1. 7
  1. 6

    With the rather major qualifier that cross VM ram dedupe is enabled, which probably comes close to downgrading the title to “incorrect”.

    1. 5

      Interesting that two different Rowhammer-based cross-VM attacks have been released at roughly the same time. See here for the other one.

      1. 1

        That’s the same attack. This is the just the “all aboard the hype train” press article about the paper.

        (Er, I was wrong.)

        1. 6

          Ah, I didn’t realise that, as they’re two different papers with different researchers involved (albeit both being published at Usenix). Here’s the paper for this article.

          1. 5

            OH! They are different. Very sorry. The attack this article is about, Flip Feng Shui, from researchers in Amsterdam, has been making the rounds for a while now. So in a sense, the same attack as “before”.

            What I missed was the second attack by Ohio State researchers! This does look at least a little different. Now to read the paper and find out. :)

            Thanks for pointing this out. I noticed the same thing but came to a very different conclusion.

      2. 1

        Article says this attack is mitigated by “relying on memory with error-correcting codes”. Are there cloud hosts, or even “private cloud” deployments that are not using ECC memory?

        1. -1

          “New butt attack takes full control of virtual machines with little effort”, just thought I’d share the lol.