Google Project Zero finds common computer flaw that hackers can exploit: memory leaks

This post originally appeared in WIRED. In a post on its Google Project Zero security blog Monday, a group of the company’s researchers revealed new hacker exploits that take advantage of what’s known as the “Rowhammer” technique. That electromagnetic leakage can cause what’s known as “bit flipping,” in which transistors in the neighboring row of memory have their states reversed, turning ones into zeros or vice versa. The developer doesn’t know what the computer’s going to do, but the attacker does.” Google didn’t make its researchers available for an interview despite Wired’s request, and a representative wrote in a statement only that “We’re working closely with hardware manufacturers to help mitigate the issue.” In their blog post, however, Google researchers write that they first learned of the Rowhammer phenomenon from a paper published by a team of Intel and Carnegie Mellon University researchers last year. “We have observed 25+ bits flipped in one row on one particularly fragile machine.” But the Googlers’ real advancement is in how they used that technique to break into protected portions of a computer’s memory.