DeepSec2020 Talk: Faulting Hardware from Software – Daniel Gruss
Fault attacks induce incorrect behavior into a system, enabling the compromise of the entire system and the disclosure of confidential data. Traditionally, fault attacks required hardware equipment and local access. In the past five years multiple fault attacks have been discovered that do not require local access, as they can be mounted from software. We will discuss the Rowhammer attack and how it can subvert a system. We then show that a new primitive, Plundervolt, can similarly lead to a system compromise and information disclosure. We asked Daniel a few more questions about his talk. Please tell us the top 5 facts about your talk. Software-based fault attacks, like Rowhammer, enables unprivileged attackers to manipulate hardware Hardware flaws can lead to privilege escalation and a full system compromise Plundervolt is another fault attack we