Become a fan of Slashdot on Facebook


Forgot your password?
Security Software Hardware

Once Thought Safe, DDR4 Memory Shown To Be Vulnerable To 'Rowhammer' ( 31

An anonymous reader writes from an Ars Technica article: Physical weaknesses in memory chips that make computers and servers susceptible to hack attacks dubbed "Rowhammer" are more exploitable than previously thought and extend to DDR4 modules, not just DDR3, according to a recently published research paper. The paper, titled How Rowhammer Could Be Used to Exploit Weaknesses in Computer Hardware (PDF), arrived at that conclusion by testing the integrity of dual in-line memory modules, or DIMMs, using diagnostic techniques that hadn't previously been applied to finding the vulnerability. The tests showed many of the DIMMs were vulnerable to a phenomenon known as "bitflipping," in which 0s were converted to 1s and vice versa.
This discussion has been archived. No new comments can be posted.

Once Thought Safe, DDR4 Memory Shown To Be Vulnerable To 'Rowhammer'

Comments Filter:
  • I know it's a problem, but love how this works. Wonder if it was around when Going Postal was written.
    • It has been around as long as semiconductor memory has been around. And not just in DRAM. Static memory, including on-cpu cache can have it. It is a well known potential defect that should be tested for during manufacture.

      Some manufacturers cheat.

      • by Megol ( 3135005 )

        Bullshit. The cheat part that is, that nearby signals can interfere is true but trivially so. Water is wet, signals can interfere - so what?

        The problems isn't caused by cheating and implying that not only confuses people but also takes away the important lesson that computers are complex on many levels and that avoiding bugs is f-king hard.

        [And that critical systems should have ECC in hardware, software or preferably both]

  • I'm convinced that the only safe device these days is a Speak 'N Spell []. (I heard the Etch A Sketch [] is vulnerable to "vibration-hacking" and "elbow-jogging" attacks by annoying younger brothers and sisters.)

  • by JustAnotherOldGuy ( 4145623 ) on Saturday March 19, 2016 @02:41PM (#51732507)

    Ha ha, I'm safe because I'm still using 16-pin DIPs in my PC XT. Suck it, hackers!

  • Getty Lee is already well aware of this pattern []!
  • Wouldn't a fairly simple fix be to make it so that consecutive rows in the RAM do not correspond to consecutive memory addresses? The virtual memory manager is already serving up the physical RAM in 4k pages. Right now the rows within the 4k page are consecutive, but any given block of RAM bigger than 4k may actually be comprised of pages from anywhere in the physical RAM. If you reordered the rows within the 4k page at a hardware level it would be difficult to know which rows were actually consecutive.
    • by mathew7 ( 863867 )

      Actually, just switching the LSBs from the row address would be enough, with the manufacturer hiding it (or even better: randomizing).
      Since "researching" for this, I saw some information that they already have a mapping for production yelding; which is logical, as you can get more chips with target-size+10% and 91% working (100 from 110) than target-sized and perfect. But I think they currently just "skip", instead of re-arrange rows.
      Also, the individual chips which eventually feed the 64-bit bus (with 512b

"If it's not loud, it doesn't work!" -- Blank Reg, from "Max Headroom"