Wednesday, August 31, 2016

Hardware hack

Most operating systems use a single bit to indicate whether a process is privileged (e.g. admin, root) or not.  If you can flip that bit, you can change a process from unprivileged ('normal') to privileged ('superman') giving you total access to a computer.   An attack named "Rowhammer" will hammer a row of bits in memory causing spillover into a neighboring row and flip bits.  By selectively choosing a row you can flip the "privilege" bit in a neighboring row. Here is a nice article describing Rowhammer and recent variants:

No comments:

Post a Comment