Originally Posted by rluker5
This seems pretty complicated, but it seems like using multiple hits to get timings and then try to rowhammer them would put the data into the L4 cache of a Broadwell-c, which may have different outcomes when it is read in conjunction with data from regular ram, or evicted to regular ram partially through the process. I.E. corrupted nonsense vs a successful hack.
I am sure that it would affect operating frequency but couldn't they have put in a proverbial "speedbump"(for lack of a more appropriate term) prior to the L4 that would disrupt this type of attack? Seems to me a reasonable alternative that could've been implemented after previous hacks of Intel architecture. Shoot even one that would disable the L4 altogether would be a useful feature notifying Administrator of an attack. A sort of if X happens in Y amount of log attempts apply Z outcome?
I don't have all the answers, just a random option.