Results 1 ... 57 found in all logged channels for 'rowhammer'
(asciilifeform) asciilifeform: punkman: lulzily, the rowhammer 'mitigation' was bypassed almost immediately
(asciilifeform) punkman: arguably the funniest hardware bug is "rowhammer" etc, where fix has made all new processors non-trivially slower
(asciilifeform) asciilifeform: verisimilitude: see also 'rowhammer'.
(ossasepia) snsabot: Logged on 2019-11-06 04:32:16 jfw: so re pure, coreboot is a start, but many boards they only support by means of vendor blobs. Another thing is DDR2 memory, as anything later is widely susceptible to 'rowhammer' (now an open secret but believe I first learned this from asciilifeform).
(ossasepia) jfw: so re pure, coreboot is a start, but many boards they only support by means of vendor blobs. Another thing is DDR2 memory, as anything later is widely susceptible to 'rowhammer' (now an open secret but believe I first learned this from asciilifeform).
(trilema) feedbot: http://qntra.net/2019/06/rowhammer-being-used-to-read-from-vulnerable-ram/ << Qntra -- ROWHAMMER Being Used To Read From Vulnerable RAM
(trilema) asciilifeform: mp_en_viaje: i dislike ddr3 (3, 4, +) for safety-critical applications -- 'rowhammer' . but i have nfi for what mp_en_viaje uses these, then again.
(trilema) asciilifeform: ^ loox like theoretically afflicts even the venerable x60-era intels. ( aside from the detail that ddr2 aint, as i currently understand, rowhammerable )
(trilema) feedbot: http://qntra.net/2019/03/newly-documented-intel-speculative-memory-management-bug-affects-all-generations-of-intel-core-cpus-makes-rowhammering-much-easier/ << Qntra -- Newly Documented Intel Speculative Memory Management Bug Affects All Generations Of Intel "Core" CPUs, Makes ROWHAMMERing Much Easier
(trilema) asciilifeform: can't exactly put rowhammer.js where errybody'll ~see~ it, lol
(trilema) asciilifeform: if he doesn't, he's theoretically open to, e.g. rowhammer.js .
(trilema) asciilifeform: + rowhammer.js , lol, naturally..
(trilema) a111: Logged on 2017-08-24 14:41 asciilifeform: ( why to do this ? just as in other cases of 'i can't believe it's not X!', dram is not actually random-access -- all currently sold drams only achieve their rated speed in 'burst mode'; and from that it follows that they are only ever read to fill a cache line; and from this, trivial timing leak etc. and the joys of 'rowhammer', bonus. )
(trilema) asciilifeform: observe that box with 1990s level of immunity to 'cachebleeds', 'rowhammers', etc. still costs 1990s price...
(trilema) a111: Logged on 2018-02-14 15:02 mircea_popescu: (this is the deep, and political meaning of the rowhammer class of attacks : it has rendered amazon's business entirely worthless ; much like basic physics make tesla be a paper-only usg venture, so now the last remaining flagship. all hopes now pinned on googles artificial "intelligence" [and i guess "quantum" wank].)
(trilema) mircea_popescu: (this is the deep, and political meaning of the rowhammer class of attacks : it has rendered amazon's business entirely worthless ; much like basic physics make tesla be a paper-only usg venture, so now the last remaining flagship. all hopes now pinned on googles artificial "intelligence" [and i guess "quantum" wank].)
(trilema) mp_en_viaje: wait, is the "protected" mode how you do the useful things such as you know, rowhammer et all ?
(trilema) asciilifeform: the interesting thing re js, is that entirely ~aside~ from traditional cmachine bugolade, it gets compiled c-cstyle nowadays, in popular graphical wwwbrowsers, ( how else to churn 50MB of google crapola ) and so e.g. rowhammerism works in it.
(trilema) a111: Logged on 2017-10-05 00:19 asciilifeform: here's a choice lulzgem: 'One-location hammering is based on a previously unknown Rowhammer effect. With one-location hammering, the attacker only runs a Flush+Reload loop on a single memory address at the maximum frequency. This virtually keeps the DRAM bank permanently open. We observed that one-location hammering drains enough charge from the DRAM cells to induce bit flips.'
(trilema) a111: Logged on 2017-08-24 14:41 asciilifeform: ( why to do this ? just as in other cases of 'i can't believe it's not X!', dram is not actually random-access -- all currently sold drams only achieve their rated speed in 'burst mode'; and from that it follows that they are only ever read to fill a cache line; and from this, trivial timing leak etc. and the joys of 'rowhammer', bonus. )
(trilema) mircea_popescu: anyway, to revisit the upstack problem : the solution to rowhammer, 3.0 as 1.0, is not to "make kernel flush all the time, 50% performance penalty" nor the original "solutions" nor any of that crap.
