Part of Systems Security Research Group at the Vrije Universiteit Amsterdam
In the abstraction stack we are accustomed to, software relies on hardware to function properly and be a secure platform on which to develop systems software and applications.
In this talk we show how this assumption can break down. If the hardware fails us, all bets are off. The Rowhammer work (also known as Flip Feng Shui) shows how it is possible, using a hardware glitch (known as Rowhammer), to cause corruption on a co-hosted victim VM. A hardware glitch such as this is hard to aim (to cause the intended corruption reliably); with Flip Feng Shui we use an OS technique (memory deduplication) and repeatability to make the exploit targeted and reliable.
Ben Gras has been part of the systems security research group at the Vrije Universiteit Amsterdam since 2015. Previously, he was a scientific programmer working on the Minix operating system under Andy Tannenbaum for 10 years. He has published on various offensive security techniques and is currently pursuing a PhD in mischief.