Home
2008:
January
February
March
April
May
June
July
August
2007:
January
February
March
April
May
June
July
August
September
October
November
December
2006:
January
February
March
April
May
June
July
August
September
October
November
December
2005:
January
February
March
April
May
June
July
August
September
October
November
December
2004:
January
February
March
April
May
June
July
August
September
October
November
December
2003:
January
February
March
April
May
June
July
August
September
October
November
December
2002:
January
February
March
April
May
June
July
August
September
October
November
December
2001:
January
February
March
April
May
June
July
August
September
October
November
December
2000:
April
May
June
July
August
September
October
November
December

(keitai-l) Re: bitflipping out of the sandbox

From: <t3_at_t3.org>
Date: 05/17/03
Message-Id: <20030517142527.FA2C.T3_at_t3.org>
Bit-flipping "attacks" are interesting academically, perhaps, but I fail
to see how it is a security concern. The attack requires both physical
access to the hardware and low level access to the operating system.

1) First you load a malicious program into non-sandbox memory.

2) You then fill all the computer's available memory with the address of
the malicious program. 

3) You then apply heat - or any kind of energy - to the CPU causing a
hardware error that will cause the CPU to jump to a random memory
location. This will either cause the computer to crash or to execute the
malicious code that you have loaded previously. 

If you can do either step one or two, there is no need for step three.

It's Rube Goldberg security attack. 

Tim
Received on Sat May 17 08:39:56 2003