Rowhammer bit flips in DRAM enable software attackers to fully compromise a great variety of systems. Hardware mitigations can be precise and efficient but suffer from long deployment cycles and very limited or no update capabilities. Consequently, refined attack methods have repeatedly bypassed deployed hardware protections, repeatedly leaving commodity systems vulnerable to Rowhammer attacks.

In this paper, we present Memory Band-Aid, a principled defense-in-depth against Rowhammer. Memory Band-Aid is no replacement for long-term, efficient hardware mitigations but a defense-in-depth that is activated when hardware mitigations are discovered to be insufficient on a specific system generation. For this purpose, Memory Band-Aid introduces per-thread and per-bank rate limits for DRAM accesses in the memory controller, ensuring that the minimum number of row activations for Rowhammer bit flips cannot be reached. We implement a proof-of-concept of Memory Band-Aid on Ubuntu Linux and test it on 3 Intel and 3 AMD systems. In a micro-benchmark to cause DRAM pressure, we observe a slow down up to a factor of 5.2. In a collection of realistic Phoronix macro-benchmarks, we observe a low overhead of 0 % to 9.4 %. Both overheads only apply to untrusted throttled workloads, e.g., sandboxes, for instance in browsers. Especially as Memory Band-Aid can be enabled on demand, we conclude that Memory Band-Aid is an important defense-in-depth that should be deployed in practice as a second defense layer.

Rowhammer is a disturbance error in Dynamic Random-Access Memory (DRAM) that can be deliberately triggered from software by repeatedly reading, i. e., hammering, proximate memory locations in different DRAM rows. While numerous studies evaluated the Rowhammer effect, in particular how it can be triggered and how it can be exploited, most studies only use a small sample size of Dual In-line Memory Modules (DIMMs). Only few studies provided indication for the prevalence of the effect, with clear limitations to specific hardware configurations or FPGA-based experiments with precise control of the DIMM, limiting how far the results can be generalized.

In this paper, we perform the frist large-scale study of the Rowhammer effect involving 1 006 data sets from 822 systems. We measure Rowhammer prevalence in a fully automated crossplatform framework, FLIPKIT, using the available state-of-theart software-based DRAM and Rowhammer tools. Our framework automatically gathers information about the DRAM and uses 5 tools to reverse-engineer the DRAM addressing functions, and based on the reverse-engineered functions uses 7 tools to mount Rowhammer. We distributed the framework online and via USB thumb drives to thousands of participants from December 30, 2024, to June 30, 2025. Overall, we collected 1 006 datasets from systems with various CPUs, DRAM generations, and vendors. Our study reveals that out of 1 006 datasets, 453 (371 of the 822 unique systems) succeeded in the first stage of reverseengineering the DRAM addressing functions, indicating that successfully and reliably recovering DRAM addressing functions remains a significant open problem. In the second stage, 126 (12.5 % of all datasets) exhibited bit flips in our fully automated Rowhammer attacks. Our results show that fully-automated, i. e., weaponizable, Rowhammer attacks work on a lower share of systems than FPGA-based and lab experiments indicated but with 12.5 % enough to be a practical vector for threat actors. Furthermore, our results highlight that the two most pressing research challenges around Rowhammer exploitability are more reliable reverse-engineering addressing functions, as 50 % of datasets without bit flips failed in the DRAM reverse-engineering stage, and reliable Rowhammer attacks across diverse processor microarchitectures1, as only 12.5 % of datasets contained bit flips. Addressing each of these challenges could double the number of systems susceptible to Rowhammer and make Rowhammer a more pressing threat in real-world scenarios. 

We introduce WireTrust, a VPN architecture for ARMv8-A devices that leverages ARM TrustZone to mitigate OS-level vulnerabilities. Contrary to commodity VPNs, WireTrust does not rely on the security of the OS, its network stack, or its routing tables to provide a secure VPN full tunnel. WireTrust operates transparently to applications on the device and enforces that all IP traffic is routed exclusively through the VPN tunnel, blocking attempts to bypass it even if the OS has been compromised. WireTrust ensures that packets outside the tunnel are discarded before they reach the OS, significantly reducing the device’s attack surface that is exposed to the public internet. Extending the WireGuard VPN, we implement a proof of concept on real hardware, show that WireTrust's additions to the trusted computing base account for 6.61%, and measure a performance penalty of 2.12% - 5.50% on TCP throughput and 1.40% on latency compared to stock WireGuard.

