Deep Dive
Certain firmware responsible for managing discrete hardware components has been getting increasingly complex and is subject to vulnerabilities and exploits. The worst thing is, that in many cases existing threat detection systems are impotent.
To cast some light onto this alarming trend, let's review one by one the top 5 dangerous hardware vulnerabilities that have recently been found in today's PCs.
#1: RAM
Our undisputed leader in the hardware threat hit-parade is the DDR DRAM security issue, which isn't possible to solve via any software patch. The vulnerability dubbed Rowhammer, was provoked by, unexpectedly, the progress in the silicon industry.
As IC geometry continues to shrink, the neighboring hardware elements soldered on the chip get closer to each other and start interfering. In today's memory chips this phenomenon might result in spontaneous switching of the memory cells when getting a random electric pulse from the adjacent cells. Until recently, it was widely acknowledged that this phenomenon was impossible to use in any real-life PoC exploit, which might help an attacker gain control over the affected PC. However, a team of researchers managed to escalate privileges on 15 out of 29 laptops using this PoC.
This is how the PoC functions: To ensure security, only a designated program or OS process is allowed to change a certain block in RAM. To put it simply, some important process functions are allowed inside of a well protected building, while other untrusted programs are left banging on the front door.
However, it turns out that if one stomps loudly in front of this door (i.e. change the contents of memory cells too fast and frequently), the door lock is bound to break down. Who knew locks got so unreliable these days…
A newer standard-based DDR4 and parity-check enabled RAM modules (which are way more expensive) can sustain this kind of attack. That's the good news. The bad news, is that a very large chunk of modern PC-dom is hackable in the attack referenced above, and there's no remedy. The only feasible solution is replacement of all RAM modules.
Comments