Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 5 Aug 2018 10:55:22 -0500 (CDT)
From:      "Valeri Galtsev" <>
To:        "thor" <>
Cc:        "John Levine" <>,
Subject:   Re: Erase memory on shutdown
Message-ID:  <>
In-Reply-To: <>
References:  <20180805150241.1E186200349F8E@ary.qy> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Sun, August 5, 2018 10:26 am, thor wrote:

The trouble is that erasing RAM on clean shutdown does not prevent the
attacker in the attack as above from still successfully perform the
attack. Erasing memory can [only] be designed as a part of clean shutdown.
The attack above easily bypasses it just by yanking the power cord, and
then cold booting off removable medium.

As it was repeated forever: the security begins with physical security of
the machine. The last prevents attacker from physical access to the
machine. As someone was saying "nothing can stop the guy with the
screwdriver" (not quite true, but pretty close).

Another route could be encryption of RAM on-the-fly while system runs, yet
it is questionable where the encryption key itself is kept to be
unaccessible for the attacker in the attack above, and boot of such system
may require warm body present.


> On 08/05/18 23:02, John Levine wrote:
>> In article <> you write:
>>> Hello!
>>> Just one paranoid question: How to cause FreeBSD to zero all RAM during
>>> shutdown?
>> On modern computers, turning the power off should do the trick.
> _______________________________________________
> mailing list
> To unsubscribe, send any mail to
> ""

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

Want to link to this message? Use this URL: <>