KI im Marketing, Methoden des maschinellen Lernens, Anwendungsmöglichkeiten von KI im Marketing, insbesondere auch von generativer KI

This paper introduces a novel benchmark dataset designed to evaluate the capabilities of Vision Language Models (VLMs) on tasks that combine visual reasoning with subject-specific background knowledge in the German language. In contrast to widely used English-language benchmarks that often rely on artificially difficult or decontextualized problems, this dataset draws from real middle school curricula across nine domains including mathematics, history, biology, and religion. The benchmark includes over 2,000 open-ended questions grounded in 486 images, ensuring that models must integrate visual interpretation with factual reasoning rather than rely on superficial textual cues. We evaluate thirteen state-of-the-art open-weight VLMs across multiple dimensions, including domain-specific accuracy and performance on adversarial crafted questions. Our findings reveal that even the strongest models achieve less than 45% overall accuracy, with particularly poor performance in music, mathematics, and adversarial settings. Furthermore, the results indicate significant discrepancies between success on popular benchmarks and real-world multimodal understanding. We conclude that middle school-level tasks offer a meaningful and underutilized avenue for stress-testing VLMs, especially in non-English contexts. The dataset and evaluation protocol serve as a rigorous testbed to better understand and improve the visual and linguistic reasoning capabilities of future AI systems.

Wer sich mit medizinrechtlichen Fragestellungen befasst, wird unweigerlich früher oder später auf das umfassende Wirken von Dr. Rudolf Ratzel stoßen. Denn schon zu Zeiten, als es das heute so dynamische Rechtsgebiet „Medizinrecht“ nicht einmal terminologisch gab, war er der Sache nach längst in diesem Bereich anwaltlich sowie als Autor von Fachveröffentlichungen tätig. Die Festschrift versammelt Beiträge in der ganzen Bandbreite des Medizinrechts. Sie zeugt in etwa so von „Medizinrecht von A-Z“ wie Dr. Ratzel und sein berufliches Schaffen selbst. 

Background

Traumatic brain injury (TBI) is one of the most important pediatric conditions worldwide. In Germany, hospitalization rates for mild TBI drastically exceed hospitalization rates from similar healthcare systems.

Methods

The SaVeBRAIN.Kids trial will implement and test a novel care pathway (nCP) for evidence-based standardized risk assessment, structured observation in the emergency department (ED) for several hours, and technology-supported home monitoring with the aim to reduce hospitalizations. This non-inferiority multicenter study will be carried out using a cluster-randomized stepped-wedge design, with all centers starting in the control phase and sequentially transitioning to the intervention. Eligible participants (age ≥ 3 months and < 18 years) must present within 48 h of head injury, have minimal symptoms (Glasgow coma scale ≥ 14), and no risk factors for intracranial complications. The co-primary outcomes are the relative risk of hospitalization and the proportion of unplanned re-visits within 72 h of presentation to the ED for ambulatory cases. Secondary outcomes include clinical safety measures, cost-effectiveness, and process evaluation. Based on power calculations (α = 0.05, power = 0.9), 1390 patients will be recruited over 12 months.

Discussion

 The SaVeBRAIN.Kids trial addresses a relevant healthcare challenge by testing a new approach to pediatric mild TBI management in Germany. It aligns with current evidence while accounting for the country’s specific healthcare context. If successful, the intervention could substantially reduce unnecessary hospitalizations and free inpatient capacities while preserving patient safety.

Trial registration

German Clinical Trials Registry (DRKS00035623). Registered on January 21, 2025.

Antikörper gegen CGRP oder seinen Rezeptor (Eptinezumab, Erenumab, Fremanezumab, Galcanezumab, im Folgenden: „CGRP(R)-Antikörper“) sind moderne, spezifische Migräneprophylaktika, die im GKV-Bereich nur für therapierefraktäre Patienten erstattungsfähig sind. Hier wurde untersucht, welchen Effekt diese Regelung auf die Auswahl der behandelten Patienten hat und wie sich die Neubewertung von Erenumab durch den Gemeinsamen Bundesausschuss ab Oktober 2022 ausgewirkt hat.

