Latest addition to hacker toolkits - a light bulb

Friday, 16 May 2003, 11:52 AM EST

Java and .Net virtual machines can be prised open with a little ingenuity and hacking tools as crude as a light bulb, according to a pair of Princeton University researchers.

The attack, presented in a paper presented at an IEEE Symposium on Security and Privacy in Oakland this week, relies on creating memory errors on a virtual machine using the heat from a light bulb. By causing bits to flip on silicon running a virtual machine, the security model underpinning the process is broken. This is because a machine will no longer faithfully follow its specified instruction set.

Typically, this technique would simply cause a system to crash. But by inserting code into memory and filling the rest of the memory space with the address of the free code, researchers Andrew Appel and Sudhakar Govindavajhala succeed in getting the potentially malicious code to execute 70 per cent of the time.

[ Read more ]




Spotlight

How GitHub is redefining software development

Posted on 26 January 2015.  |  The security industry is slowly realizing what the developer community knew for years - collaboration is the key to and likely the future of innovation.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Jan 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //