From owner-freebsd-questions@freebsd.org  Mon Aug  6 00:01:44 2018
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 240FE1062CD0
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon,  6 Aug 2018 00:01:44 +0000 (UTC)
 (envelope-from freebsd.ed.lists@sumeritec.com)
Received: from mx18-out11.antispamcloud.com (mx18-out11.antispamcloud.com
 [207.244.64.180])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 7F3A37DDD3
 for <freebsd-questions@freebsd.org>; Mon,  6 Aug 2018 00:01:40 +0000 (UTC)
 (envelope-from freebsd.ed.lists@sumeritec.com)
Received: from [153.92.8.106] (helo=srv31.niagahoster.com)
 by mx15.antispamcloud.com with esmtpsa
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89)
 (envelope-from <freebsd.ed.lists@sumeritec.com>)
 id 1fmSbg-0007Hv-EA; Mon, 06 Aug 2018 01:38:42 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sumeritec.com; s=default; h=Content-Transfer-Encoding:Content-Type:
 MIME-Version:References:In-Reply-To:Message-ID:Subject:Cc:To:From:Date:Sender
 :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From:
 Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:
 List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=vZEZ09A/vDb10RZH4/j+BJuRYsXN0xHMYgOImPQMrTs=; b=bUeEffMwU88z71StqNCByvCkN3
 PKKjKmWeQ374p1QFhbeQ8CF36GfbUM97UyzYf9PKQ2xXghwe3HrOWou0XBYfe00JG78Hn0FogwkZr
 dLQrtDCRaW9IE5bDD4RH8G/3K+dFMbebcgRPLUm2oEi2sJgsBM+DBh/cwfpqVYbUoZaNo1e+MY+3M
 x2sP6JhwfMGXA6x5uLzDZuMgArjxs30x/fN3MixfgtZFG9XPPQAs1BDKLGiHE/YrnsI2QM/WNSw5F
 rY8CLTudi0cLRN19SXoHhvWzo4OnJ5dasoqlpcJdO7VjnPUuwLtqZ6jfyeN+okbp6jV/CR0JBcB6Q
 IUkustuA==;
Received: from [114.125.101.37] (port=62888 helo=X220.sumeritec.com)
 by srv31.niagahoster.com with esmtpsa
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91)
 (envelope-from <freebsd.ed.lists@sumeritec.com>)
 id 1fmSal-0004M1-L1; Mon, 06 Aug 2018 06:37:49 +0700
Date: Mon, 6 Aug 2018 07:37:38 +0800
From: Erich Dollansky <freebsd.ed.lists@sumeritec.com>
To: "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
Cc: "thor" <thor@irk.ru>, John Levine <johnl@iecc.com>,
 freebsd-questions@freebsd.org
Subject: Re: Erase memory on shutdown
Message-ID: <20180806073738.6f459398.freebsd.ed.lists@sumeritec.com>
In-Reply-To: <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu>
References: <20180805150241.1E186200349F8E@ary.qy>
 <4e70e969-14f7-c65d-96d2-dd1610499cd0@irk.ru>
 <63033.108.68.162.197.1533484522.squirrel@cosmo.uchicago.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-OutGoing-Spam-Status: No, score=-1.0
X-AuthUser: freebsd.ed.lists@sumeritec.com
X-Originating-IP: 153.92.8.106
X-AntiSpamCloud-Domain: out.niagahoster.com
X-AntiSpamCloud-Username: niaga
Authentication-Results: antispamcloud.com;
 auth=pass (login) smtp.auth=niaga@out.niagahoster.com
X-AntiSpamCloud-Outgoing-Class: unsure
X-AntiSpamCloud-Outgoing-Evidence: Combined (0.18)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5k18NKsG0bJTCL6LQKbVBzR602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx
 q3u0UDjvO4tahSjmvbpC6SffUwszkaQoekHjgdN0MN/R//OL2klI6QfZqUsLgaNU4fx2d2P+zoAO
 KI1ohvD3kl+HA2eBxziLgKiJBYOdvwgXXOy76+xU6wfg8vT+XAnJl/ojPOy5amqklkdwrUfTBCKW
 oHQemSw6SjyPDLFObViUDdwIjZscPvAIAMvPzDIKitdp0Mier18I6FsEm9Qm8gzENkQDVyjp6iWL
 0YXvV/td8dqrVBZRfup71SJSX9zQUdHLM9BT4x4lKI+w0u4tRdvwMI3/1UZhXvWmHmSFwby0zKpf
 dCnuNFR+qm8qpsZIXWJsDNfzuDVcbwW2vZRbwlTsaou4YdmAy4ttVo5hfg1RuA36kfDFTDPE+/o6
 V5hyODMBsh5sWG4kgtLz+aqG1Sh64ItoIsiFoLZMmkWsaurVZfvqROaDnDtHb8z5dpPkEuJ8Snwq
 lUrBK2R/GBg9vCpMGFHw53Fr4cNy1JnJbwJHzU/ilAIU0bm2vWdo8usP65i82q1CdZgGrpL44wdx
 9eXqjQjbvUopOMQJvQ/Ck3iiU+4DQAj3GNzuDYShTgJXRSnxjodGfg8pcALCO6t79EHseB4MPsfT
 5z1aUDmARVoXNcQpQ3gQ8L19+xsR5GnyndnCG481YPoZ7DiMfbbrbhteoOPScTpuxByiWUpvbkf1
 geplb5dFElW4He62UK36cJgZsodAVWlOy+ZEjcSikqflWGK4H7sZ45M2CZNXCLi0s8OXu4ziZp+O
 yVb6/hXcl/gtvrzbLmbjO41FyBEqIaDudcVplPHk4V0BuG2Fe3G6qvOdkPYIiZG7a8YemdKrbDJV
 Q8g9ALl7ifFHkyaAMXn44Jcv0MTQphP3lFBPIlXFywfcSXgU3jR5NeVaJQBh0uawl0Cg8kc29B8C
 MgOm1ds1Ktp2dLRmqbSY50+XUt5RM2aRi0FOhMAP+Vqo0mDOjOjMahxwmpVeOGYnG/Abl3llRaIJ
 yDF7Om4j0ggKwIoD+nrq/t+H
X-Report-Abuse-To: spam@quarantine1.antispamcloud.com
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Aug 2018 00:01:44 -0000

Hi,

On Sun, 5 Aug 2018 10:55:22 -0500 (CDT)
"Valeri Galtsev" <galtsev@kicp.uchicago.edu> wrote:

> On Sun, August 5, 2018 10:26 am, thor wrote:
> > https://en.wikipedia.org/wiki/Cold_boot_attack
> >  
> 
> The trouble is that erasing RAM on clean shutdown does not prevent the
> attacker in the attack as above from still successfully perform the

so, ECC is also here the only possible answer, at least for parts of it.

Still, erasing memory when shutting down helps in some cases. I do this
on my machines for small parts when a shutdown is detected. It makes at
least the most obvious attacks from that side difficult.

Erich