A new DRAM hacking technique could expose your DDR4 RAM to attacks and possible system acquisitions. Fortunately, Google is stepping up the smart idea of making the findings public, in the hopes of finding a solution.
Software is a new variant of a known vulnerability called Rowhammer. The vanilla version of the software would compromise the data that was breaking around the memory cells of your RAM, giving hackers the ability to access an adjacent row and modify the contents of other memory addresses using the sending multiple access requests.
It has been around for a while and according to Neowin, occurred thanks to a "phenomenon of electrical coupling in silicon chips that avoids protection based on software and hardware."
Previously, with DDR3 chips, DRAM manufacturers could protect themselves against Rowhammer hackers by implementing logic that would detect and block evasive activity. They thought it was over. However, with the advent of DDR4, it has been revealed that the destruction of Rowhammer remains a threat, still working. TRRespass and other methods.
Queue up to Google advertisers, who explain that there is now a new "half-double" Rowhammer technique that is even more dangerous and has been shown to outperform its predecessor by at least one more row, though not as well. effective for accessing deeper caches. However, you may be able to access deeper rows, exposing even more data.
“Unlike TRRespass, which exploits the blind spots of the manufacturer’s dependent defenses, Half-Double is an intrinsic property of the underlying silicon substrate,” says Google. "This is likely to be an indication that Rowhammer's responsible electrical coupling is a property of distance, which effectively becomes stronger and more powerful as cell geometries shrink. Distances can be conceived. more than two ".
All of this is coming out publicly to encourage a collaborative effort to take the commitment as soon as possible. Google is also working with industry partners, such as the JEDEC Semiconductor Standards Organization, to roll the ball. You can see what they have come up with so far here, i here.