Updated June 29, 2018: Shortly after news broke on RAMpage, Google reached out to Android Central with the following statement: "We have worked closely with the team from Vrije Universiteit, and though this vulnerability isn't a practical concern for the overwhelming majority of users, we appreciate any effort to protect them and advance the field of security research. While we recognize the theoretical proof of concept from the researchers, we are not aware of any exploit against Android devices."
There's a new security vulnerability, boys and girls. It's called RAMpage and is the latest type of Rowhammer attack to hit the scene.
RAMpage was discovered by a group of eight academics across three different universities and the official research paper was published on June 28, 2018. It reads as follows:
RAMpage breaks the most fundamental isolation between user applications and the operating system. While apps are typically not permitted to read data from other apps, a malicious program can craft a RAMpage exploit to get administrative control and get hold of secrets stored in the device.
As for what kind of secrets RAMpage could access, the paper notes that "this might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents."
RAMpage targets the ION subsystem in Android which is a memory allocation driver that was first launched by Google alongside Android 4.0 Ice Cream Sandwich. However, even though Android's the focus of the attack right now, it's expected that RAMpage could also impact iOS devices, desktops, and more.
Because RAMpage targets ION, gadgets that use LPDDR2/3/4 RAM are all impacted. In other words, if your Android phone was released during or after 2012, it's vulnerable to the attack.
The research going into RAMpage is still quite new, but now that a spotlight is being placed on it, hopefully we'll see Google and other OEMs do their part to get devices patched up for users around the globe.
We may earn a commission for purchases using our links. Learn more.
Samsung Galaxy S20 Fan Edition leak reveals a 120Hz display, Snapdragon 865
A new leak suggests the Galaxy S20 Fan Edition will come with a Snapdragon 865 chipset and a 120Hz display. The phone is rumored to debut in Q4 2020.
Breaking: Twitter says hack is the result of social engineering attack
Verified and non-verified Twitter accounts are having some features disabled, including the ability to tweet. Twitter is recommending resetting your password.
Microsoft Launcher's big 6.0 overhaul is here with new features
Microsoft today launched Microsoft Launcher 6.0, a massive overhaul of the codebase and design of the launcher. There are also several new features tagging along for the ride, including landscape mode.
With a phone as beautiful as the LG Velvet, you'll want to get a great case
It can be tough to find a great case for a new phone, especially for a phone with a unique and wonderful design like the LG Velvet. But thankfully, there are a lot of solid case choices out there and these are our favorites to keep your LG Velvet safe from when "life happens".