• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

RAMBleed - New Side-Channel Attack

Joined
Mar 23, 2016
Messages
2,144 (1.82/day)
Processor Ryzen 5 2600X
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C15-17-17-17-35
Video Card(s) MSI GeForce RTX 2060 GAMING Z 6G
Storage Samsung 970 EVO NVMe M.2 500 GB, SanDisk Ultra II 480 GB
Display(s) Samsung SyncMaster C27H711 OC refresh rate 110Hz
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Creative Labs Sound Blaster Audigy Rx
Power Supply EVGA 850 BQ
Mouse SteelSeries Rival 310
Keyboard Logitech G G413 Silver
Software Windows 10 Professional 64-bit v1903
RAMBleed is a side-channel attack that enables an attacker to read out physical memory belonging to other processes. The implications of violating arbitrary privilege boundaries are numerous, and vary in severity based on the other software running on the target machine. As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well.

RAMBleed is based on a previous side channel called Rowhammer, which enables an attacker to flip bits in the memory space of other processes. We show in our paper that an attacker, by observing Rowhammer-induced bit flips in her own memory, can deduce the values in nearby DRAM rows. Thus, RAMBleed shifts Rowhammer from being a threat not only to integrity, but confidentiality as well. Furthermore, unlike Rowhammer, RAMBleed does not require persistent bit flips, and is thus effective against ECC memory commonly used by server computers.
How can I mitigate this issue?
Users can mitigate their risk by upgrading their memory to DDR4 with targeted row refresh (TRR) enabled.


Source: https://rambleed.com/
 
Joined
Aug 20, 2007
Messages
11,190 (2.59/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64
So basically a nonissue to anything but extremely high value targets, ala rowhammer
 
Joined
Sep 26, 2017
Messages
192 (0.31/day)
Location
Here
Processor Intel i7 8700k
Motherboard Z370 AORUS Gaming 7
Cooling Noctua NH-D15S
Memory G.SKILL Ripjaws V Series 32GB DDR4 3333 16-16-16-36
Video Card(s) MSI RTX 2080 Ti Ventus OC
Storage Samsung EVO 250GB 2x-500GB XPG SX8200 PRO 1 TB
Display(s) Acer Predator Z321QU
Case Fractal Design Meshify C
Power Supply Seasonic Focus Plus 750 Gold
The white hat hackers is way more of a threat than the black hat hackers ever thought about being. The black hats have gotten more ideas on how to from the white hats.
 
Joined
Aug 20, 2007
Messages
11,190 (2.59/day)
System Name Pioneer
Processor Intel i9 9900k
Motherboard ASRock Z390 Taichi
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory G.SKILL TridentZ Series 32GB (4 x 8GB) DDR4-3200 @ DDR4-3400 14-14-14-34-2T
Video Card(s) EVGA GTX 1080 FTW2
Storage HGST UltraStar 7K6000 3.5" HDD 2TB 7200 RPM (w/128MBs of Cache)
Display(s) LG 32GK850G-B 1440p 32" AMVA Panel G-Sync 144hz Display
Case Thermaltake Core X31
Audio Device(s) Onboard Toslink to Schiit Modi Multibit to Asgard 2 Amp to AKG K7XX Ruby Red Massdrop Headphones
Power Supply Seasonic PRIME 750W 80Plus Titanium
Mouse ROCCAT Kone EMP
Keyboard WASD CODE 104-Key w/ Cherry MX Green Keyswitches, Doubleshot Vortex PBT White Transluscent Keycaps
Software Windows 10 x64
The white hat hackers is way more of a threat than the black hat hackers ever thought about being. The black hats have gotten more ideas on how to from the white hats.
Trust me, the black hats likely knew about some of these and just told no one. Wrong philosophy.
 
Joined
Sep 26, 2017
Messages
192 (0.31/day)
Location
Here
Processor Intel i7 8700k
Motherboard Z370 AORUS Gaming 7
Cooling Noctua NH-D15S
Memory G.SKILL Ripjaws V Series 32GB DDR4 3333 16-16-16-36
Video Card(s) MSI RTX 2080 Ti Ventus OC
Storage Samsung EVO 250GB 2x-500GB XPG SX8200 PRO 1 TB
Display(s) Acer Predator Z321QU
Case Fractal Design Meshify C
Power Supply Seasonic Focus Plus 750 Gold
Trust me, the black hats likely knew about some of these and just told no one. Wrong philosophy.
Yeah i know...i was just spitball'n. I mean we're putting everything into building our computers and we are slowly getting it cut down to where nothing but a nub is left.
 
Last edited:
Top