----- Forwarded message from Jerry Leichter <leichter@lrw.com> ----- Date: Thu, 1 Sep 2016 11:33:16 -0400 From: Jerry Leichter <leichter@lrw.com> To: Cryptography List <cryptography@metzdowd.com> Subject: [Cryptography] "Flip Feng Shui: Hammering a Needle in the Software Stack" X-Mailer: Apple Mail (2.3124) "We introduce Flip Feng Shui (FFS), a new exploitation vector which allows an attacker to induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on hardware bugs to induce bit flips over memory and on the ability to surgically control the physical memory layout to corrupt attacker-targeted data anywhere in the software stack.... Memory deduplication allows an attacker to reverse-map any physical page into a virtual page she owns as long as the page’s contents are known. Rowhammer, in turn, allows an attacker to flip bits in controlled (initially unknown) locations in the target page. We show FFS is extremely powerful: a malicious VM in a practical cloud setting can gain unauthorized access to a co-hosted victim VM running OpenSSH. Using FFS, we exemplify end-to-end attacks breaking OpenSSH public-key authentication, and forging GPG signatures from trusted keys, thereby compromising the Ubuntu/Debian update mechanism." https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_... -- Jerry _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message ----- Does Rowhammer work in clouds? According to the popular story it affected only laptops.