Rowhammer.js: Root privileges for web apps? A tale of fault attacks on DRAM and attacks on CPU caches

Clémentine Maurice and Daniel Gruss

30 min

30 min 2015-12-28

2015-12-28 25653

25653 Fahrplan

Playlists: '32c3' videos starting here

"Insanity: doing the same thing over and over again and expecting different results."

Albert Einstein - Who did not live long enough to see Rowhammer

Recent studies have found that repeated accesses to DRAM rows can cause random bit flips, resulting in the so called Rowhammer vulnerability. We present Rowhammer.js, the first remote software-induced hardware-fault attack, from JavaScript. We also extend our presentation with an overview of cache side-channel attacks, that use the same technique to evict data from the cache.

Download

Related

Embed Share:







Tags