Date: Sun, 24 Feb 2008 00:34:53 +0100 From: Dimitry Andric <dimitry@andric.com> To: Atom Smasher <atom@smasher.org> Cc: hackers@freebsd.org, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: Security Flaw in Popular Disk Encryption Technologies Message-ID: <47C0AD9D.2070701@andric.com> In-Reply-To: <20080223010856.7244.qmail@smasher.org> References: <20080223010856.7244.qmail@smasher.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2008-02-23 02:08, Atom Smasher wrote: > article below. does anyone know how this affects eli/geli? > > from the geli man page: "detach - Detach the given providers, which means > remove the devfs entry and clear the keys from memory." does that mean > that geli properly wipes keys from RAM when a laptop is turned off? This is a physical attack, and there's nothing you can do in software to prevent it. Of course geli or other software can attempt to erase the keys from RAM as soon as it's done using them, but it won't prevent hijacking them beforehand. It's the same with all physical attacks: hardware sniffers, keyloggers, TEMPEST, etc. You need physical (hardware) protection to secure against these, not software.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47C0AD9D.2070701>