Prof. Herbert Bos
VUSec, Vrije Universiteit, Amsterdam, NL.
4th February 2022 - 4:00pm - 5:00pm (GST)
Bad memories: How the Rowhammer Vulnerability Evolved From an Academic Curiosity to a Serious Threat
Within a span of just a few years, we have gone from completely trusting our hardware to realising that everything is broken and all our security guarantees are built on sand. While CPU vulnerabilities such as Meltdown and Spectre have taken up much of the limelight, the Rowhammer vulnerabilitiy in memory chips are just as worrying. In particular, in 2014 researchers reported that DRAM chips have a fundamental flaw that allows attackers to modify data without accessing it. At that time, nobody knew how serious this issue would turn out to be. In this talk, I will discuss some of the developments in Rowhammer attacks, mostly by means of the research in our group. I will also argue that the way we conduct security research on hardware is problematic as the interests of hardware manufacturers and academics do not align.
Herbert Bos is professor of Systems and Network Security at Vrije Universiteit Amsterdam where he co-leads the VUSec research group. He obtained his Ph.D. from Cambridge University Computer Laboratory (UK). Coming from a systems background, he drifted into security a few years ago and never left. His research interests cover all aspects of system-level security and reliability, including topics such as software hardening, exploitation, micro-architectural attacks, binary analysis, fuzzing, side channels, and reverse engineering. With his students he has won 5 PWNIE Awards at Black Hat, all for novel attacks related to hardware. He is very proud of his (former) students who are much cleverer than he is. He worries about climate change and loves the Beatles.