Diese Studie untersucht den Einsatz von Virtual Reality (VR) zur Verbesserung von Erste-Hilfe-Kompetenzen. In einem immersiven VR-Training wurden realitätsnahe Notfallszenarien – etwa stark blutende Wunden oder Brandverletzungen – simuliert, um prozedurales Wissen, Selbstwirksamkeit und Transferfähigkeit der Teilnehmenden zu fördern. Die Teilnehmenden durchliefen vor und nach dem VR-Training standardisierte Tests und Fragebögen, um Veränderungen im Wissen, der Selbstwirksamkeit und der Transferfähigkeit systematisch zu erfassen. Die Ergebnisse zeigen signifikante Lernzuwächse in allen Bereichen – insbesondere ein gestärktes Vertrauen in das eigene Handeln sowie eine höhere Sicherheit im Umgang mit nicht direkt trainierten Szenarien. Die hohe Immersion wurde von den Teilnehmenden als realitätsnah empfunden und trug zur emotionalen Aktivierung und nachhaltigen Verankerung des Gelernten bei. Damit liefert die Arbeit einen fundierten empirischen Nachweis, dass VR-gestütztes Training eine effektive und praxisnahe Ergänzung zu klassischen Erste-Hilfe-Kursen darstellt – insbesondere zur Auffrischung und für Zielgruppen mit hohem Trainingsbedarf.

This study explores a simulation-based approach to improve machine availability in a manufacturing environment by integrating Smart Manufacturing principles and sensor-based modeling. Focusing on the case study of a paper envelope production line in a manufacturing plant in Peru, the study applies SIMIO software to simulate and compare two operational scenarios: the existing configuration without sensors and a proposed configuration with predictive sensors. In addition, the impact of unscheduled interruptions of the cutting machine on production was analyzed. Post-SIMIO simulation, real-world machine testing yielded a mean time between failures (MTBF) of 11.5 hours, a mean time to repair (MTTR) of 52 minutes, 78.5% operational availability, and an average daily output of 5400 envelopes. Simulating sensor detection of paper jams, blade breakage, and misalignment resulted in 92.3% availability in the enhanced scenario. This represents a notable improvement of 13.8% compared to the real-world scenario. These findings demonstrate that SIMIO's digital modelling and sensor-based predictive techniques can boost production capacity, decrease downtime, and increase machine availability without transforming the physical system. This study emphasizes the importance of simulation and smart manufacturing in optimizing industrial performance and reducing costs. 

We explored perceptual and aesthetic effects of repetition, variation, and deviation in visual structures. Based on previous findings in aesthetics research, we hypothesized that non-obvious order or complex variations of shape or color stimulate perception and potentially evoke interest. People trained in design or fine arts created six sets of visual structures, each on a 6x6 grid by a) repetition of a module consisting of four dark-grey elements (two rectangles and two triangles), b) variation through systematic rotation of the module, and c) deviation from this ordered variation by altering one element of each module. Furthermore, they varied color by replacing one element in each module of each structure with a light-grey element. Another group rated these images block-wise in randomized order on liking, interest, powerfulness of affect, and obviousness of order on a 7-point-scale. In addition, we collected responses to an open question regarding the individual focus when rating powerfulness of affect and we asked for each person’s background and interest in art and design. Visual structures appeared most interesting and powerful to participants when they showed a systematic variation (b) compared to a repetition of the modules (a) or a deviation from order (c). Images gained higher liking ratings the more obviously ordered they appeared, whereas obviousness of order played a less clear role for powerfulness of affect and showed no significant effect on interest evaluations. Color variations had no overall positive aesthetic effect. In response to our open question, some participants reported that they experienced less powerfulness of affect when elements showed a simple order but also when they appeared to be arranged arbitrarily. Future studies could assess how intentional a structure appears; this could apply not only to ordered structures, but also to apparently deliberate deviations from order.

Abstract

This work presents detailed 3D modelling and simulation of the mechanical effects induced by lightning strikes in protected carbon fibre-reinforced polymer laminates. Firstly, physically based models that represent the mechanical overpressure that results from a lightning strike are revisited. In particular, this paper compares the implementation of an analytical strong shock wave approximation with the solutions obtained from computational fluid dynamics (CFD), considering different equations of state, to represent the supersonic expansion of the hot plasma channel when simulating the mechanical damage induced by lightning strikes. The assessment of the pressure profiles, the numerical predictions of the displacement and velocity fields and the analysis of the predicted damage maps show that, for two lightning protection layers, the effects of the supersonic plasma expansion loads obtained from the strong shock wave approximation compare reasonably well with those obtained from CFD, independently of the equation of state solved numerically. Subsequently, the predictions of the 3D modelling strategy of the mechanical response of composite laminates subjected to lightning strike employing the strong shock wave approximation are compared with mechanical deformation measurements obtained from lab-scale lightning test results. Accurate deflection and out-of-plane velocity fields are predicted, validating the 3D modelling strategy. Moreover, the predicted damage maps correlate well with the (bulk) damage identified by C-scan (considering only the damaged area below the second ply).