Your $8,000 GPU just became a backdoor into your entire system. Researchers have cracked Nvidia's high-end graphics cards with a devastating new attack called GDDRHammer, turning shared cloud GPUs into weapons for complete machine takeover.
This isn't your typical software hack. GDDRHammer exploits a physical quirk in memory chips where rapidly accessing certain memory locations causes electrical interference that literally flips bits from 0 to 1 or vice versa. It's like repeatedly slamming a door until the house foundation cracks.
The breakthrough is staggering in scope. Previous GPU attacks managed a measly eight bit flips and could only mess with AI model outputs. GDDRHammer achieves 129 flips per memory bank—a 64-fold improvement—and uses those flips to break out of the GPU entirely and seize control of the host computer's CPU memory.
Here's why this matters beyond impressive research papers. High-performance GPUs cost more than most people's cars, so cloud providers share them among dozens of users. One malicious actor can now potentially compromise an entire server and access everyone else's data, code, and secrets.
The attack targets Nvidia's Ampere generation cards, specifically the RTX 6000. The good news? Newer Ada generation cards appear immune because they use updated memory that researchers haven't cracked yet. The bad news? Ampere cards are still widely deployed across cloud infrastructure.
There's a crucial catch that limits immediate damage. The attack only works when IOMMU memory protection is disabled—which unfortunately happens to be the default BIOS setting on many systems. It's like leaving your front door unlocked because turning the deadbolt requires extra effort.
This represents a fundamental shift in the Rowhammer attack landscape. What started as a CPU memory exploit in 2014 has evolved into a cross-component assault where GPU access becomes a pathway to total system compromise. The isolation barriers between different hardware components are crumbling.
Cloud providers and enterprise users need to audit their GPU deployments immediately. Enable IOMMU protection where possible, monitor for suspicious memory access patterns, and consider isolating GPU workloads more aggressively.
The broader lesson is unsettling: as we pack more computing power into shared infrastructure, the attack surface expands in unexpected ways. Today's specialized research hack becomes tomorrow's script kiddie tool. The race between hardware security and creative exploitation just got a lot more interesting.
SPACE
SpaceX Accuses Amazon of Launching Satellites Into Wrong Altitude
Amazon is launching satellites 50-90 kilometers higher than authorized, and SpaceX is furious about it. The accusation landed at the FCC yesterday, with SpaceX claiming Amazon's Project Kuiper is creating collision risks and violating orbital debris rules.
The drama centers on what seems like a technical detail but could determine who controls the future of satellite internet. Amazon promised to deploy satellites at 400km altitude before moving them to final orbits between 590-630km. Instead, SpaceX alleges Amazon has launched eight times above 450km without proper approval or coordination.
Amazon's response is deliciously pointed: SpaceX only started complaining after moving its own Starlink satellites into nearby altitudes. Oh, and SpaceX actually helped Amazon launch satellites at similar altitudes last year when Amazon was paying SpaceX for launch services. The hypocrisy accusations are flying faster than the satellites themselves.
This isn't really about orbital mechanics—it's about market dominance. SpaceX operates over 7,000 Starlink satellites and wants to launch up to 1 million more. Amazon's Kuiper constellation aims to deploy 3,236 satellites to compete for the same broadband internet customers. Every regulatory delay helps the incumbent.
The timing reveals the deeper game. Amazon says changing launch altitudes would have delayed deployment by months, exactly the kind of setback that benefits SpaceX's massive head start. Both companies have weaponized FCC proceedings against each other for years, turning space policy into corporate warfare.
SpaceX has influential allies in this fight. FCC Chairman Brendan Carr recently dismissed Amazon's attempts to block SpaceX's million-satellite expansion plans. When your regulator is already skeptical of your opponent, launching a safety complaint becomes even more strategic.
The safety concerns aren't entirely fabricated. Low Earth orbit is getting crowded, and collision risks are real. SpaceX recently reported two Starlink failures that created new space debris, undermining their safety authority somewhat. But the selective enforcement complaints suggest this is more about competition than collision avoidance.
Amazon counters that it properly informed the FCC about its launch parameters and that SpaceX's objections are conveniently timed. The company argues it's following approved procedures while SpaceX moves goalposts to maintain competitive advantage.
The broader issue is space governance in an era of commercial constellations. Traditional orbital coordination worked when launches were rare and operators were mostly governments. Now private companies are deploying thousands of satellites with business models that reward speed over consensus.
This dispute previews the regulatory battles ahead as space becomes increasingly commercialized. Technical standards become competitive weapons, safety concerns mask market protection, and the FCC becomes referee in a multi-billion-dollar orbital land grab.
Source: Ars Technica
The drama centers on what seems like a technical detail but could determine who controls the future of satellite internet. Amazon promised to deploy satellites at 400km altitude before moving them to final orbits between 590-630km. Instead, SpaceX alleges Amazon has launched eight times above 450km without proper approval or coordination.
Amazon's response is deliciously pointed: SpaceX only started complaining after moving its own Starlink satellites into nearby altitudes. Oh, and SpaceX actually helped Amazon launch satellites at similar altitudes last year when Amazon was paying SpaceX for launch services. The hypocrisy accusations are flying faster than the satellites themselves.
This isn't really about orbital mechanics—it's about market dominance. SpaceX operates over 7,000 Starlink satellites and wants to launch up to 1 million more. Amazon's Kuiper constellation aims to deploy 3,236 satellites to compete for the same broadband internet customers. Every regulatory delay helps the incumbent.
The timing reveals the deeper game. Amazon says changing launch altitudes would have delayed deployment by months, exactly the kind of setback that benefits SpaceX's massive head start. Both companies have weaponized FCC proceedings against each other for years, turning space policy into corporate warfare.
SpaceX has influential allies in this fight. FCC Chairman Brendan Carr recently dismissed Amazon's attempts to block SpaceX's million-satellite expansion plans. When your regulator is already skeptical of your opponent, launching a safety complaint becomes even more strategic.
The safety concerns aren't entirely fabricated. Low Earth orbit is getting crowded, and collision risks are real. SpaceX recently reported two Starlink failures that created new space debris, undermining their safety authority somewhat. But the selective enforcement complaints suggest this is more about competition than collision avoidance.
Amazon counters that it properly informed the FCC about its launch parameters and that SpaceX's objections are conveniently timed. The company argues it's following approved procedures while SpaceX moves goalposts to maintain competitive advantage.
The broader issue is space governance in an era of commercial constellations. Traditional orbital coordination worked when launches were rare and operators were mostly governments. Now private companies are deploying thousands of satellites with business models that reward speed over consensus.
This dispute previews the regulatory battles ahead as space becomes increasingly commercialized. Technical standards become competitive weapons, safety concerns mask market protection, and the FCC becomes referee in a multi-billion-dollar orbital land grab.
Enjoyed this?
Get stories like this delivered every Tuesday — free.