Researchers discover your PC’s RAM is even easier to hack than thought

dram
Security researchers have found new methodology that could make Rowhammer attacks easier for hackers to execute. New ways of triggering the process seem to be much quicker and more reliable than previous routines, which could lead to an increase in the use of this burgeoning exploit.

Rowhammer works by taking advantage of a physical weakness in dynamic random-access memory, or DRAM, which can cause memory cells to leak their charges and affect the content of nearby rows. Known among researchers as “bitflipping,” it’s an unintentional side effect of recent efforts to make memory more compact. It wasn’t long, however, before ways of prompting the process on purpose were discovered.

Previous research uncovered methods that were unreliable or prohibitively difficult. One process used Javascript for a successful result, but that approach was limited to certain platforms, was slow to complete its work, and required the targeted user to have made certain tweaks to the default settings on their system.

Now, a new report suggests that code already present on the target system that contains non-temporal instructions could be used to facilitate bitflipping, according to a report from Ars Technica. Because non-temporal instructions store data on a DRAM chip rather than the cache, they provide a much more direct route to the target.

Potentially, a malicious Web app could exploit non-temporal instructions to remove the security constraints being put in place by a Web browser. Alternatively, malicious files fed into a video player or another app could seize upon instructions used by the software to make an attack on the system’s DRAM.

This method demonstrates the continued importance of security work — it’s thought that Rowhammer might be a couple of years away from being practical, which gives developers some time to combat its effects. However, the fact that these attacks utilize a physical trait of DRAM memory might make them rather difficult to counteract.

Computing

With 20,000 sites swallowed up, a botnet is eating WordPress alive

A botnet of infected WordPress sites has been attacking other WordPress sites, generating up to five million malicious logins on certain WordPress backends within the last thirty days.
Computing

Here’s how to install Windows on a Chromebook

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so, just in case you're looking to nab some Windows-only…
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Cars

Best Products of 2018

Our reception desk has so many brown boxes stacked up, it looks like a loading dock. We’re on a first-name basis with the UPS guy. We get new dishwashers more frequently than most people get new shoes. What we’re trying to say is: We…
Computing

Windows 10 user activity logs are sent to Microsoft despite users opting out

Windows 10 Privacy settings may not be enough to stop PCs from releasing user activity data to Microsoft. Users discovered that opting out of having their data sent to Microsoft does little to prevent it from being released.
Computing

Intel's discrete graphics will be called 'Xe,' IGP gets Adapative Sync next year

Intel has officially dubbed its discrete graphics product Intel Xe, and the company also provided details about its Gen11 IGP. The latter will include adaptive sync support and will arrive in 2019.
Computing

Intel answers Qualcomm's new PC processors by pairing Core and Atom in 'Foveros'

Intel has announced a new packaging technology called 'Foveros' that makes it easier for the company to place multiple chips together on one package. That includes chips based on different Intel architectures, like Core and Atom.
Computing

Razer’s classic DeathAdder Elite gaming mouse drops to $40 on Amazon

If you're looking to pick up a new gaming mouse for the holidays, Amazon has you covered with this great deal on the classic Razer DeathAdder Elite gaming mouse with customizable buttons, RGB lighting, and a 16,000 DPI optical sensor.
Computing

Intel's dedicated GPU is not far off -- here's what we know

Did you hear? Intel is working on a dedicated graphics card. It's called Arctic Sound and though we don't know a lot about it, we know that Intel has some ex-AMD Radeon graphics engineers developing it.
Computing

Firefox 64 helps keep your numerous tabs under control

Mozilla officially launched Firefox 64 by placing new features into the laps of its users including new tab management abilities, intelligent suggestions, and a task manager for keeping Firefox's power consumption under control.
Computing

Here's our guide to how to charge your laptop using a USB-C cable

Charging via USB-C is a great way to power up your laptop. It only takes one cable and you can use the same one for data as well as power -- perfect for new devices with limited port options.
Computing

Apple MacBook Air vs. Microsoft Surface Pro 6

The MacBook Air was updated with more contemporary components and a more modern design, but is that enough to compete with standouts like Microsoft's Surface Pro 6 detachable tablet?
Computing

Installing fonts in Windows 10 is quick and easy -- just follow these steps

Want to know how to install fonts in Windows 10? Here's our guide on two easy ways to get the job done, no matter how many you want to add to your existing catalog, plus instructions for deleting fonts.