RAMBleed RAM Attack; New Way To Steal Data

Chat about just about anything else
Post Reply
User avatar
Portreve
Level 7
Level 7
Posts: 1848
Joined: Mon Apr 18, 2011 12:03 am
Location: Florida
Contact:

RAMBleed RAM Attack; New Way To Steal Data

Post by Portreve » Tue Jun 11, 2019 6:56 pm

The Register: Security: RAMBleed picks up Rowhammer, smashes DRAM until it leaks apps' crypto-keys, passwords, other secrets
The Register wrote: In a paper released online on Tuesday – with the now obligatory vulnerability illustration and dedicated domain, rambleed.com – Andrew Kwong (University of Michigan), Daniel Genkin (University of Michigan), Daniel Gruss (Graz University of Technology, and Yuval Yarom (University of Adelaide and Data61), describe a way to use the Rowhammer technique as a side channel to read data that should be off limits rather than write it.

It demonstrates it is possible for malware or a rogue user on a system to hammer bits in RAM to read information in memory belonging to other programs and users, and thus siphon off secrets in the process. This is not particularly brilliant for multi-tenant boxes in public clouds. The research is scheduled to be presented May, 2020, at the 41st IEEE Symposium on Security and Privacy.
and
"After profiling the target’s memory, we show how RAMBleed can leak secrets stored within the target’s physical memory, achieving a read speed of about 3–4 bits per second," the paper said.
and
According to Kwong, it took almost four hours to read out enough of a 2048-bit RSA encryption key such that they could recover the rest with a variant of the Heninger-Shacham algorithm.
Discuss.
I have to leave so I can get home by the time I arrive.

Presently rocking LinuxMint 19.1 Cinnamon.

Remember to mark your fixed problem [SOLVED].

BigEasy
Level 6
Level 6
Posts: 1234
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by BigEasy » Wed Jun 12, 2019 1:25 am

Portreve wrote:
Tue Jun 11, 2019 6:56 pm
"After profiling the target’s memory, we show how RAMBleed can leak secrets stored within the target’s physical memory, achieving a read speed of about 3–4 bits per second," the paper said.
OMG! Single secret photo of my cat will be read for about 2 months.
Windows assumes I'm stupid but Linux demands proof of it

RollyShed
Level 2
Level 2
Posts: 64
Joined: Sat Jan 12, 2019 8:58 pm
Location: South Island, New Zealand

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by RollyShed » Wed Jun 12, 2019 5:21 am

So at 3 bits a second a 100 kb picture would take 9-1/4 hours to down load? That's if it was actually in memory all the time and actually worth stealing.
Yes? No?

So how does anyone know when there might be some data worth stealing and what happens if the user turns their computer off part way through a steal?

User avatar
Pjotr
Level 21
Level 21
Posts: 12647
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by Pjotr » Wed Jun 12, 2019 7:27 am

RollyShed wrote:
Wed Jun 12, 2019 5:21 am
So at 3 bits a second a 100 kb picture would take 9-1/4 hours to down load? That's if it was actually in memory all the time and actually worth stealing.
Yes? No?

So how does anyone know when there might be some data worth stealing and what happens if the user turns their computer off part way through a steal?
Image
Tip: 10 things to do after installing Linux Mint 19.1 Tessa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

BigEasy
Level 6
Level 6
Posts: 1234
Joined: Mon Nov 24, 2014 9:17 am
Location: Chrząszczyżewoszyce, powiat Łękołody

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by BigEasy » Wed Jun 12, 2019 8:32 am

RollyShed wrote:
Wed Jun 12, 2019 5:21 am
So at 3 bits a second a 100 kb picture would take 9-1/4 hours to down load?
No! Not 9.25 hours. 74 hours to download. 100 kb means 100 kiloBYTES, not 100 kiloBITS :mrgreen:
Windows assumes I'm stupid but Linux demands proof of it

RollyShed
Level 2
Level 2
Posts: 64
Joined: Sat Jan 12, 2019 8:58 pm
Location: South Island, New Zealand

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by RollyShed » Wed Jun 12, 2019 6:01 pm

BigEasy wrote:
Wed Jun 12, 2019 8:32 am
No! Not 9.25 hours. 74 hours to download. 100 kb means 100 kiloBYTES, not 100 kiloBITS :mrgreen:
Thanks for that, I did wonder what I'd forgotten (bytes vs bits). How many times a day do most people switch their laptops off? Desktop once a day (for me) so that is off 5 times (6 day's worth of time @ 12 hours per day). It sounds like another theoretical "thing".

