During the ICT.Open 2017 conference in de Flint Amersfoort, Victor won the best Dutch Cyber Security Research Paper (DCSRP) award for Drammer. Published at the CCS’16 conference in Vienna, Drammer shows hardware bit flips on mobile devices and their reliable exploitation for the first time.
Drammer was presented at CCS 2016 3 weeks ago. Our work shows that the Rowhammer hardware vulnerability is prevalent on mobile devices and that attackers can exploit it in a deterministic manner (a la Flip Feng Shui).
Press, Vendor Coverage & Discussion
After initial coverage in the form of two written articles by Ars Technica and WIRED, and a podcast from Security Now!, Drammer was quickly picked up by the mainstream press. International items include: Daily Mail, PCWorld, Softpedia, Slashdot, Tech Times, The Register, Fossbytes, The Inquirer, Digital Journal, Hack Read, SC Magazine, Threatpost, BetaNews, Gamenguide, TechTarget, BleepingComputer, NDTV, On the Wire, and InvestorPlace.
Other local items popped up in Argentina (Segu-info), Austria (Der Standard), Belgium (DeMorgen), China (Freebuff, Sohu, EEPW), Czech Republic (Svět Androida), Denmark (Version2), France (Silicon, Le Monde Informatique, Informanews), Germany (Der Spiegel, Golem.de, Pro-Linux, Crn.de, JAXenter, Computer Bild , t3n Magazine, Netzwelt.de), Hungary (HWSW), Italy (Repubblica.it, Punto Informatico, Gadgetblog.it, Tutto Android), Mexico (PCWorld Mexico), The Netherlands (NU.nl, Tweakers.net, Crimesite), Norway (Digi.no), Poland (eGospodarka, Softonet, PCLab.pl, Dobreprogramy, PC Format, Telix.pl), Russia (Хакер, Securitylab.ru), Slovakia (Živé.sk), Spain (López Dóriga, CSO, El Android libre), Switzerland (Neue Zürcher Zeitung), Taiwan (iThome), Turkey (Teknokulis, CHIP, Webtekno), and Ukraine (KO).
Bruce Schneier linked to our project page and we made it to the front page of The Hacker News. Shortly after, Drammer prompted Rowhammer mitigation efforts on LWN and was discussed by Linus Torvalds on Alan Cox’ Google Plus post. We caused a spike in Google queries for Rowhammer, approaching its popularity from 2015, when Google’s Project Zero released the Rowhammer-based exploit.
Drammer made an appearance on Dutch national television in an episode of De Universiteit van Nederland (“The University of The Netherlands”).