August 4, 2016
Last night, at the Black Hat Conference in Las Vegas, VU researchers Erik Bosman, Kaveh Razavi, Cristiano Giuffrida, and Herbert Bos won the prestigious Pwnie for Most Innovative Research for their work: "Dedup Est Machina: Memory Deduplication as an Advanced Exploitation Vector".
The Pwnie Awards, sometimes referred to as the Oscars for hackers, are named after the word "pwn", which is hacker slang for compromising and controlling some system.
Brief explanation of the attack:
The attack has two components. First, it makes use of the way modern systems such as Windows handle memory, which is very efficient, but also allows attackers to leak secret information (such as passwords and other secrets).
Second, it harnesses a bizarre hardware glitch that exists in many memory chips in use today. Because bits of data are packed so closely together in modern memory chips, the reliability of memory cells saving the bits has started to suffer. By reading from memory locations fast enough, some charge will leak from one memory cell to another, resulting the value of some of the stored bits to "flip". Of course, this is very rare and normal software should never experience this, but the VU researchers show how to do this in a controlled way.
The research results change our view on software security. We used to think that information systems were insecure because the software was so buggy. Now we see that even with *perfect software*, attackers can still pwn your system. The work forced Microsoft to rethink the memory management design of the latest version of the Windows operating system.