On 2015-03-10 Gilbert E. Detillieux wrote:

http://arstechnica.com/security/2015/03/cutting-edge-hack-gives-super-user-s...

Great article. The comments there are quite good also.

Everyone who knows me knows I'm 100% with Linus and 100% of our computers should use ECC memory (like back when almost all 486's used parity).

Linus says (bluntly as usual; language warning): http://i.imgur.com/jpga9md.png

This commenter pegged it: "A little background, adding 1 bit ECC to a memory controller would be really cheap, the overhead in memory would also be small. The reason it doesn't exist on regular PCs is so they can market higher cost parts to markets that require ECC."

Most people miss the boat when it comes to understanding why ECC isn't in every computer. It's not the cost. The cost (if economies of scale were the same) is at most 1/8th more than non-ECC. No, the reason is so they can charge $300 for a $200 processor, and $300 for a $200 mobo, just because it's "server" or "workstation" grade.

If you care *at all* about your data (which is everyone, even if they don't know it yet), you should use ECC.

Back to rowhammer: Not only could you gain root of a system (image), but you could gain root of the host on a (possibly shared) virtualization setup. There goes the whole cloud model. Are you sure your cloud provider is using ECC??? :-) Darek Mihocka (and others) have talked about virt hosts not really being 100% safe from hardware and software attacks executed on guests.