and you're still falling for it.
-
If they missed the earlier obviousness of the trolling I'm wondering if anyone is going to try and grab this one:
Salt isn't even software.
-
The bug is a hardware bug
This has already been addressed:
Right. LINUX hardware
-
-
Crap, I missed that one. :-)
-
-
I'm wondering if anyone is going to try and grab this one:
Salt isn't even software
-
Guys. It's pretty damn obvious trolling and you're still falling for it.
- It was worth checking first, just in case
b) Why are you trying to stop flamewars on TDWTF?
- It was worth checking first, just in case
-
-
Right. LINUX hardware.
Look. Linux. It's dripping with Linux. What's wrong with you people?
-
This reminded me of an old favourite: Is your son a computer hacker?
-
Is that for... real? I mean, real real or is some trolling site like the Onion?
-
AFAIK, the site I linked to is just an archive.
Whether the archived madness is genuine or a troll... I don't know. I treat it as a troll because I like to keep what little is left of my faith in humanity intact for the time being.
-
That article's old. And a piss-take ;)
-
I wonder how many decades it will be until there is any chance of anything computery being even vaguely secure.
The only time computers were ever secure was when they weighed multi-tons, were not networked, and had to be re-programmed for each use with jumper wires.
-
How to make a computer secure:
- Lock it in a room with reinforced walls, and sound and electromagnetic insulation (gotta watch for those side-channel attacks!)
- Make sure there's no networking of any kind and that nobody's allowed near it.
- Place two guards with rifles at the door
- Place a camera filming the guards, and two other guards in a far away place looking at the video feed to activate the self-destruct mechanism if the first pair of guards try to enter the room.
-
- Leave the computer unplugged from the power outlet.
Thank you Discourse for turning my 5 into a 1.
-
How to make a computer secure:
- Lock it in a room with reinforced walls, and sound and electromagnetic insulation (gotta watch for those side-channel attacks!)
- Make sure there's no networking of any kind and that nobody's allowed near it.
- Place two guards with rifles at the door
- Place a camera filming the guards, and two other guards in a far away place looking at the video feed to activate the self-destruct mechanism if the first pair of guards try to enter the room.
You forgot to include a generator and diesel fuel. Or else you might be able to pick up stray noise on the AC mains.
-
Technically I never mentioned electricity...
But yeah I suppose a computer needs some power source to run whatever you want it to run (probably sign or encrypt some message with a private key). If you just need to keep it on for a while to use it, you could make it pedal-powered so nothing has to come in or out...
-
5. Don't let someone leave the facility with the firmware key signed out in their name. </chappie>
-
How to make a computer secure:
- Put a >50Mt nuke inside the computer
- Detonate it.
- Remember that you should have retreated to a minimum safe distance
- ???
- Proffit!
-
-
On similar note or not:
###Flash on Raspberry pi 2 crash
-
Oh, you need a xenon flash. I tried with my cell phone camera and couldn't get my Pi to reboot.
-
Crop out the channel logo! WTF is wrong with you!!!
-
-
why? it's not like it's interfering with the meaning of the image. also i like that logo. lots of nostalgia there.
-
@blakeyrat said:
Salt isn't even software.
If they missed the earlier obviousness of the trolling I'm wondering if anyone is going to try and grab this one:I don't know about you, but I'm gonna take that statement with a grain of ...
-
And what is the meaning of that image, now?
-
it appears to be jovial, friendly laughing.
-
Who is the pink water dragon laughing at?