User avatar
Pjotr
Level 21
Level 21
Posts: 12647
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by Pjotr » Wed Jun 12, 2019 6:12 pm

RollyShed wrote:
Wed Jun 12, 2019 6:01 pm
It sounds like another theoretical "thing".
For the time being. It might become a real threat, if and when it evolves. But we may expect security fixes by then. :wink:
Tip: 10 things to do after installing Linux Mint 19.1 Tessa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
MrEen
Level 12
Level 12
Posts: 4166
Joined: Mon Jun 12, 2017 8:39 pm

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by MrEen » Wed Jun 12, 2019 6:15 pm

Pjotr wrote:
Wed Jun 12, 2019 7:27 am
Yikes! In just a few more hoursdays, Pjotr will have the whole cat!

User avatar
Pjotr
Level 21
Level 21
Posts: 12647
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by Pjotr » Wed Jun 12, 2019 6:24 pm

MrEen wrote:
Wed Jun 12, 2019 6:15 pm
Pjotr wrote:
Wed Jun 12, 2019 7:27 am
Yikes! In just a few more hoursdays, Pjotr will have the whole cat!
Damn, I've been exposed. :evil:
Tip: 10 things to do after installing Linux Mint 19.1 Tessa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
lsemmens
Level 8
Level 8
Posts: 2161
Joined: Wed Sep 10, 2014 9:07 pm
Location: Rural South Australia

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by lsemmens » Wed Jun 12, 2019 6:53 pm

Regardless of the efficiency of said data thief. It's programs like this that help make Linux more secure than other OSs. Patches are usually made quietly and in the background so we never really hear about the problems they cure.
Kernel: 4.15.0-46-generic x86_64 bits
Desktop: Cinnamon 3.8.9
Distro: Linux Mint 19 Tara

Laptop HP-ProBook-470-G2 8Gb RAM SSD
Server AMD Phenom 9650 - GEForce 9400GT 6Gb RAM
+ three other Mint machines
Out of my mind - please leave a message

RollyShed
Level 2
Level 2
Posts: 64
Joined: Sat Jan 12, 2019 8:58 pm
Location: South Island, New Zealand

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by RollyShed » Wed Jun 12, 2019 8:41 pm

How many times have you had to feed the cat since it was stolen? Or fed it while it was being stolen or..... sounds like a catastrophe to me.... Have you catalogued this? A catable offence?

User avatar
MrEen
Level 12
Level 12
Posts: 4166
Joined: Mon Jun 12, 2017 8:39 pm

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by MrEen » Wed Jun 12, 2019 8:48 pm

Code: Select all

scott@scott-HP ~ $ cat ~/Pictures/kat.jpg
cat: /home/scott/Pictures/kat.jpg: No such file or directory
scott@scott-HP ~ $
I guess Pjotr's computer is quick as a cat! The file's already gone!

User avatar
Portreve
Level 7
Level 7
Posts: 1848
Joined: Mon Apr 18, 2011 12:03 am
Location: Florida
Contact:

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by Portreve » Thu Jun 13, 2019 11:12 am

MrEen wrote:
Wed Jun 12, 2019 8:48 pm

Code: Select all

scott@scott-HP ~ $ cat ~/Pictures/kat.jpg
cat: /home/scott/Pictures/kat.jpg: No such file or directory
scott@scott-HP ~ $
I guess Pjotr's computer is quick as a cat! The file's already gone!
Image

“Dammit, Jim, I'm the Doctor, not a cat thief investigator!
I have to leave so I can get home by the time I arrive.

Presently rocking LinuxMint 19.1 Cinnamon.

Remember to mark your fixed problem [SOLVED].

User avatar
BG405
Level 7
Level 7
Posts: 1822
Joined: Fri Mar 11, 2016 3:09 pm
Location: England

Re: RAMBleed RAM Attack; New Way To Steal Data

Post by BG405 » Tue Jun 18, 2019 12:21 pm

BigEasy wrote:
Wed Jun 12, 2019 8:32 am
No! Not 9.25 hours. 74 hours to download. 100 kb means 100 kiloBYTES, not 100 kiloBITS :mrgreen:
In this case it will indeed be a 100KB image; although, as I understand it, Kb = kilobits whereas KB means kilobytes. :wink:
RollyShed wrote:
Wed Jun 12, 2019 5:21 am
3 bits a second
At that rate, I would think the only potentially viable targets would be servers running at (close to) 100% uptime. No doubt someone is working on speeding that up .. :|
Dell Inspiron 1525 - LM17.3 CE 64-------------------Acer D255E 2GB - Manjaro KDE, LM17.3 KDE 32
Toshiba NB305 - Manjaro KDE------------------------K7S5A AMD 1.2GHz - LM17.3 Xfce 32 & WinXP-Pro
Acer Aspire E11 ES1-111M - LM18.2 KDE 64 ----Dell PII 350 64MB - Puppy 4.3 & Win98-SE

Post Reply

Return to “Open chat”