From owner-freebsd-security Tue Oct 14 18:14:02 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA02418 for security-outgoing; Tue, 14 Oct 1997 18:14:02 -0700 (PDT) (envelope-from owner-freebsd-security) Received: from dworkin.amber.org (petrilli@dworkin.amber.org [209.31.146.74]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA02411 for ; Tue, 14 Oct 1997 18:13:51 -0700 (PDT) (envelope-from petrilli@amber.org) Received: from localhost (petrilli@localhost) by dworkin.amber.org (8.8.7/8.8.7) with SMTP id VAA12961; Tue, 14 Oct 1997 21:13:53 -0400 (EDT) Date: Tue, 14 Oct 1997 21:13:53 -0400 (EDT) From: "Christopher G. Petrilli" To: Mike Smith cc: Wes Peters , Terry Lambert , security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? In-Reply-To: <199710150043.KAA00590@word.smith.net.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Wed, 15 Oct 1997, Mike Smith wrote: > > And besides, zero-filling memory isn't sufficient, it has to be > > overwritten a number of times to make sure now residual information can > > be obtained. These standards date back to core and even mercury-wire > > memory. Yes, I've actually worked with computers that feature *both* in > > my career. ;^) > > If you can suggest how one goes about obtaining "residual" information > from a saturated logic device in a synchronous memory subsystem, I'd be > very interested in hearing it. > > Or is this more specification paranoia? I will note that IBM recently release an analysis of smart-card designs that involved the use of residual memory imprints for recoverying private key information. I can find the references if you want. In addition, ifg you will search thru the patent database, you will find that the NSA holds about 40-50 patents in "data recovery" techniques. WHile it's not cheap, there are quantum residuals left behind in all environments which are measurable. That having been said, the pattern is more important on magnetic media, rather than DRAM. But I say use it all the time. In fact there is a specific set of 8 bit numbers that are tto be written in a specific order that are designed to exercise the memory in a specific pattern. I can get these if people are interested. Chris