Conversation

Notices

1. Embed this notice
   翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Sunday, 14-Jul-2024 22:23:37 JST 翠星石

   • Efi (nap pet) 🦊💤
   • BrianKrebs
   @briankrebs @efi This reminds me that RAM sticks starting from DDR5 run proprietary software now, so security-wise, you're boned even harder.
   
   I do enjoy boneless ECC DDR3 mind you.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Sunday, 14-Jul-2024 22:49:06 JST 翠星石

     in reply to

     • Efi (nap pet) 🦊💤
     • BrianKrebs
     @efi @briankrebs It's too late, you shall receive knowledge.
     
     Pretty much, with DDR5 the density has been increased and as a result bitflips happen all the time and need to corrected and can no longer be ignored.
     
     With previous RAM technologies, bitflips were and are known to happen fairly often, but manufacturers pretty much told people to just accept data corruption and if they want to not have that, they better pay a lot extra for a "server-grade" CPU and RAM.
     
     Linus Torvalds told Intel's developers multiple times that they should make ECC a standard feature, but they intentionally ignored him, as it seems that would cut into their lucrative "upmarket".
     
     Implementing ECC pretty much requires memory controller support plus an extra chip on each RAM stick to store parity data etc.
     
     ECC RAM is quite useful, as it can automatically correct a single bitflip without a hitch and if a double bitflip occurs, it can tell the kernel, Linux that x block of memory is corrupted - it can be the case that such block is only being used for cache and Linux can just proceed to just drop that block and re-read from disk, avoiding the case where a corrupted block gets written back to disk, leaving a file or a database with bitflips in it.
     
     Rather than implementing ECC, they put a microprocessor on each RAM stick, which runs software that detects and corrects bitflips in blocks.
     
     Rather than the RAM coming with the software, a EFI loads such software on boot - which is a real disaster for security as it's proprietary and few people know what's in there or how that stuff works and I'm confident there's the very real possibility of that "functionality" being exploited by malware that utilizes such microprocessors to carry out undetectable direct-RAM modification, or even exfiltrate data by using the RAM traces as an antenna (has been done before from the CPU side, but from the RAM side would be harder to detected).
     
     ECC DDR5 does exist, but you of course have to pay extra for "server-grade" hardware for it.
     
     https://en.wikipedia.org/wiki/DDR5_SDRAM?useskin=monobook#Features
   • Embed this notice
     Efi (nap pet) 🦊💤 (efi@chitter.xyz)'s status on Sunday, 14-Jul-2024 22:49:07 JST Efi (nap pet) 🦊💤

     in reply to

     • BrianKrebs

     @Suiseiseki @briankrebs how does that even work, oh my... wait, I DON'T want to know