When I saw this title, I believed that perhaps they have found a method to detect a Rowhammer attack, which could be used to initiate countermeasures.
Unfortunately no, they have found how to use a Rowhammer attack to obtain a fingerprint of the computer on which it is executed, which can be used to uniquely identify any computer, even among many computers with identical hardware and identical installed software.
I haven’t read the whole paper, but from the discussion section it looks like Centauri was implemented with native code in mind, but could probably be implemented (less reliably and more slowly) in JavaScript.
And it seems (from some shallow research) there is no widespread, effective mitigation for rowhammer techniques, and if anything devices have only gotten more vulnerable over time.
Sounds pretty devastating for privacy on the web if it’s implemented and easily distributed, no?
It's unfortunate that the design defect that allows RowHammer to work hasn't been required to be corrected. This shouldn't be a problem by now, it's been almost a decade, and a few generations of hardware.
Unfortunately no, they have found how to use a Rowhammer attack to obtain a fingerprint of the computer on which it is executed, which can be used to uniquely identify any computer, even among many computers with identical hardware and identical installed software.