(trilema) asciilifeform: re 'rowhammer', for some reason when i first found out about it, the immediate picture was ye olde legend re how zeks supposedly at least once overturned a train, from the inside, in a stolypin car , 'let's all heave-left' then 'right' etc
(trilema) asciilifeform: mircea_popescu: this was hammer-in-face obvious after the ~original~ rowhammer demo
(trilema) asciilifeform: here's a choice lulzgem: 'One-location hammering is based on a previously unknown Rowhammer effect. With one-location hammering, the attacker only runs a Flush+Reload loop on a single memory address at the maximum frequency. This virtually keeps the DRAM bank permanently open. We observed that one-location hammering drains enough charge from the DRAM cells to induce bit flips.'
(trilema) ben_vulpes: rowhammer, the gift that keeps on giving.
(trilema) asciilifeform: btw rowhammer dun apply to sram.
(trilema) mircea_popescu: moreover, what's to keep your glass ball from rowhammer.
(trilema) asciilifeform: ( why to do this ? just as in other cases of 'i can't believe it's not X!', dram is not actually random-access -- all currently sold drams only achieve their rated speed in 'burst mode'; and from that it follows that they are only ever read to fill a cache line; and from this, trivial timing leak etc. and the joys of 'rowhammer', bonus. )
(trilema) mircea_popescu: cache hits to reference the recent rowhammer lulz, you name it.
(trilema) mircea_popescu: rowhammer included by reference
(trilema) asciilifeform: it rowhammers.
(trilema) asciilifeform: (incidentally js is 'expressive' enough to... 'rowhammer'. so why settle for small change, burn entire box)
(trilema) asciilifeform: dram is how we get wonders such as 'rowhammer', but also bits that rot from not only cosmic ray but the background gamme of impurities in ITSELF, etc
(trilema) assbot: Logged on 17-02-2016 20:56:36; asciilifeform: which opens up a rowhammer-like attack vector.
(trilema) asciilifeform: last thing i will say for now on subj is - expect many more 'rowhammer'-like effects as desperate wunderwaffen attempts to resuscitate 'moore's law' explore new depths of fuhrerbunker desperation.
(trilema) asciilifeform: which opens up a rowhammer-like attack vector.
(trilema) mircea_popescu: but not one that rowhammers the fuck out of it ?
(trilema) deedbot-: [Qntra] Intel Skylake Brings Optimized #ROWHAMMER Exploit - http://qntra.net/2016/01/intel-skylake-brings-optimized-rowhammer-exploit/
(trilema) BingoBoingo: K, qntra's slow seems to have a touch of the DDoS. Going to sleep. Anyone who wants to write about Intel's Skylake already having a rowhammer exploit coded for its DDR4 controler feel free to sumbit a piece.
(trilema) asciilifeform: for so long as somebody can lead you to walk contiguous path in ram, you can rowhammer.
(trilema) mircea_popescu: like, a rowhammer immune one.
(trilema) asciilifeform: (how to abolish 'rowhammer' ? a) don't use ddr3, why does a tetris-playing accountant need 128GB of ram?? b) use ram that is wired as a hash table, where n+1 is NOT physically adjacent or otherwise predictably distant from n. ---- BUTBUTBUT i want 128GB! but i want bust readwrite! FUCKYOU
(trilema) asciilifeform: ditto 'rowhammer' and related idiocies
(trilema) assbot: Project Zero: Exploiting the DRAM rowhammer bug to gain kernel privileges ... ( http://bit.ly/1fr43lp )
(trilema) mircea_popescu: http://googleprojectzero.blogspot.com.ar/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
(trilema) mircea_popescu: but a sort of low level rowhammer
(trilema) asciilifeform: mats: if you treat 'rowhammering' as a statistical phenomenon, instead of allowing the enemy to induce arbitrary memory access patterns on the machine, it is considerably easier to deal with.
(trilema) mircea_popescu: moreover, there are fixes for the particular effect, buy rowhammer proof sticks.
(trilema) asciilifeform: i don't even see 'rowhammer' as a security item, as such. just an indicator of 'this system is built on snot and bubblegum'
(trilema) asciilifeform: mircea_popescu: did intel ever mention rowhammer ?
(trilema) asciilifeform: !s rowhammer
(trilema) asciilifeform: (ddr3 is the type of dram affected by 'rowhammer')
(trilema) asciilifeform: trinque, jurov: see also recently publicized 'rowhammer' effect.
(trilema) ascii_field: rowhammer article << didn't we do that here a while ago?
(trilema) assbot: Project Zero: Exploiting the DRAM rowhammer bug to gain kernel privileges ... ( http://bit.ly/1BpfrUH )