Slashdot Mirror
New Cloud Attack Takes Full Control of Virtual Machines With Little Effort (arstechnica.com)
C3ntaur writes: The world has seen the most unsettling attack yet resulting from the so-called Rowhammer exploit, which flips individual bits in computer memory. It's a technique that's so surgical and controlled that it allows one machine to effectively steal the cryptographic keys of another machine hosted in the same cloud environment. Until now, Rowhammer has been a somewhat clumsy and unpredictable attack tool because it was hard to control exactly where data-corrupting bit flips happened. While previous research demonstrated that it could be used to elevate user privileges and break security sandboxes, most people studying Rowhammer said there was little immediate danger of it being exploited maliciously to hijack the security of computers that use vulnerable chips. The odds of crucial data being stored in a susceptible memory location made such hacks largely a matter of chance that was stacked against the attacker. In effect, Rowhammer was more a glitch than an exploit. Now, computer scientists have developed a significantly more refined Rowhammer technique they call Flip Feng Shui. It manipulates deduplication operations that many cloud hosts use to save memory resources by sharing identical chunks of data used by two or more virtual machines. Just as traditional Feng Shui aims to create alignment or harmony in a home or office, Flip Feng Shui can massage physical memory in a way that causes crypto keys and other sensitive data to be stored in locations known to be susceptible to Rowhammer. The research paper titled "Flip Feng Shui: Hammering a Needle in the Software Stack" can be read here.
For SSH, since you can only flip one bit, you have to already know the public key you want to exploit, find a easily factorizable key one bitflip away, then get the host to dedup. So no, this wont allow somebody to hack into arbitrary servers, only if there's already been data exfiltrated.
Your hair look like poop, Bob! - Wanker.
Rowhammer in all its incarnations is not the problem. If you are vulnerable to such attacks it is because your RAM is defective. Can we stop pretending this is an exploit we need elaborate schemes to protect against and just call it what it is: A crappy products that need to be replaced from manufacturers that need to be held accountable for it.
Aren't modern servers tested for rowhammer?
My HP Integrity's offline diagnostics does three hammering tests, and will fail the diag if even a single read does not match what it should - and this is on a machine nearly 10 years old (though the diag disc is from 2012).
It's an interesting idea and nicely carried out, but in the real world I doubt this is of much concern. For the attack to be successful, all of the following must hold
1. memory susceptible to rowhammer attack (in itself not trivial - only few and given memory locations can be flipped)
2. VM manager merges physically identical pages of unrelated VMs (i.e., the identical memory pages of different VMs point to the same physical page)
3. attacker VM must know the contents of the page in the victim VM
4. attacker must register a page with the to-be-attacked contents before the victim VM does so that it can somewhat control its physical location and use rowhammer on it
Especially #3 is not easy. In the paper, the authors assume they know all SSH authorized keys of the victim page which seems a bit far-fetched. Pages holding OS contents are easier to guess; I think an attack on those is more probable.
Also, the fix is trivial. Don't buy cheap RAM that can be attacked with rowhammer for your data centers.
He's pointing out by example that the whole purpose of a public key is to be distributed to other parties, and that doing so is safe due to the inability* to infer the private key through factorisation. Bit flipping a properly formed key Kpub is highly likely to result in an easily factored "key" K'pub for which the private key K'priv can be trivially derived.