What if we told you that there is a problem that affects over 80% of DRAM memory chips worldwide that is turning every system today into some type of malicious attack. Well, this potential problem is present in all PCs and has become a lie to the devil itself for memory manufacturers.
What is the Rowhammer?
It is necessary to start from the fact that a DRAM memory chip consists of an array of bit cells where each one consists of a transistor and a capacitor, which discharges over time. It is therefore necessary to permanently recharge electrically so that the data is not lost. As standard and until the 2010s, each memory bit line had a refresh time, which means refreshing the DRAM.
Well, the Spanish engineer Juan Gomez Lunais currently in the University of Zurichwith his research team, discovered in 2014 a problem that they named Rowhammer and consists of:
- Yes, we are accessing a bitline continuously during the refresh time
- In the end, it ends up happening that the information of the adjacent rows changes.
And what happens when the bits of a data line are changed? Well, by changing the occasional zero for a one and vice versa, it ends up happening that the information is no longer the same, producing errors. said problem began to stand out in RAM from 2008, and it grows more and more. The manufacturer’s response? Since a series of column or Rowhammer hammers are required, less than 5000, the 64 milliseconds between refresh and refresh has been reduced from 32 milliseconds and in some cases even 16. Doubling or even quadrupling the power consumption in this part .
Why is this a security issue?
By forcing changes to specific parts of memory, a malicious program can cause certain system security settings to be disabled. Let’s not forget that in the RAM there are two spaces, the one reserved for applications and the one for the operating system, and although we cannot access this part, we can make continuous accesses and cause the Rowhammer and the voila, the door is open.
Imagine someone wants to come into your house, you turn the key and suddenly Tapping on the lock due to the vibration would cause the mechanism to rotate and the door to be opened. Well, that’s the problem we’re talking about and it’s become a very popular way for rogue app creators to gain access to other people’s systems and steal data in recent years.
This problem appeared and the use of DRAM memory as potential caches in processors disappeared overnight for more than obvious reasons. The solution to this problem? The use of SRAM memory which does not need to be refreshed, but then the RAM storage capacity would drop to 1/4 or even 1/8 per memory chip, which would increase costs and be fatal for many many applications.
It is used in the world of homebrew consoles
Since it is necessary to have software signed by the manufacturer of a video game system in order to be able to run programs, being able to access the RAM of the system to find out how it works and see what is happening requires certain different invasive methods. of the conventional ones.
A very common trick is to connect a signal transmitter to the memory pins that communicates with the RAM as if it were the processor in order to read its contents, but also to know the functions of certain key parts of it . So in order to access the most hidden parts of the system and reverse engineer a Rowhammer is provoked from outside and this way they can know which parts of memory are crucial in their challenge to break which for them is a puzzle.
And it’s not just being used in consoles, there are challenges from major automakers where they’re giving away millions to see how long it takes for a person to be able to control a next-gen car. It is precisely in this market that most of the countermeasures to this problem have been developed. Since with the rise of smart cars, it is very dangerous that a third party can control it.
