What is rowhammer? It’s not new, rowhammer was discussed in the “Flipping Bits in Memory Without Accessing Them: An Experimental Study of DRAM Disturbance Errors” paper published in 2014. But until now exploiting it required software to be installed on the victim computer. Google’s Project Zero has just proven that rowhammer exploits can be executed using nothing more than JavaScript. This is a devastating finding, proving that any computer vulnerable to rowhammer attacks – regardless of operating system or software-based protection – can be compromised.
But what IS rowhammer?
Unlike other exploits, rowhammer is a physical compromise. It uses an electrical vulnerability in densely packed DRAM chips to cause neighboring bits to flip. An attacker and change bits in your machine without directly accessing them. Wikipedia’s article on rowhammer does an excellent job of explaining it in a way that average computer users – like us – can get an idea of how it works. You can read that article here.
Why rowhammer has become a very big deal
With the discovery of a successful JavaScript based attack, rowhammer could be exploited using nothing more than JavaScript within a website.
Is there any hope?
The immediate outlook in dealing with this vulnerability is grim. Steps can be taken but they are hacky at best. Slowing JavaScript would help, but browser developers won’t likely willingly harm their software’s performance. Disabling JavaScript would protect you, but that would be very painful considering a vast majority of the web relies heavily on JavaScript to provide responsive and interactive user interfaces. To truly address the issue would require changing out the vulnerable chips, or possibly a bios modification which is beyond most user’s ability.
Rowhammer is a vulnerability that is worth staying informed on.
For further reading on rowhammer, check out the following:
Wikipedia’s article
Project Zero’s write up
Infoworld’s article
Slate’s article
Komando’s article