With the rather major qualifier that cross VM ram dedupe is enabled, which probably comes close to downgrading the title to “incorrect”.
Interesting that two different Rowhammer-based cross-VM attacks have been released at roughly the same time. See here for the other one.
That’s the same attack. This is the just the “all aboard the hype train” press article about the paper.
(Er, I was wrong.)
Ah, I didn’t realise that, as they’re two different papers with different researchers involved (albeit both being published at Usenix). Here’s the paper for this article.
OH! They are different. Very sorry. The attack this article is about, Flip Feng Shui, from researchers in Amsterdam, has been making the rounds for a while now. So in a sense, the same attack as “before”.
What I missed was the second attack by Ohio State researchers! This does look at least a little different. Now to read the paper and find out. :)
Thanks for pointing this out. I noticed the same thing but came to a very different conclusion.
Article says this attack is mitigated by “relying on memory with error-correcting codes”. Are there cloud hosts, or even “private cloud” deployments that are not using ECC memory?
“New butt attack takes full control of virtual machines with little effort”, just thought I’d share the lol.