- These Sony headphones deliver premium sound and comfort - without the premium price
- The LG soundbar I prefer for my home theater slaps with immersive audio - and it's not the newest model
- Samsung's new flagship laptop rivals the MacBook Pro, and it's not just because of the display
- Email marketing is back and big social is panicking - everything you need to know
- Revisiting Docker Hub Policies: Prioritizing Developer Experience | Docker
AMD data center chips vulnerable to revealing data through ‘BadRAM’ attack
AMD’s Secure Encrypted Virtualization (SEV), meant to protect processor memory from prying eyes in virtual machine (VM) environments, can be tricked into giving access to its encrypted memory contents using a test rig costing less than $10, researchers have revealed.
Dubbed “BadRAM” by researchers from the University of Lübeck in Germany, KU Leven in Belgium, and the University of Birmingham in the UK, the proposed attack is conceptually simple as well as cheap: trick the CPU into thinking it has more memory than it really has, using a rogue memory module, and get it to write its supposedly secret memory contents to the “ghost” space.
The researchers achieved this using a test rig anyone could buy, consisting of a Raspberry Pi Pico, costing a few dollars, and a DIMM socket to hold DDR4/5 RAM modules. First, they manipulated the serial presence detect (SPD) chip built into the memory module to misreport the amount of onboard memory when booting up — the “BadRAM” part of the attack.
