Latest addition to hacker toolkits - a light bulb

17/05/2003 Written by John Leyden

Java and .Net vir­tual machines can be prised open with a lit­tle inge­nu­ity and hack­ing tools as crude as a light bulb, accord­ing to a pair of Prince­ton Uni­ver­sity researchers.

The attack, pre­sented in a paper pre­sented at an IEEE Sym­po­sium on Secu­rity and Pri­vacy in Oak­land this week, relies on cre­at­ing mem­ory errors on a vir­tual machine using the heat from a light bulb.By caus­ing bits to flip on sil­i­con run­ning a vir­tual machine, the secu­rity model under­pin­ning the process is bro­ken. This is because a machine will no longer faith­fully fol­low its spec­i­fied instruc­tion set.

Typ­i­cally, this tech­nique would sim­ply cause a sys­tem to crash. But by insert­ing code into mem­ory and fill­ing the rest of the mem­ory space with the address of the free code, researchers Andrew Appel and Sud­hakar Govin­dava­jhala suc­ceed in get­ting the poten­tially mali­cious code to exe­cute 70 per cent of the time.

Given phys­i­cal access to a com­puter there could be many more straight­for­ward attack mech­a­nisms. The researchers said their attack is par­tic­u­larly rel­e­vant against smart-​cards (which con­tain their own proces­sor) and tamper-​resistant com­put­ers. Most of their work so far has con­cen­trated on smart cards, where the impli­ca­tions of the attack are par­tic­u­larly seri­ous.

“There are smart cards that use Java that you could shine a light on, flip a bit and get access to the card’s data,” Govin­dava­jhala told CNET.