Practical Rowhammer attack: Deduplication Flip Feng Shui (cryptoanalytic attack, from one VM memory to another VM)

https://www.vusec.net/projects/flip-feng-shui/

4 Likes

Does this apply to Maidsafe? Would Maidsafe even use public/private keys? Why has no one chimed in on this yet? It’s been 2 days for a topic that seems really interesting, but no replies. What in the world? Hello? I’m seriously dumbfounded. It’s like everyone is stuck on that Former Employee thread because they hate themselves and everything around them. Come on, now.

1 Like

It may affect vaults set in public VMs. So it is an issue just like any other problems caused by malware.

The issue here is that you have to rely on the VM (cloud) provider to detect malicious VMs on the same machine that your VM running a vault is on.

There is really little that can be done to protect your vault.

For the network a compromised vault/node would be treated the same as any other malicious vault/node specifically setup to do bad things. There is plenty of discussions about this, but the tl;dr is that the group is designed to gain agreement before doing things so vaults/nodes affected by this (or setup to do bad things) would be in disagreement and overruled.

3 Likes