Date: Mon, 6 Aug 2018 15:43:45 +0200 From: Polytropon <freebsd@edvax.de> To: galtsev@kicp.uchicago.edu Cc: "Erich Dollansky" <freebsd.ed.lists@sumeritec.com>, John Levine <johnl@iecc.com>, thor <thor@irk.ru>, freebsd-questions@freebsd.org Subject: Re: Erase memory on shutdown Message-ID: <20180806154345.3243e993.freebsd@edvax.de> In-Reply-To: <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu> References: <20180805150241.1E186200349F8E@ary.qy> <4e70e969-14f7-c65d-96d2-dd1610499cd0@irk.ru> <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu> <20180806073738.6f459398.freebsd.ed.lists@sumeritec.com> <57043.108.68.162.197.1533514207.squirrel@cosmo.uchicago.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 5 Aug 2018 19:10:07 -0500 (CDT), Valeri Galtsev wrote: > > On Sun, August 5, 2018 6:37 pm, Erich Dollansky wrote: > > Hi, > > > > On Sun, 5 Aug 2018 10:55:22 -0500 (CDT) > > "Valeri Galtsev" <galtsev@kicp.uchicago.edu> wrote: > > > >> On Sun, August 5, 2018 10:26 am, thor wrote: > >> > https://en.wikipedia.org/wiki/Cold_boot_attack > >> > > >> > >> The trouble is that erasing RAM on clean shutdown does not prevent the > >> attacker in the attack as above from still successfully perform the > > > > so, ECC is also here the only possible answer, at least for parts of it. > > > > Still, erasing memory when shutting down helps in some cases. I do this > > on my machines for small parts when a shutdown is detected. It makes at > > least the most obvious attacks from that side difficult. > > Please, correct me if I am wrong in the following: > > If the attacker yanks off the power cord, then cold boots off his media, > your defense/erasure of memory does not protect you against this attack. > Right? Your defense only helps if the attacker does clean shutdown. Right? Clearing memory at shutdown time won't happen when shutdown time doesn't take place. Many cold boot attacks rely on surprisingly (!) interrupting the power, which implies physical access, and then booting from a custom media, so even clearing memory at startup time doesn't happen. All those precautions only work when physical access is taken out of consideration. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180806154345.3243e993.freebsd>