A new technique for hacking DRAM could expose your DDR4 RAM to attacks, and potential system takeovers. Thankfully, Google is stepping up with the smart idea to make the findings public, in the hopes it will expedite a fix.
The software is a new variant of a known vulnerability called Rowhammer. The vanilla version of the software would compromise the data rattling around your RAM's memory cells by granting hackers ability to access one adjacent row, and modify the content of other memory addresses, by sending multiple access requests.
It's existed for a while and, according to Neowin, it came about thanks to an "electrical coupling phenomenon in silicon chips which bypasses software- and hardware-based protection."
Previously, with DDR3 chips, it was possible for DRAM manufacturers to protect against Rowhammer hacks by implementing logic that would detect and block the dodgy activity. They thought it was all over. Now though, with the advent of DDR4, it's been revealed that the bane of Rowhammer remains a threat, still working through TRRespass and other methods.
Queue the harbingers over at Google, who explain there's a new, even more dangerous, 'Half-double' Rowhammer technique about now, and its been shown to surpass its predecessor by at least one more row, though it's not as effective at accessing deeper into the cache. Still, there is potential it could access deeper rows, exposing even more data.
"Unlike TRRespass, which exploits the blind spots of manufacturer-dependent defenses, Half-Double is an intrinsic property of the underlying silicon substrate," says Google. "This is likely an indication that the electrical coupling responsible for Rowhammer is a property of distance, effectively becoming stronger and longer-ranged as cell geometries shrink down. Distances greater than two are conceivable."
This is all coming out publicly to encourage a collaborative effort to plug the compromise as soon as possible. Google is also working with industry partners like semiconductor standards organisation JEDEC to get the ball rolling. You can see what they've come up with so far here, and here.