[RndTbl] Another reason to use ECC memory...

Trevor Cordes trevor at tecnopolis.ca
Wed Mar 11 03:32:56 CDT 2015


On 2015-03-10 Gilbert E. Detillieux wrote:
> http://arstechnica.com/security/2015/03/cutting-edge-hack-gives-super-user-status-by-exploiting-dram-weakness/

Great article.  The comments there are quite good also.

Everyone who knows me knows I'm 100% with Linus and 100% of our
computers should use ECC memory (like back when almost all 486's 
used parity).

Linus says (bluntly as usual; language warning):
http://i.imgur.com/jpga9md.png

This commenter pegged it:
"A little background, adding 1 bit ECC to a memory controller would be
really cheap, the overhead in memory would also be small. The reason it
doesn't exist on regular PCs is so they can market higher cost parts to
markets that require ECC."

Most people miss the boat when it comes to understanding why ECC isn't
in every computer.  It's not the cost.  The cost (if economies of scale
were the same) is at most 1/8th more than non-ECC.  No, the reason is
so they can charge $300 for a $200 processor, and $300 for a $200 mobo,
just because it's "server" or "workstation" grade.

If you care *at all* about your data (which is everyone, even if they
don't know it yet), you should use ECC.

Back to rowhammer: Not only could you gain root of a system (image),
but you could gain root of the host on a (possibly shared)
virtualization setup.  There goes the whole cloud model.  Are you sure
your cloud provider is using ECC???  :-)  Darek Mihocka (and others)
have talked about virt hosts not really being 100% safe from hardware
and software attacks executed on guests.


More information about the Roundtable mailing list