• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » Rowhammer Exploit Threatens Cloud Virtual Machines

By Abhishek Ghosh September 5, 2016 9:13 am Updated on September 5, 2016

Rowhammer Exploit Threatens Cloud Virtual Machines

Advertisement

Row hammer / rowhammer can open the way to the memory cells to leak their charges and interact electrically within them. Each bit of stored data occupies a separate memory cell that is electrically implemented with one capacitor and one transistor in DRAM – charged or discharged of a capacitor determines whether a DRAM cell stores binary value as 1 or 0. So it is happening at hardware level. The circumvention of the isolation environment is possible in modern DRAM. Row hammer is an unintended side effect in DRAM. In This this article, We Will Discuss in Brief How This Rowhammer Exploit Threatens Cloud Virtual Machines. It can be used as hardware bug.

 

Background History of Rowhammer Exploit Before Entering the Area of Cloud Virtual Machines

 

Physically smaller memory cells is capable of storing smaller charges, resulting in increased rates of electromagnetic interactions between memory cells, creating greater possibility of data loss. The known errors dates back to the early 1970s. There are various analysis on commercially available DDR3 DRAM chips in different years which are susceptible to errors. It is named as row hammer to the associate side effect that led to observed bit flips. There is also a variant called double sided hammering. Since the 70’s, the DRAM manufacturers have employed various mitigation techniques to counteract. Like Intel Xeon processors with Ivy Bridge microarchitecture, support pseudo target row refresh (pTRR) that can be used in combination with pTRR-compliant DDR3 dual in-line memory modules (DIMMs) to mitigate the row hammer effect by refreshing the suspected victim rows.

It is not hugely important to understand the mechanism of creation to a common webmaster or server administrator. It is important to understand which hardwares the flaw is around.

Advertisement

---

 

How The Rowhammer Exploit Threatens Cloud Virtual Machines

 

A group of researchers managed to obtain private keys of some cloud Virtual Machines (VM) with minimal effort. We can rely on a VM for the encryption keys – second VM hosted within the same cloud is not authorized SSH access. The requirements for exploits may appear unrealistic, but researchers’ work shows that it is possible to implement the attack reliably today in the cloud using Rowhammer, a wide-spread DRAM glitch and memory reduplication. The last one is a popular memory management feature to reduce the physical memory footprint of virtual machine by merging memory pages with the same content.

The basic version of Rowhammer had proved to date little use to potential attackers – the technique worked to corrupt and move certain bits of data could not be properly controlled in fact. Researchers managed to improve the tool by going to achieve a more effective technique – called “Flip Feng Shui”. So it is possible to manipulate the deduplication operations, special processes used in cloud environments, in order to save memory resources, implement the sharing of the same bit data used by one or more VMs. Flip Feng Shui is able to send a message to the physical memory so that the cryptographic keys or the other sensitive data is moved.

Rowhammer-Exploit-Threatens-Cloud-Virtual-Machines

The encryption software presently on the market are totally unprepared to face bit flipping. The attack can begin with the preliminary obtaining the public keys. Public keys per se are not able to reveal any useful matter for the private keys. Using the Flip Feng Shui to create a new variant can be used to fetch information on the corresponding private key. The experiment was carried out successfully on RSA keys. Flip Feng Shui fortunately needs certain conditions.

Tagged With cloud exploit , paperuri:(f5e14856c220bc3f75d3afd040a03918) , Pseudo Target Row Refresh , row hammer exploit on vm , Rowhammer exploit , rowhammer inn virtual machines , rowhammer xen virtual machine , science technology news

This Article Has Been Shared 868 Times!

Facebook Twitter Pinterest

Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to Rowhammer Exploit Threatens Cloud Virtual Machines

  • Cloud Computing is Becoming Socially Acceptable

    Cloud Computing is Becoming Socially Acceptable day by day. From toothbrush to a computer keyboard, if the society do not accept, it becomes costly and useless.

  • Surveillance System Hard Drive and Smart Video Monitoring

    Smart Video Monitoring Demands Dedicated Surveillance System Hard Drive for Faster I/O. In House Data Storage is Faster than Cloud Storage.

  • OpenStack Raksha Client Tools (HP Cloud)

    OpenStack Raksha Client Tools Means the Python Tools Which are Related to Data Protection and Backup. Examples are Given With HP Cloud as Client.

  • Google Discontinues PageSpeed Service Promoting EdgeCast

    Google Discontinues PageSpeed Service Promoting EdgeCast. Google, Widely Known For Mass Surveillance Tools Will Discontinue it From 3rd August.

  • Machine Learning : Data Center Management to Big Data

    Machine Learning is Increasing Being Used From Data Center Management, Handling Big Data, Launching Cloud Server Instances to Server Monitoring.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

Get new posts by email:

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (24.3K Followers)
  • Twitter (5.8k Followers)
  • Facebook (5.7k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.3k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • What is Voice User Interface (VUI) January 31, 2023
  • Proxy Server: Design Pattern in Programming January 30, 2023
  • Cyberpunk Aesthetics: What’s in it Special January 27, 2023
  • How to Do Electrical Layout Plan for Adding Smart Switches January 26, 2023
  • What is a Data Mesh? January 25, 2023

About This Article

Cite this article as: Abhishek Ghosh, "Rowhammer Exploit Threatens Cloud Virtual Machines," in The Customize Windows, September 5, 2016, February 1, 2023, https://thecustomizewindows.com/2016/09/rowhammer-exploit-threatens-cloud-virtual-machines/.

Source:The Customize Windows, JiMA.in

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2023 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie SettingsAccept
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT